1
# frozen_string_literal: true
2

3
module WPScan
4
  module Finders
5
    module MainTheme
6
      # From the CSS style in the homepage
7
      class CssStyleInHomepage < CMSScanner::Finders::Finder
8
        include Finders::WpItems::UrlsInPage # To have the item_code_pattern method available here
9

10
        def create_theme(slug, style_url, opts)
11
          Model::Theme.new(
12
            slug,
13
            target,
14
            opts.merge(found_by: found_by, confidence: 70, style_url: style_url)
15
          )
16
        end
17

18
        def passive(opts = {})
19
          passive_from_css_href(target.homepage_res, opts) || passive_from_style_code(target.homepage_res, opts)
20
        end
21

22
        def passive_from_css_href(res, opts)
23
          target.in_scope_uris(res, '//link/@href[contains(., "style.css")]') do |uri|
24
            next unless uri.path =~ %r{/themes/([^/]+)/style.css\z}i
25

26
            return create_theme(Regexp.last_match[1], uri.to_s, opts)
27
          end
28
          nil
29
        end
30

31
        def passive_from_style_code(res, opts)
32
          res.html.css('style').each do |tag|
33
            code = tag.text.to_s
34
            next if code.empty?
35

36
            next unless code =~ %r{#{item_code_pattern('themes')}\\?/style\.css[^"'( ]*}i
37

38
            return create_theme(Regexp.last_match[1], Regexp.last_match[0].strip, opts)
39
          end
40
          nil
41
        end
42
      end
43
    end
44
  end
45
end
46

47