2020-07-29 20:20:03 +08:00
|
|
|
*** Settings ***
|
|
|
|
|
Force Tags tsg_adc_wp adc_api proxy_policy
|
|
|
|
|
Library OperatingSystem
|
|
|
|
|
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
|
|
|
|
|
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
|
|
|
|
|
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
|
|
|
|
|
Resource ../../../02-Keyword/tsg_adc/FileOperation.robot
|
|
|
|
|
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
|
|
|
|
|
|
|
|
|
|
*** Variables ***
|
|
|
|
|
${url} /v1/policy/profile/hijackfiles
|
|
|
|
|
|
|
|
|
|
*** Test Cases ***
|
|
|
|
|
Proxy-Policy-hijack-00001
|
2020-08-10 19:07:01 +08:00
|
|
|
[Tags] fqdn完整匹配
|
2020-07-29 20:20:03 +08:00
|
|
|
Comment 创建fqdn
|
2020-08-06 18:39:36 +08:00
|
|
|
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$vator.tv
|
2020-07-29 20:20:03 +08:00
|
|
|
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建url
|
2020-08-06 18:39:36 +08:00
|
|
|
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=or.tv/news
|
2020-07-29 20:20:03 +08:00
|
|
|
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建hijack文件
|
|
|
|
|
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test.apk hijack {"isValid":1,"contentType":"application/vnd.android.package-archive","opAction":"add","profileName":"test1","contentName":"Create-Hijack Files-test.apk","profileId":null,"returnData":1}
|
|
|
|
|
${profiledId} Get From Dictionary ${response} profileId
|
|
|
|
|
Comment 创建拦截策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
Comment 创建hijack策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00001 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST,${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=2
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
insert_policyId_to_file1 hijack_profileId ${profiledId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId ${objectId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId39 ${objectId1}
|
|
|
|
|
insert_policyId_to_file1 intercept_hijack_policyId ${policyId1}
|
|
|
|
|
insert_policyId_to_file1 hijack_policyId ${policyId2}
|
|
|
|
|
|
|
|
|
|
Proxy-Policy-hijack-00002
|
2020-08-10 19:07:01 +08:00
|
|
|
[Tags] cat右匹配
|
2020-07-29 20:20:03 +08:00
|
|
|
Comment 创建fqdn
|
|
|
|
|
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*cruisecritic.com
|
|
|
|
|
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建url
|
|
|
|
|
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=cruiseto/
|
|
|
|
|
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建hijack文件
|
|
|
|
|
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
|
|
|
|
|
${profiledId} Get From Dictionary ${response} profileId
|
|
|
|
|
Comment Comment 创建拦截策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
Comment 创建hijack策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00002 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST,${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=2
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
insert_policyId_to_file1 hijack_profileId1 ${profiledId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId1 ${objectId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId40 ${objectId1}
|
|
|
|
|
insert_policyId_to_file1 intercept_hijack_policyId1 ${policyId1}
|
|
|
|
|
insert_policyId_to_file1 hijack_policyId1 ${policyId2}
|
|
|
|
|
|
|
|
|
|
Proxy-Policy-hijack-00003
|
2020-08-10 19:07:01 +08:00
|
|
|
[Tags] url4种匹配
|
2020-07-29 20:20:03 +08:00
|
|
|
Comment 创建fqdn
|
|
|
|
|
${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*vegas.com,*bytedance.com,*toutiao.com,*douyin.com
|
|
|
|
|
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建url
|
|
|
|
|
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=www.vegas.com/lasve*,$job.bytedance.com/society/product,*/ch/news_hot/,com/site/
|
|
|
|
|
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建hijack文件
|
|
|
|
|
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-1.exe hijack {"isValid":1,"contentType":"application/x-msdos-program","opAction":"add","profileName":"test2","contentName":"Create-Hijack Files-test-1.exe","profileId":null,"returnData":1}
|
|
|
|
|
${profiledId} Get From Dictionary ${response} profileId
|
|
|
|
|
Comment Comment 创建拦截策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
Comment 创建hijack策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00003 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=2
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
insert_policyId_to_file1 hijack_profileId2 ${profiledId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId2 ${objectId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId3 ${objectId1}
|
|
|
|
|
insert_policyId_to_file1 intercept_hijack_policyId2 ${policyId1}
|
|
|
|
|
insert_policyId_to_file1 hijack_policyId2 ${policyId2}
|
|
|
|
|
|
|
|
|
|
Proxy-Policy-hijack-00004
|
2020-08-10 19:07:01 +08:00
|
|
|
[Tags] 请求头左匹配
|
2020-07-29 20:20:03 +08:00
|
|
|
Comment 创建fqdn
|
|
|
|
|
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*huoshan.com
|
|
|
|
|
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建url
|
|
|
|
|
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=greenlive
|
|
|
|
|
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建请求头
|
|
|
|
|
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent
|
|
|
|
|
${rescode} ${objectId2} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建hijack文件
|
|
|
|
|
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
|
|
|
|
|
${profiledId} Get From Dictionary ${response} profileId
|
|
|
|
|
Comment 创建拦截策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
Comment 创建hijack策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00004 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL,${objectId2}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=2
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
insert_policyId_to_file1 hijack_profileId3 ${profiledId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId4 ${objectId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId5 ${objectId1}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId6 ${objectId2}
|
|
|
|
|
insert_policyId_to_file1 intercept_hijack_policyId3 ${policyId1}
|
|
|
|
|
insert_policyId_to_file1 hijack_policyId3 ${policyId2}
|
|
|
|
|
|
|
|
|
|
Proxy-Policy-hijack-00005
|
2020-08-10 19:07:01 +08:00
|
|
|
[Tags] 请求头完整匹配
|
2020-07-29 20:20:03 +08:00
|
|
|
Comment 创建fqdn
|
|
|
|
|
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.ixigua.com
|
|
|
|
|
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建url
|
|
|
|
|
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=channel/dianying/
|
|
|
|
|
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建请求头
|
|
|
|
|
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36|User-Agent
|
|
|
|
|
${rescode} ${objectId2} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建hijack文件
|
|
|
|
|
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-5.png hijack {"isValid":1,"contentType":"image/png","opAction":"add","profileName":"test4","contentName":"Create-Hijack Files-test-5.png","profileId":null,"returnData":1}
|
|
|
|
|
${profiledId} Get From Dictionary ${response} profileId
|
|
|
|
|
Comment 创建拦截策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
Comment 创建hijack策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00005 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL,${objectId2}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=2
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
insert_policyId_to_file1 hijack_profileId4 ${profiledId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId7 ${objectId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId8 ${objectId1}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId9 ${objectId2}
|
|
|
|
|
insert_policyId_to_file1 intercept_hijack_policyId4 ${policyId1}
|
|
|
|
|
insert_policyId_to_file1 hijack_policyId4 ${policyId2}
|
|
|
|
|
|
|
|
|
|
Proxy-Policy-hijack-00006
|
2020-08-10 19:07:01 +08:00
|
|
|
[Tags] 请求头字串匹配
|
2020-07-29 20:20:03 +08:00
|
|
|
Comment 创建fqdn
|
|
|
|
|
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.dcdapp.com
|
|
|
|
|
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建url
|
|
|
|
|
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=dongchediapp
|
|
|
|
|
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建请求头
|
|
|
|
|
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=AppleWebKit|User-Agent
|
|
|
|
|
${rescode} ${objectId2} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建hijack文件
|
|
|
|
|
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-4.jpeg hijack {"isValid":1,"contentType":"image/jpeg","opAction":"add","profileName":"test5","contentName":"Create-Hijack Files-test-4.jpeg","profileId":null,"returnData":1}
|
|
|
|
|
${profiledId} Get From Dictionary ${response} profileId
|
|
|
|
|
Comment 创建拦截策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
Comment 创建hijack策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00006 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL,${objectId2}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=2
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
insert_policyId_to_file1 hijack_profileId5 ${profiledId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId10 ${objectId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId11 ${objectId1}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId12 ${objectId2}
|
|
|
|
|
insert_policyId_to_file1 intercept_hijack_policyId5 ${policyId1}
|
|
|
|
|
insert_policyId_to_file1 hijack_policyId5 ${policyId2}
|
|
|
|
|
|
|
|
|
|
Proxy-Policy-hijack-00007
|
2020-08-10 19:07:01 +08:00
|
|
|
[Tags] 请求头右匹配
|
2020-07-29 20:20:03 +08:00
|
|
|
Comment 创建fqdn
|
|
|
|
|
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.gogokid.com.cn
|
|
|
|
|
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建url
|
|
|
|
|
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=cn/teacher
|
|
|
|
|
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建请求头
|
|
|
|
|
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent
|
|
|
|
|
${rescode} ${objectId2} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建hijack文件
|
|
|
|
|
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-2.gif hijack {"isValid":1,"contentType":"image/gif","opAction":"add","profileName":"test6","contentName":"Create-Hijack Files-test-2.gif","profileId":null,"returnData":1}
|
|
|
|
|
${profiledId} Get From Dictionary ${response} profileId
|
|
|
|
|
Comment 创建拦截策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
Comment 创建hijack策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00007 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL,${objectId2}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=2
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
insert_policyId_to_file1 hijack_profileId6 ${profiledId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId13 ${objectId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId14 ${objectId1}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId15 ${objectId2}
|
|
|
|
|
insert_policyId_to_file1 intercept_hijack_policyId6 ${policyId1}
|
|
|
|
|
insert_policyId_to_file1 hijack_policyId6 ${policyId2}
|
|
|
|
|
|
|
|
|
|
Proxy-Policy-hijack-00008
|
2020-08-10 19:07:01 +08:00
|
|
|
[Tags] 应答头右匹配
|
2020-07-29 20:20:03 +08:00
|
|
|
Comment 创建fqdn
|
|
|
|
|
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*mafengwo.cn
|
|
|
|
|
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建url
|
|
|
|
|
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=wo.cn/mdd/
|
|
|
|
|
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建请求头
|
|
|
|
|
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*utf-8|Content-Type
|
|
|
|
|
${rescode} ${objectId2} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建hijack文件
|
|
|
|
|
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
|
|
|
|
|
${profiledId} Get From Dictionary ${response} profileId
|
|
|
|
|
Comment Comment 创建拦截策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
Comment 创建hijack策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00008 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL,${objectId2}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
insert_policyId_to_file1 hijack_profileId7 ${profiledId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId16 ${objectId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId17 ${objectId1}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId18 ${objectId2}
|
|
|
|
|
insert_policyId_to_file1 intercept_hijack_policyId7 ${policyId1}
|
|
|
|
|
insert_policyId_to_file1 hijack_policyId7 ${policyId2}
|
|
|
|
|
|
|
|
|
|
Proxy-Policy-hijack-00009
|
2020-08-10 19:07:01 +08:00
|
|
|
[Tags] 应答头完整匹配
|
2020-07-29 20:20:03 +08:00
|
|
|
Comment 创建fqdn
|
2020-08-06 18:39:36 +08:00
|
|
|
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*hexun.com
|
2020-07-29 20:20:03 +08:00
|
|
|
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建url
|
2020-08-06 18:39:36 +08:00
|
|
|
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=default.htm
|
2020-07-29 20:20:03 +08:00
|
|
|
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建请求头
|
2020-08-06 18:39:36 +08:00
|
|
|
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html|Content-Type
|
2020-07-29 20:20:03 +08:00
|
|
|
${rescode} ${objectId2} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建hijack文件
|
|
|
|
|
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
|
|
|
|
|
${profiledId} Get From Dictionary ${response} profileId
|
|
|
|
|
Comment Comment 创建拦截策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
Comment 创建hijack策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00009 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL,${objectId2}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
insert_policyId_to_file1 hijack_profileId8 ${profiledId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId19 ${objectId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId20 ${objectId1}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId21 ${objectId2}
|
|
|
|
|
insert_policyId_to_file1 intercept_hijack_policyId8 ${policyId1}
|
|
|
|
|
insert_policyId_to_file1 hijack_policyId8 ${policyId2}
|
|
|
|
|
|
|
|
|
|
Proxy-Policy-hijack-00010
|
2020-08-10 19:07:01 +08:00
|
|
|
[Tags] 应答头字串匹配
|
2020-07-29 20:20:03 +08:00
|
|
|
Comment 创建fqdn
|
|
|
|
|
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*tianya.cn
|
|
|
|
|
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建url
|
|
|
|
|
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=list-39-1.shtml
|
|
|
|
|
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建请求头
|
|
|
|
|
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text/html|Content-Type
|
|
|
|
|
${rescode} ${objectId2} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建hijack文件
|
|
|
|
|
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack
|
|
|
|
|
${profiledId} Get From Dictionary ${response} profileId
|
|
|
|
|
Comment Comment 创建拦截策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
Comment 创建hijack策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00010 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL,${objectId2}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
insert_policyId_to_file1 hijack_profileId9 ${profiledId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId22 ${objectId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId23 ${objectId1}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId24 ${objectId2}
|
|
|
|
|
insert_policyId_to_file1 intercept_hijack_policyId9 ${policyId1}
|
|
|
|
|
insert_policyId_to_file1 hijack_policyId9 ${policyId2}
|
|
|
|
|
|
|
|
|
|
Proxy-Policy-hijack-00011
|
2020-08-10 19:07:01 +08:00
|
|
|
[Tags] 应答头左匹配
|
2020-07-29 20:20:03 +08:00
|
|
|
Comment 创建fqdn
|
|
|
|
|
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*mydrivers.com
|
|
|
|
|
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建url
|
|
|
|
|
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=class/801/
|
|
|
|
|
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建请求头
|
|
|
|
|
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text*|Content-Type
|
|
|
|
|
${rescode} ${objectId2} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建hijack文件
|
|
|
|
|
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-1.exe hijack {"isValid":1,"contentType":"application/x-msdos-program","opAction":"add","profileName":"test2","contentName":"Create-Hijack Files-test-1.exe","profileId":null,"returnData":1}
|
|
|
|
|
${profiledId} Get From Dictionary ${response} profileId
|
|
|
|
|
Comment Comment 创建拦截策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=2
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
Comment 创建hijack策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00011 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL,${objectId2}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=2
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
insert_policyId_to_file1 hijack_profileId10 ${profiledId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId25 ${objectId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId26 ${objectId1}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId27 ${objectId2}
|
|
|
|
|
insert_policyId_to_file1 intercept_hijack_policyId10 ${policyId1}
|
|
|
|
|
insert_policyId_to_file1 hijack_policyId10 ${policyId2}
|
|
|
|
|
|
|
|
|
|
Proxy-Policy-hijack-00012
|
2020-08-10 19:07:01 +08:00
|
|
|
[Tags] cookie字串匹配
|
2020-07-29 20:20:03 +08:00
|
|
|
Comment 创建fqdn
|
2020-08-06 18:39:36 +08:00
|
|
|
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.reval.com
|
2020-07-29 20:20:03 +08:00
|
|
|
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建url
|
2020-08-06 18:39:36 +08:00
|
|
|
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=corporates/
|
2020-07-29 20:20:03 +08:00
|
|
|
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建cookie
|
|
|
|
|
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=saltkey|Cookie
|
|
|
|
|
${rescode} ${objectId2} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建hijack文件
|
|
|
|
|
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-5.png hijack {"isValid":1,"contentType":"image/png","opAction":"add","profileName":"test4","contentName":"Create-Hijack Files-test-5.png","profileId":null,"returnData":1}
|
|
|
|
|
${profiledId} Get From Dictionary ${response} profileId
|
|
|
|
|
Comment 创建拦截策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
Comment 创建hijack策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00012 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL,${objectId2}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=2
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
insert_policyId_to_file1 hijack_profileId11 ${profiledId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId28 ${objectId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId29 ${objectId1}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId30 ${objectId2}
|
|
|
|
|
insert_policyId_to_file1 intercept_hijack_policyId11 ${policyId1}
|
|
|
|
|
insert_policyId_to_file1 hijack_policyId11 ${policyId2}
|
|
|
|
|
|
|
|
|
|
Proxy-Policy-hijack-00013
|
2020-08-10 19:07:01 +08:00
|
|
|
[Tags] set-cookie4种匹配
|
2020-07-29 20:20:03 +08:00
|
|
|
Comment 创建fqdn
|
2020-08-06 18:39:36 +08:00
|
|
|
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$nsscreencast.com,*edreams.net,*boutiquehotel.me,$www.united.com
|
2020-07-29 20:20:03 +08:00
|
|
|
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建set-cookie
|
2020-08-06 18:39:36 +08:00
|
|
|
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_nsscreencast_session_*|Set-Cookie,*Secure; SameSite=None|Set-Cookie,Domain=.boutiquehotel.me|Set-Cookie,HOME1JSESSIONID*|Set-Cookie
|
2020-07-29 20:20:03 +08:00
|
|
|
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
2020-08-03 18:32:25 +08:00
|
|
|
Comment 创建url
|
2020-08-06 18:39:36 +08:00
|
|
|
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=nsscreencast,edreams,boutiquehotel,www.united.com
|
2020-08-03 18:32:25 +08:00
|
|
|
${rescode} ${objectId2} AddObject2 ${1} ${objectDict}
|
2020-07-29 20:20:03 +08:00
|
|
|
Comment 创建hijack文件
|
|
|
|
|
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-4.jpeg hijack {"isValid":1,"contentType":"image/jpeg","opAction":"add","profileName":"test5","contentName":"Create-Hijack Files-test-4.jpeg","profileId":null,"returnData":1}
|
|
|
|
|
${profiledId} Get From Dictionary ${response} profileId
|
|
|
|
|
Comment 创建拦截策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
Comment 创建hijack策略
|
2020-08-03 18:32:25 +08:00
|
|
|
${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00013 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_RES_HDR,${objectId2}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=2
|
2020-07-29 20:20:03 +08:00
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
insert_policyId_to_file1 hijack_profileId12 ${profiledId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId31 ${objectId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId32 ${objectId1}
|
2020-08-03 18:32:25 +08:00
|
|
|
insert_policyId_to_file1 hijack_objectId41 ${objectId2}
|
2020-07-29 20:20:03 +08:00
|
|
|
insert_policyId_to_file1 intercept_hijack_policyId12 ${policyId1}
|
|
|
|
|
insert_policyId_to_file1 hijack_policyId12 ${policyId2}
|
|
|
|
|
|
|
|
|
|
Proxy-Policy-hijack-00014
|
2020-08-10 19:07:01 +08:00
|
|
|
[Tags] 最大组合
|
2020-07-29 20:20:03 +08:00
|
|
|
Comment 创建fqdn
|
2020-08-06 18:39:36 +08:00
|
|
|
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.travelzoo.com
|
2020-07-29 20:20:03 +08:00
|
|
|
${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建url
|
2020-08-06 18:39:36 +08:00
|
|
|
${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*collections/hotels/ihg-group-meta/
|
2020-07-29 20:20:03 +08:00
|
|
|
${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建请求头
|
|
|
|
|
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent
|
|
|
|
|
${rescode} ${object_qq_Id} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建应答头
|
|
|
|
|
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=charset|Content-Type
|
|
|
|
|
${rescode} ${object_yd_Id} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建cookie
|
2020-08-03 18:32:25 +08:00
|
|
|
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=__stripe_sid|Cookie
|
2020-07-29 20:20:03 +08:00
|
|
|
${rescode} ${object_ck_Id} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建set-cookie
|
2020-08-06 18:39:36 +08:00
|
|
|
${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=domain=travelzoo.com|Set-Cookie
|
2020-07-29 20:20:03 +08:00
|
|
|
${rescode} ${object_sk_Id} AddObject2 ${1} ${objectDict}
|
|
|
|
|
Comment 创建hijack文件
|
|
|
|
|
${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-2.gif hijack {"isValid":1,"contentType":"image/gif","opAction":"add","profileName":"test6","contentName":"Create-Hijack Files-test-2.gif","profileId":null,"returnData":1}
|
|
|
|
|
${profiledId} Get From Dictionary ${response} profileId
|
|
|
|
|
Comment 创建拦截策略
|
|
|
|
|
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-hijack policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=3
|
|
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
Comment 创建hijack策略
|
2020-08-03 18:32:25 +08:00
|
|
|
${policyDict} Create Dictionary policyName=Proxy-Policy-hijack-00014 policyType=pxy_manipulation policyDesc=autotest action=manipulation userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} filterList=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_qq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_yd_Id}|TSG_FIELD_HTTP_RES_HDR,${object_sk_Id}|TSG_FIELD_HTTP_RES_HDR,${object_ck_Id}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=2
|
2020-07-29 20:20:03 +08:00
|
|
|
log ${policyDict}
|
|
|
|
|
${rescode} ${policyId2} AddPolicies 1 ${policyDict} v2
|
|
|
|
|
insert_policyId_to_file1 hijack_profileId13 ${profiledId}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId33 ${object_fqdn_Id}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId34 ${object_url_Id}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId35 ${object_qq_Id}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId36 ${object_yd_Id}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId37 ${object_ck_Id}
|
|
|
|
|
insert_policyId_to_file1 hijack_objectId38 ${object_sk_Id}
|
|
|
|
|
insert_policyId_to_file1 intercept_hijack_policyId13 ${policyId1}
|
|
|
|
|
insert_policyId_to_file1 hijack_policyId13 ${policyId2}
|
