Filtering (#25)

* Hacky solution to fix filtering * Update SDK and use HTTPQL api to filter reuqests
caido-community · Nov 3, 2024 · 6456d8b · 6456d8b
1 parent 297ea90
commit 6456d8b
Show file tree

Hide file tree

Showing 6 changed files with 31 additions and 28 deletions.
diff --git a/packages/backend/package.json b/packages/backend/package.json
@@ -14,6 +14,6 @@
     "shared": "workspace:*"
   },
   "devDependencies": {
-    "@caido/sdk-backend": "0.42.0"
+    "@caido/sdk-backend": "0.43.1"
   }
 }
diff --git a/packages/backend/src/services/templates.ts b/packages/backend/src/services/templates.ts
@@ -92,6 +92,11 @@ export const onInterceptResponse = async (
   if (settings.autoCaptureRequests == "off") {
     return;
   }
+
+  if (!sdk.requests.matches(settings.defaultFilterHTTPQL, request)) {
+    sdk.console.log(`Filtering: ${request.getUrl()}`)
+    return;
+  }
 
   const templateId = generateTemplateId(request, settings.deDuplicateHeaders);
   if (store.templateExists(templateId)) {

diff --git a/packages/backend/src/stores/settings.ts b/packages/backend/src/stores/settings.ts
@@ -1,15 +1,21 @@
 import type { SettingsDTO } from "shared";
 
+const noStylingFilter: string = `req.ext.nlike:"%.css" AND req.ext.nlike:"%.woff" AND req.ext.nlike:"%.woff2" AND req.ext.nlike:"%.ttf" AND req.ext.nlike:"%.eot"`;
+const noImagesFilter: string = `req.ext.nlike:"%.apng" AND req.ext.nlike:"%.avif" AND req.ext.nlike:"%.gif" AND req.ext.nlike:"%.jpg" AND req.ext.nlike:"%.jpeg" AND req.ext.nlike:"%.pjpeg" AND req.ext.nlike:"%.pjp" AND req.ext.nlike:"%.png" AND req.ext.nlike:"%.svg" AND req.ext.nlike:"%.webp" AND req.ext.nlike:"%.bmp" AND req.ext.nlike:"%.ico" AND req.ext.nlike:"%.cur" AND req.ext.nlike:"%.tif" AND req.ext.nlike:"%.tiff"`;
+const noJSFilter: string = `req.ext.nlike:"%.js"`
+
 export class SettingsStore {
   private static _store?: SettingsStore;
 
   private settings: SettingsDTO;
 
+
   private constructor() {
     this.settings = {
       autoCaptureRequests: "off",
       autoRunAnalysis: true,
       deDuplicateHeaders: [],
+      defaultFilterHTTPQL: `(${noStylingFilter} AND ${noImagesFilter} AND ${noJSFilter})`,
     };
   }
 

diff --git a/packages/frontend/package.json b/packages/frontend/package.json
@@ -11,7 +11,7 @@
   },
   "dependencies": {
     "@caido/primevue": "0.1.1",
-    "@caido/sdk-frontend": "0.42.0",
+    "@caido/sdk-frontend": "0.43.1",
     "@fortawesome/fontawesome-free": "6.6.0",
     "@vueuse/core": "10.11.1",
     "pinia": "2.2.1",
@@ -20,7 +20,7 @@
     "vue": "3.4.37"
   },
   "devDependencies": {
-    "@caido/sdk-backend": "0.42.0",
+    "@caido/sdk-backend": "0.43.1",
     "@caido/tailwindcss": "0.0.1",
     "@codemirror/view": "6.28.1",
     "@vitejs/plugin-vue": "5.1.2",

diff --git a/packages/shared/src/types.ts b/packages/shared/src/types.ts
@@ -44,6 +44,7 @@ export type SettingsDTO = {
   autoCaptureRequests: "off" | "all" | "inScope";
   autoRunAnalysis: boolean;
   deDuplicateHeaders: string[];
+  defaultFilterHTTPQL: string;
 };
 
 export type UserAttributeDTO = {

diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml