Phillip Tarrant
693f7d67b9
- Add SSL/TLS intelligence pipeline:
- crt.sh lookup with expired-filtering and root-domain wildcard resolution
- live TLS version/cipher probe with weak/legacy flags and probe notes
- UI: card + matrix rendering, raw JSON toggle, and host/wildcard cert lists
- Front page: checkbox to optionally fetch certificate/CT data
- Introduce `URLNormalizer` with punycode support and typo repair
- Auto-prepend `https://` for bare domains (e.g., `google.com`)
- Optional quick HTTPS reachability + `http://` fallback
- Provide singleton via function-cached `@singleton_loader`:
- `get_url_normalizer()` reads defaults from Settings (if present)
- Standardize function-rule return shape to `(bool, dict|None)` across
`form_*` and `script_*` rules; include structured payloads (`note`, hosts, ext, etc.)
- Harden `FunctionRuleAdapter`:
- Coerce legacy returns `(bool)`, `(bool, str)` → normalized outputs
- Adapt non-dict inputs to facts (category-aware and via provided adapter)
- Return `(True, dict)` on match, `(False, None)` on miss
- Bind-time logging with file:line + function id for diagnostics
- `RuleEngine`:
- Back rules by private `self._rules`; `rules` property returns copy
- Idempotent `add_rule(replace=False)` with in-place replace and regex (re)compile
- Fix AttributeError from property assignment during `__init__`
- Replace hidden singleton factory with explicit builder + global state:
- `app/rules/factory.py::build_rules_engine()` builds and logs totals
- `app/state.py` exposes `set_rules_engine()` / `get_rules_engine()` as the SOF
- `app/wsgi.py` builds once at preload and publishes via `set_rules_engine()`
- Add lightweight debug hooks (`SS_DEBUG_RULES=1`) to trace engine id and rule counts
- Unify logging wiring:
- `wire_logging_once(app)` clears and attaches a single handler chain
- Create two named loggers: `sneakyscope.app` and `sneakyscope.engine`
- Disable propagation to prevent dupes; include pid/logger name in format
- Remove stray/duplicate handlers and import-time logging
- Optional dedup filter for bursty repeats (kept off by default)
- Gunicorn: enable `--preload` in entrypoint to avoid thread races and double registration
- Documented foreground vs background log “double consumer” caveat (attach vs `compose logs`)
- Jinja: replace `{% return %}` with structured `if/elif/else` branches
- Add toggle button to show raw JSON for TLS/CT section
- Consumers should import the rules engine via:
- `from app.state import get_rules_engine`
- Use `build_rules_engine()` **only** during preload/init to construct the instance,
then publish with `set_rules_engine()`. Do not call old singleton factories.
- New/changed modules (high level):
- `app/utils/urltools.py` (+) — URLNormalizer + `get_url_normalizer()`
- `app/rules/function_rules.py` (±) — normalized payload returns
- `engine/function_rule_adapter.py` (±) — coercion, fact adaptation, bind logs
- `app/utils/rules_engine.py` (±) — `_rules`, idempotent `add_rule`, fixes
- `app/rules/factory.py` (±) — pure builder; totals logged post-registration
- `app/state.py` (+) — process-global rules engine
- `app/logging_setup.py` (±) — single chain, two named loggers
- `app/wsgi.py` (±) — preload build + `set_rules_engine()`
- `entrypoint.sh` (±) — add `--preload`
- templates (±) — TLS card, raw toggle; front-page checkbox
Closes: flaky rule-type warnings, duplicate logs, and multi-worker race on rules init.
160 lines
3.8 KiB
HTML
160 lines
3.8 KiB
HTML
{% extends 'base.html' %}
|
|
{% block content %}
|
|
|
|
<!-- Analysis Form -->
|
|
<form id="analyze-form" method="post" action="{{ url_for('main.analyze') }}" class="card">
|
|
<h2>Analyze a URL</h2>
|
|
<label for="url">Enter a URL to analyze</label>
|
|
<input id="url" name="url" type="url" placeholder="https://example.com" required />
|
|
|
|
<!-- toggle for pulling ssl/cert data -->
|
|
<label class="checkbox-row">
|
|
<input type="checkbox" name="fetch_ssl" value="1">
|
|
Pull SSL/TLS data (crt.sh + version probe) - Warning, crt.sh can be <b>very slow</b> at times
|
|
</label>
|
|
|
|
<button type="submit">Analyze</button>
|
|
</form>
|
|
|
|
<!-- Recent Results (optional; shown only if recent_results provided) -->
|
|
{% if recent_results %}
|
|
<div class="card" id="recent-results">
|
|
<h2>Recent Results</h2>
|
|
<table class="results-table">
|
|
<thead>
|
|
<tr>
|
|
<th>Timestamp</th>
|
|
<th>URL</th>
|
|
<th>UUID</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
{% for r in recent_results %}
|
|
<tr>
|
|
<td class="timestamp">
|
|
{% if r.timestamp %}
|
|
{{ r.timestamp }}
|
|
{% else %}
|
|
N/A
|
|
{% endif %}
|
|
</td>
|
|
<td class="url">
|
|
<a href="{{ url_for('main.view_result', run_uuid=r.uuid) }}">
|
|
{{ r.final_url or r.submitted_url }}
|
|
</a>
|
|
</td>
|
|
<td class="uuid">
|
|
<code id="uuid-{{ loop.index }}">{{ r.uuid }}</code>
|
|
<button
|
|
type="button"
|
|
class="copy-btn"
|
|
data-target="uuid-{{ loop.index }}">
|
|
📋
|
|
</button>
|
|
</td>
|
|
</tr>
|
|
{% endfor %}
|
|
</tbody>
|
|
</table>
|
|
|
|
</div>
|
|
{% endif %}
|
|
|
|
<!-- Spinner Modal -->
|
|
<div id="spinner-modal" style="
|
|
display:none;
|
|
opacity:0;
|
|
position:fixed;
|
|
top:0;
|
|
left:0;
|
|
width:100%;
|
|
height:100%;
|
|
background:rgba(0,0,0,0.7);
|
|
color:#fff;
|
|
font-size:1.5rem;
|
|
text-align:center;
|
|
padding-top:20%;
|
|
z-index:9999;
|
|
transition: opacity 0.3s ease;
|
|
">
|
|
<div>
|
|
<div class="loader" style="
|
|
border: 8px solid #f3f3f3;
|
|
border-top: 8px solid #1a2535;
|
|
border-radius: 50%;
|
|
width: 60px;
|
|
height: 60px;
|
|
animation: spin 1s linear infinite;
|
|
margin: 0 auto 1rem auto;
|
|
"></div>
|
|
Analyzing website…
|
|
</div>
|
|
</div>
|
|
|
|
<style>
|
|
@keyframes spin {
|
|
0% { transform: rotate(0deg); }
|
|
100% { transform: rotate(360deg); }
|
|
}
|
|
</style>
|
|
{% endblock %}
|
|
|
|
{% block page_js %}
|
|
|
|
<script>
|
|
const form = document.getElementById('analyze-form');
|
|
const modal = document.getElementById('spinner-modal');
|
|
|
|
function showModal() {
|
|
modal.style.display = 'block';
|
|
requestAnimationFrame(() => {
|
|
modal.style.opacity = '1';
|
|
});
|
|
}
|
|
|
|
function hideModal() {
|
|
modal.style.opacity = '0';
|
|
modal.addEventListener('transitionend', () => {
|
|
modal.style.display = 'none';
|
|
}, { once: true });
|
|
}
|
|
|
|
// Hide spinner on initial load / back navigation
|
|
window.addEventListener('pageshow', () => {
|
|
modal.style.opacity = '0';
|
|
modal.style.display = 'none';
|
|
});
|
|
|
|
form.addEventListener('submit', (e) => {
|
|
showModal();
|
|
// Prevent double submission
|
|
form.querySelector('button').disabled = true;
|
|
|
|
// Allow browser to render the modal before submitting
|
|
requestAnimationFrame(() => form.submit());
|
|
e.preventDefault();
|
|
});
|
|
</script>
|
|
|
|
<script>
|
|
document.addEventListener('DOMContentLoaded', () => {
|
|
const buttons = document.querySelectorAll('.copy-btn');
|
|
buttons.forEach(btn => {
|
|
btn.addEventListener('click', () => {
|
|
const targetId = btn.getAttribute('data-target');
|
|
const uuidText = document.getElementById(targetId).innerText;
|
|
|
|
navigator.clipboard.writeText(uuidText).then(() => {
|
|
// Give quick feedback
|
|
btn.textContent = '✅';
|
|
setTimeout(() => { btn.textContent = '📋'; }, 1500);
|
|
}).catch(err => {
|
|
console.error('Failed to copy UUID:', err);
|
|
});
|
|
});
|
|
});
|
|
});
|
|
</script>
|
|
|
|
{% endblock %}
|