Add an API interface for other programs to use

common/corscheck.py

@@ -12,6 +12,8 @@
 import urllib3
 urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
 
+from threading import Thread
+
 class CORSCheck:
     """docstring for CORSCheck"""
     url = None
@@ -271,3 +273,29 @@ def check_one_by_one(self):
             if(func()): break 
 
         return self.result
+
+    def check_all_in_parallel(self):
+        functions = [
+            'test_reflect_origin',
+            'test_prefix_match',
+            'test_suffix_match',
+            'test_trust_null',
+            'test_include_match',
+            'test_not_escape_dot',
+            'test_custom_third_parties',
+            'test_special_characters_bypass',
+            'test_trust_any_subdomain',
+            'test_https_trust_http',
+        ]
+
+        threads = []
+        for fname in functions:
+            func = getattr(self,fname)
+            t = Thread(target=func)
+            t.start()
+            threads.append(t)
+
+        for t in threads:
+            t.join()
+
+        return self.result

cors_scan.py

@@ -89,6 +89,14 @@ def scan(cfg, log):
             print(e)
             break
 
+def cors_check(url, headers=None):
+    # disable log
+    log = Log(None, print_level=4)
+    cfg = {"logger": log, "headers": headers}
+
+    cors_check = CORSCheck(url, cfg)
+    msg = cors_check.check_all_in_parallel()
+    return msg
 
 def main():
     init()

setup.py

@@ -4,7 +4,7 @@
 
 setup(
     name='cors',
-    version='0.9.5',
+    version='0.9.6',
     description='Fast CORS misconfiguration vulnerabilities scanner',
     long_description=open('README.md').read(),
     long_description_content_type='text/markdown',