Merge pull request #47 from gdgd009xcd/JOHANNESS241219

## [v0.8.16] - 2024-12-20

.github/workflows/main.yml

@@ -27,6 +27,8 @@ jobs:
       - name: add JAVA_HOME/bin to PATH
         run: |
           echo "$JAVA_HOME/bin" >> $GITHUB_PATH
+      - name: check java version
+        run: java --version
       - name: set env.ZAP_ADDON_BUILD_BIN_DIR
         run: |
           echo "ZAP_ADDON_BUILD_BIN_DIR=${{env.ZAP_ADDON_BUILD_DIR}}/bin" >> $GITHUB_ENV

README.md

@@ -94,7 +94,12 @@ This addon is 3rd party addon, so you must add this addon file to ZAPROXY manual
 1. restart zap(sorry, currently this addon does not work unless restart zap after install it.)
 
 ## how to use
-This is automatically called when you start active scannig after already installed default scanners.
+This is automatically called when you start active scannig after already installed default scanners.<br>
+If this addon look like doing nothing, you should check:<br> [Tools->Options->Active Scan Input Vectors] option panel.<br>
+If nothing is enabled in this options panel,<br>you may push [Reset to factory defaults] button or check on individually.
+
+![InputVectors](assets/images/activescaninputvectors.png)
+
 If you have any doubts whether this scanner is actually being called, you can import the [CustomScan.policy](CustomScan.policy) file. This policy forces the use of CustomScan when invoking active scan. using guide is follows:
 
 1) download [CustomScan.policy](CustomScan.policy)  

addOns/customactivescan/CHANGELOG.md

@@ -3,6 +3,10 @@ All notable changes to this add-on will be documented in this file.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
+## [v0.8.16] - 2024-12-20
+### Changed
+- maintenance: Tweaked codes to prepare for new java version and ubuntu 24.04
+
 ## [v0.8.15] - 2024-12-17
 ### Changed
 - maintenance: Code was changed to prepare for new java version and ubuntu 24.04

addOns/customactivescan/customactivescan.gradle.kts

@@ -1,7 +1,7 @@
 import org.zaproxy.gradle.addon.AddOnStatus
 
 
-version = "0.8.15"
+version = "0.8.16"
 description = "a Active Scanner with custmizable rules"
 
 val jar by tasks.getting(Jar::class) {

addOns/customactivescan/src/main/java/org/zaproxy/zap/extension/customactivescan/CustomSQLInjectionScanRule.java

@@ -133,7 +133,7 @@ public void init() {
                         SwingUtilities.invokeAndWait(new Runnable() {
                             @Override
                             public void run() {
-                                ScanLogPanelFrame frame = new ScanLogPanelFrame(flagResultItemArray, finalScannerId);
+                                ScanLogPanelFrame frame = ScanLogPanelFrame.newInstance(flagResultItemArray, finalScannerId);
                                 ExtensionAscanRules.registerScanLogPanelFrame(finalScannerId, frame);
                                 ascan.addScannerListener(new CustomScannerListener());
                                 frame.updateRequestCounter(0);

addOns/customactivescan/src/main/java/org/zaproxy/zap/extension/customactivescan/ExtensionAscanRules.java

@@ -131,7 +131,7 @@ public void hook(ExtensionHook hook) {
 			scannerIdWaitTimerMap = new ConcurrentHashMap<>();
 		}
 
-		this.mainWorkPanelTab = new MainWorkPanelTab(hook, this);
+		this.mainWorkPanelTab = MainWorkPanelTab.newInstance(hook, this);
 
 		hook
 				.getHookView()
@@ -141,7 +141,7 @@ public void hook(ExtensionHook hook) {
 		//hook.getHookMenu().addPopupMenuItem(getPopUpMenuInAlert());
 
 		// popUp item for ScanLogPanel.
-		hook.getHookMenu().addPopupMenuItem(new PopUpMenuItem(ScanLogPanel.class,"showMessage", cIcon));
+		hook.getHookMenu().addPopupMenuItem(PopUpMenuItem.newInstance(ScanLogPanel.class,"showMessage", cIcon));
 	}
 
 	private PopUpMenuInAlert getPopUpMenuInAlert() {

addOns/customactivescan/src/main/java/org/zaproxy/zap/extension/customactivescan/ParmGenBinUtil.java

@@ -7,7 +7,7 @@
 //
 // ByteArray
 //
-public final class ParmGenBinUtil {
+public class ParmGenBinUtil {
 
     private ByteArrayOutputStream bstream = null;
 
@@ -34,7 +34,7 @@ public int length() {
      * @param bin
      * @return
      */
-    public boolean concat(byte[] bin) {
+    public final boolean concat(byte[] bin) {
 
         if ((bin == null)) {
             return false;

addOns/customactivescan/src/main/java/org/zaproxy/zap/extension/customactivescan/ParmGenMacroTraceParams.java

@@ -1,6 +1,6 @@
 package org.zaproxy.zap.extension.customactivescan;
 
-public final class ParmGenMacroTraceParams {
+public class ParmGenMacroTraceParams {
     int scannerId = -1;
     private int tabIndex = -1; // Macro Request List tabindex in MacroBuilderUI
     private int selected_request = -1; // scan target request stepno in ParmGenMacroTrace stepno

addOns/customactivescan/src/main/java/org/zaproxy/zap/extension/customactivescan/view/AddFlagRegex.java

@@ -8,18 +8,35 @@
 import java.util.List;
 
 @SuppressWarnings("serial")
-public final class AddFlagRegex extends GridBagJDialog<String>{
+public class AddFlagRegex extends GridBagJDialog<String>{
     private JTextField regexPatternField;
     private JList<String> flagPatternList;
     private int selectedIndex = -1;
     private CustomScanMainPanel mainPanel;
 
+    /**
+     * default package private constructor
+     * this means that this class can be instantiated only in this package.
+     *
+     * @param mainPanel
+     * @param title
+     * @param modarityType
+     */
     AddFlagRegex(CustomScanMainPanel mainPanel, String title, ModalityType modarityType) {
         super(SwingUtilities.windowForComponent(mainPanel), title, modarityType, null, GridBagConstraints.HORIZONTAL, GridBagConstraints.NORTHEAST);
         postSuper(null);
         this.mainPanel = mainPanel;
     }
 
+    /**
+     * default package private constructor
+     * this means that this class can be instantiated only in this package.
+     *
+     * @param dialog
+     * @param mainPanel
+     * @param title
+     * @param modarityType
+     */
     AddFlagRegex(Dialog dialog, CustomScanMainPanel mainPanel, String title, ModalityType modarityType) {
         super(dialog, mainPanel, title, modarityType, null, GridBagConstraints.HORIZONTAL, GridBagConstraints.NORTHEAST);
         postSuper(null);

addOns/customactivescan/src/main/java/org/zaproxy/zap/extension/customactivescan/view/AddRuleDialog.java

@@ -10,7 +10,7 @@
 import java.awt.event.ItemEvent;
 
 @SuppressWarnings("serial")
-public final class AddRuleDialog extends GridBagJDialog<String> {
+public class AddRuleDialog extends GridBagJDialog<String> {
 
     private final static org.apache.logging.log4j.Logger LOGGER4J =
             org.apache.logging.log4j.LogManager.getLogger();
@@ -20,7 +20,14 @@ public final class AddRuleDialog extends GridBagJDialog<String> {
     JComboBox<String> ruleComboBox;
     JCheckBox scanLogCheckBox;
 
-
+    /**
+     * default package private constructor
+     * this means that this class can be instantiated only in this package.
+     *
+     * @param mainPanel
+     * @param title
+     * @param modalityType
+     */
     AddRuleDialog(CustomScanMainPanel mainPanel, String title, ModalityType modalityType) {
         super(SwingUtilities.windowForComponent(mainPanel), title, modalityType, null, GridBagConstraints.HORIZONTAL);
         postSuper(null);

addOns/customactivescan/src/main/java/org/zaproxy/zap/extension/customactivescan/view/AddRuleDialogByCopy.java

@@ -9,7 +9,7 @@
 import java.awt.event.ItemEvent;
 
 @SuppressWarnings("serial")
-public final class AddRuleDialogByCopy extends GridBagJDialog<String> {
+public class AddRuleDialogByCopy extends GridBagJDialog<String> {
 
     private final static org.apache.logging.log4j.Logger LOGGER4J =
             org.apache.logging.log4j.LogManager.getLogger();
@@ -21,7 +21,14 @@ public final class AddRuleDialogByCopy extends GridBagJDialog<String> {
     CustomScanJSONData.ScanRule sampleSQL;
     CustomScanJSONData.ScanRule samplePenTest;
 
-
+    /**
+     * default package private constructor
+     * this means that this class can be instantiated only in this package.
+     *
+     * @param mainPanel
+     * @param title
+     * @param modalityType
+     */
     AddRuleDialogByCopy(CustomScanMainPanel mainPanel, String title, ModalityType modalityType) {
         super(mainPanel, title, modalityType, null, GridBagConstraints.HORIZONTAL);
         postSuper(null);

addOns/customactivescan/src/main/java/org/zaproxy/zap/extension/customactivescan/view/ComboBoxCellEditor.java

@@ -8,6 +8,7 @@ public class ComboBoxCellEditor extends DefaultCellEditor {
 
     // celleditor's combobox. when input focus is given this cell, this combobox is appeared.
     // Only one has input focus at a time. Therefore, only one combobox object is sufficient.
+    // private static ModifyTypeComboBox modifyTypeComboBox = ModifyTypeComboBox.newInstance();
     private static ModifyTypeComboBox modifyTypeComboBox = new ModifyTypeComboBox();
     public ComboBoxCellEditor() {
         super(modifyTypeComboBox);

addOns/customactivescan/src/main/java/org/zaproxy/zap/extension/customactivescan/view/CustomJTable.java

@@ -2,7 +2,6 @@
 
 import javax.swing.*;
 import javax.swing.border.EtchedBorder;
-import javax.swing.border.LineBorder;
 import javax.swing.event.CellEditorListener;
 import javax.swing.event.ChangeEvent;
 import javax.swing.table.DefaultTableModel;
@@ -15,15 +14,14 @@
 import org.parosproxy.paros.Constant;
 import org.zaproxy.zap.extension.customactivescan.model.ModifyType;
 
-import static org.zaproxy.zap.extension.customactivescan.view.MyFontUtils.getScale;
-
 @SuppressWarnings("serial")
-public final class CustomJTable extends JTable implements CellEditorListener {
+public class CustomJTable extends JTable implements CellEditorListener {
     private final static org.apache.logging.log4j.Logger LOGGER4J =
             org.apache.logging.log4j.LogManager.getLogger();
     DefaultTableModel tableModel = null;
-    CustomScanMainPanel mainPanel;
-    JPopupMenu popupTableMenu;
+    private CustomScanMainPanel mainPanel;
+    private JPopupMenu popupTableMenu;
+    private JScrollPane scroller;
 
     private static final int[] columnSizes = {
             5,
@@ -49,11 +47,49 @@ public final class CustomJTable extends JTable implements CellEditorListener {
             Constant.messages.getString("customactivescan.CustomJTable.headerColumnNames.col6.tooltip.text")
     };
 
-    public CustomJTable(CustomScanMainPanel mainPanel, JScrollPane scroller, DefaultTableModel model) {
+    /**
+     * new instance method<br>
+     * you must define this in your extended classes for instantiation<br>
+     *
+     * @param mainPanel
+     * @param scroller
+     * @param model
+     * @return this object
+     */
+    public static CustomJTable newInstance(CustomScanMainPanel mainPanel, JScrollPane scroller, DefaultTableModel model) {
+         CustomJTable customJtable =  new CustomJTable(mainPanel, scroller, model);
+
+         // you must call buildXXX() method after instanciated this object.
+         return customJtable.buildCustomJTable();
+    }
+
+    /**
+     * Constructor for calling super class constructor.<br>
+     * Do not call this constructor directly for instantiating this class.<br>
+     * use newInstance() method instead.
+     *
+     * @param mainPanel
+     * @param scroller
+     * @param model
+     */
+    protected CustomJTable(CustomScanMainPanel mainPanel, JScrollPane scroller, DefaultTableModel model) {
         super(model);
-        this.setSelectionMode(ListSelectionModel.SINGLE_SELECTION);// you can select only 1 row at a time.
         this.tableModel = model;
         this.mainPanel = mainPanel;
+        this.scroller = scroller;
+    }
+
+    /**
+     * build this GUI.<br>
+     * you must call this method after creating this object.<br>
+     * See newInstace() method.
+     *
+     * @return this object
+     */
+    protected final CustomJTable buildCustomJTable() {
+        // you can select only 1 row at a time.
+        setSelectionMode(ListSelectionModel.SINGLE_SELECTION);
+
 
         scroller.setViewportView(this);
 
@@ -180,6 +216,8 @@ public void mouseExited(MouseEvent mouseEvent) {
 
             }
         });
+
+        return this;
     }
 
     @Override

addOns/customactivescan/src/main/java/org/zaproxy/zap/extension/customactivescan/view/CustomScanMainPanel.java

@@ -26,7 +26,7 @@
 import java.util.List;
 
 @SuppressWarnings("serial")
-public final class CustomScanMainPanel extends JPanel {
+public class CustomScanMainPanel extends JPanel {
     private final static org.apache.logging.log4j.Logger LOGGER4J =
             org.apache.logging.log4j.LogManager.getLogger();
 
@@ -47,6 +47,7 @@ public final class CustomScanMainPanel extends JPanel {
     JTextField minimumIdleTimeTextField;
     JTextField maximumIdleTimeTextField;
     JTextField requestCountTextField;
+    private boolean isBuildCalled = false;
 
     private MainWorkPanelTab mainWorkPanelTab = null;
 
@@ -56,13 +57,13 @@ private GridBagLayout getGridBagLayout() {
 
     public CustomScanMainPanel(MainWorkPanelTab mainWorkPanelTab) {
         super(new GridBagLayout());
-        buildPanel();
     }
 
     /**
-     * build panel contents.
+     * build panel contents.<br>
+     * you must call this method after creating this object.
      */
-    private void buildPanel() {
+    public final CustomScanMainPanel build() {
 
         GridBagLayout gridBagLayout = getGridBagLayout();
 
@@ -452,6 +453,8 @@ public void mouseExited(MouseEvent mouseEvent) {
         gridBagLayout.setConstraints(idleTimePanel, gbc);
         add(idleTimePanel);
 
+        this.isBuildCalled = true;
+        return this;
     }
 
     private void createRuleTable(CustomScanJSONData.ScanRule selectedScanRule) {
@@ -501,7 +504,7 @@ private void createRuleTable(CustomScanJSONData.ScanRule selectedScanRule) {
             } else {
                 ruleTypeLabel.setText("");
             }
-            JTable rulePatternTable = new CustomJTable(this, this.rulePatternScroller, defaultTableModel);
+            JTable rulePatternTable = CustomJTable.newInstance(this, this.rulePatternScroller, defaultTableModel);
             // disable column move(reordering)
             JTableHeader jtableHeader = rulePatternTable.getTableHeader();
             jtableHeader.setReorderingAllowed(false);
@@ -946,4 +949,13 @@ public void reflectScanLogPanelInputToMainPanel() {
         this.maximumIdleTimeTextField.setText(Integer.toString(selectedScanRule.getMaxIdleTime()));
     }
 
+    @Override
+    public void setVisible(boolean b) {
+        if (isBuildCalled) {
+            super.setVisible(b);
+        } else {
+            LOGGER4J.error("setVisible is called before build method is called.");
+            throw new RuntimeException("setVisible is called before build method is called.");
+        }
+    }
 }