From 098735f7021982b399d779d7cd4b9e25e158b43a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= Date: Thu, 30 Apr 2020 16:38:33 +0800 Subject: [PATCH] =?UTF-8?q?hijack=E5=8A=A8=E4=BD=9Chttp=E5=B7=B2=E8=BF=9B?= =?UTF-8?q?=E8=A1=8C=E5=8A=9F=E8=83=BD=E9=AA=8C=E8=AF=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Api_Proxy/Hijack_Http_Tests.robot | 132 +++++++++--------- 1 file changed, 68 insertions(+), 64 deletions(-) diff --git a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Hijack_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Hijack_Http_Tests.robot index 3d0be17..0c7640b 100644 --- a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Hijack_Http_Tests.robot +++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Hijack_Http_Tests.robot @@ -26,7 +26,7 @@ ProxyPolicy-Hijack-Http-00001 ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} Comment 创建hijack文件 - ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test.apk hijack application/vnd.android.package-archive + ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test.apk hijack {"isValid":1,"contentType":"application/vnd.android.package-archive","opAction":"add","profileName":"test1","contentName":"Create-Hijack Files-test.apk","profileId":null,"returnData":1} ${profiledId} Get From Dictionary ${response} profileId Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=2 @@ -43,8 +43,8 @@ ProxyPolicy-Hijack-Http-00001 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html - ${stringlist} run keyword if '${systemType}'=='Windows' Create List test - ... ELSE Create List test + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 6b72:f91d:6f81:bfcd:5b0f:e81d:f827:e075 + ... ELSE Create List 6b72:f91d:6f81:bfcd:5b0f:e81d:f827:e075 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -82,8 +82,8 @@ ProxyPolicy-Hijack-Http-00002 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html - ${stringlist} run keyword if '${systemType}'=='Windows' Create List 你好,五一 - ... ELSE Create List 你好,五一 + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动 + ... ELSE Create List 控制小蛇在地图范围内移动 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -104,7 +104,7 @@ ProxyPolicy-Hijack-Http-00003 ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} Comment 创建hijack文件 - ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack + ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-1.exe hijack {"isValid":1,"contentType":"application/x-msdos-program","opAction":"add","profileName":"test2","contentName":"Create-Hijack Files-test-1.exe","profileId":null,"returnData":1} ${profiledId} Get From Dictionary ${response} profileId Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 @@ -121,8 +121,8 @@ ProxyPolicy-Hijack-Http-00003 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html - ${stringlist} run keyword if '${systemType}'=='Windows' Create List виде - ... ELSE Create List виде + ${stringlist} run keyword if '${systemType}'=='Windows' Create List b76f:a340:7b1f:f4d0:27f3:8f0e:2db0:2bac + ... ELSE Create List b76f:a340:7b1f:f4d0:27f3:8f0e:2db0:2bac ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -156,8 +156,8 @@ ProxyPolicy-Hijack-Http-00004 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html - ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable - ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动 + ... ELSE Create List 控制小蛇在地图范围内移动 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -174,7 +174,7 @@ ProxyPolicy-Hijack-Http-00005 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建hijack文件 - ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack + ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-5.png hijack {"isValid":1,"contentType":"image/png","opAction":"add","profileName":"test4","contentName":"Create-Hijack Files-test-5.png","profileId":null,"returnData":1} ${profiledId} Get From Dictionary ${response} profileId Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 @@ -190,9 +190,9 @@ ProxyPolicy-Hijack-Http-00005 ${policyIds} Create List ${policyId1} ${policyId2} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat - ... ELSE set variable curl http://open.node.com/test/youtube/youtube.html - ${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 - ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ... ELSE set variable curl -kv \ http://open.node.com/test/youtube/youtube.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List bFiles-test-5.png + ... ELSE Create List bFiles-test-5.png ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -209,7 +209,7 @@ ProxyPolicy-Hijack-Http-00006 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建hijack文件 - ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack + ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-4.jpeg hijack {"isValid":1,"contentType":"image/jpeg","opAction":"add","profileName":"test5","contentName":"Create-Hijack Files-test-4.jpeg","profileId":null,"returnData":1} ${profiledId} Get From Dictionary ${response} profileId Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 @@ -225,9 +225,9 @@ ProxyPolicy-Hijack-Http-00006 ${policyIds} Create List ${policyId1} ${policyId2} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat - ... ELSE set variable curl http://open.node.com/test/nationalbank/nationalbank.html - ${stringlist} run keyword if '${systemType}'=='Windows' Create List виде - ... ELSE Create List виде + ... ELSE set variable curl -kv http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List test-4.jpeg + ... ELSE Create List test-4.jpeg ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -244,7 +244,7 @@ ProxyPolicy-Hijack-Http-00007 ${rescode} ${objectId} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建hijack文件 - ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack + ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-2.gif hijack {"isValid":1,"contentType":"image/gif","opAction":"add","profileName":"test6","contentName":"Create-Hijack Files-test-2.gif","profileId":null,"returnData":1} ${profiledId} Get From Dictionary ${response} profileId Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 @@ -260,9 +260,9 @@ ProxyPolicy-Hijack-Http-00007 ${policyIds} Create List ${policyId1} ${policyId2} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat - ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html - ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable - ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ... ELSE set variable curl -kv http://open.node.com/test/xiaozhu/xiaozhu.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List test-2.gif + ... ELSE Create List test-2.gif ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -300,8 +300,8 @@ ProxyPolicy-Hijack-Http-00008 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com - ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable - ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动 + ... ELSE Create List 控制小蛇在地图范围内移动 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -339,8 +339,8 @@ ProxyPolicy-Hijack-Http-00009 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com - ${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 - ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动 + ... ELSE Create List 控制小蛇在地图范围内移动 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -378,8 +378,8 @@ ProxyPolicy-Hijack-Http-00010 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com - ${stringlist} run keyword if '${systemType}'=='Windows' Create List виде - ... ELSE Create List виде + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动 + ... ELSE Create List 控制小蛇在地图范围内移动 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -400,7 +400,7 @@ ProxyPolicy-Hijack-Http-00011 ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} Comment 创建hijack文件 - ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack + ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-1.exe hijack {"isValid":1,"contentType":"application/x-msdos-program","opAction":"add","profileName":"test2","contentName":"Create-Hijack Files-test-1.exe","profileId":null,"returnData":1} ${profiledId} Get From Dictionary ${response} profileId Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 @@ -416,9 +416,9 @@ ProxyPolicy-Hijack-Http-00011 ${policyIds} Create List ${policyId1} ${policyId2} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0008.bat - ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com - ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable - ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List b76f:a340:7b1f:f4d0:27f3:8f0e:2db0:2bac + ... ELSE Create List b76f:a340:7b1f:f4d0:27f3:8f0e:2db0:2bac ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -439,7 +439,7 @@ ProxyPolicy-Hijack-Http-00012 ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} Comment 创建hijack文件 - ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack + ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-5.png hijack {"isValid":1,"contentType":"image/png","opAction":"add","profileName":"test4","contentName":"Create-Hijack Files-test-5.png","profileId":null,"returnData":1} ${profiledId} Get From Dictionary ${response} profileId Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 @@ -455,9 +455,9 @@ ProxyPolicy-Hijack-Http-00012 ${policyIds} Create List ${policyId1} ${policyId2} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0012.bat - ... ELSE set variable curl --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://open.node.com/test/nationalbank/nationalbank.html - ${stringlist} run keyword if '${systemType}'=='Windows' Create List zxcvbnm - ... ELSE Create List zxcvbnm + ... ELSE set variable curl -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://open.node.com/test/nationalbank/nationalbank.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List bFiles-test-5.png + ... ELSE Create List bFiles-test-5.png ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -478,7 +478,7 @@ ProxyPolicy-Hijack-Http-00013 ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} Comment 创建hijack文件 - ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack + ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-4.jpeg hijack {"isValid":1,"contentType":"image/jpeg","opAction":"add","profileName":"test5","contentName":"Create-Hijack Files-test-4.jpeg","profileId":null,"returnData":1} ${profiledId} Get From Dictionary ${response} profileId Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 @@ -495,8 +495,8 @@ ProxyPolicy-Hijack-Http-00013 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html - ${stringlist} run keyword if '${systemType}'=='Windows' Create List 你好明天 - ... ELSE Create List 你好明天 + ${stringlist} run keyword if '${systemType}'=='Windows' Create List test-4.jpeg + ... ELSE Create List test-4.jpeg ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -517,7 +517,7 @@ ProxyPolicy-Hijack-Http-00014 ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} Comment 创建hijack文件 - ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack + ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-2.gif hijack {"isValid":1,"contentType":"image/gif","opAction":"add","profileName":"test6","contentName":"Create-Hijack Files-test-2.gif","profileId":null,"returnData":1} ${profiledId} Get From Dictionary ${response} profileId Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 @@ -534,8 +534,8 @@ ProxyPolicy-Hijack-Http-00014 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html - ${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 - ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ${stringlist} run keyword if '${systemType}'=='Windows' Create List test-2.gif + ... ELSE Create List test-2.gif ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -573,8 +573,8 @@ ProxyPolicy-Hijack-Http-00015 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat ... ELSE set variable curl \ http://open.node.com/test/nationalbank/nationalbank.html - ${stringlist} run keyword if '${systemType}'=='Windows' Create List qwerty - ... ELSE Create List qwerty + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动 + ... ELSE Create List 控制小蛇在地图范围内移动 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -612,8 +612,8 @@ ProxyPolicy-Hijack-Http-00016 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0002.bat \ ... ELSE set variable curl http://open.node.com/test/youtube/youtube.html - ${stringlist} run keyword if '${systemType}'=='Windows' Create List 123456 - ... ELSE Create List 123456 + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动 + ... ELSE Create List 控制小蛇在地图范围内移动 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -651,8 +651,8 @@ ProxyPolicy-Hijack-Http-00017 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00017.bat ... ELSE set variable curl http://open.node.com/ - ${stringlist} run keyword if '${systemType}'=='Windows' Create List 你好明天 - ... ELSE Create List 你好明天 + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动 + ... ELSE Create List 控制小蛇在地图范围内移动 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -673,7 +673,7 @@ ProxyPolicy-Hijack-Http-00018 ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} Comment 创建hijack文件 - ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack + ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-5.png hijack {"isValid":1,"contentType":"image/png","opAction":"add","profileName":"test4","contentName":"Create-Hijack Files-test-5.png","profileId":null,"returnData":1} ${profiledId} Get From Dictionary ${response} profileId Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 @@ -689,9 +689,9 @@ ProxyPolicy-Hijack-Http-00018 ${policyIds} Create List ${policyId1} ${policyId2} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00017.bat - ... ELSE set variable curl http://open.node.com/ - ${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 - ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ... ELSE set variable curl -kv http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List bFiles-test-5.png + ... ELSE Create List bFiles-test-5.png ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -712,7 +712,7 @@ ProxyPolicy-Hijack-Http-00019 ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} Comment 创建hijack文件 - ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack + ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-4.jpeg hijack {"isValid":1,"contentType":"image/jpeg","opAction":"add","profileName":"test5","contentName":"Create-Hijack Files-test-4.jpeg","profileId":null,"returnData":1} ${profiledId} Get From Dictionary ${response} profileId Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 @@ -728,9 +728,9 @@ ProxyPolicy-Hijack-Http-00019 ${policyIds} Create List ${policyId1} ${policyId2} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-HTTP-0017.bat - ... ELSE set variable curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=yyyyy" http://open.node.com/action - ${stringlist} run keyword if '${systemType}'=='Windows' Create List qwerty - ... ELSE Create List qwerty + ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=test&setCookie=12345678&contentType=content-type&resBody=yyyyy" http://open.node.com/action + ${stringlist} run keyword if '${systemType}'=='Windows' Create List test-4.jpeg + ... ELSE Create List test-4.jpeg ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -751,7 +751,7 @@ ProxyPolicy-Hijack-Http-00020 ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_url_Id} Comment 创建hijack文件 - ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-3.html hijack + ${response} CreatePolicyFile2 ${url} ${path}/hijack_files/ Create-Hijack Files-test-2.gif hijack {"isValid":1,"contentType":"image/gif","opAction":"add","profileName":"test6","contentName":"Create-Hijack Files-test-2.gif","profileId":null,"returnData":1} ${profiledId} Get From Dictionary ${response} profileId Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-HTTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=intercept effectiveRange= userRegion={"protocol": "HTTP"} referenceObject= isValid=${1} appObjectIdArray=2 @@ -767,9 +767,9 @@ ProxyPolicy-Hijack-Http-00020 ${policyIds} Create List ${policyId1} ${policyId2} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00017.bat - ... ELSE set variable curl http://open.node.com/ - ${stringlist} run keyword if '${systemType}'=='Windows' Create List 123456 - ... ELSE Create List 123456 + ... ELSE set variable curl -kv http://open.node.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List test-2.gif + ... ELSE Create List test-2.gif ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} @@ -781,10 +781,14 @@ ProxyPolicy-Hijack-Http-00020 ProxyPolicy-Hijack-Http-00021 [Tags] selfserver 最大组合 http Hijack + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} Comment 创建fqdn ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$open.node.com ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} - ${objectids} set Variable ${object_fqdn_Id} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_fqdn_Id} Comment 创建url ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*xiaozhu.html ${rescode} ${object_url_Id} AddObject2 ${1} ${objectDict} @@ -807,7 +811,7 @@ ProxyPolicy-Hijack-Http-00021 ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} ${policyIds} Create List ${policyId1} Comment 创建管控策略 - ${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR + ${policyDict} Create Dictionary policyName=proxyPolicy-Hijack-HTTP-00021 policyType=pxy_manipulation policyDesc=autotest userTags= action=manipulation effectiveRange= userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"} isValid=${1} appObjectIdArray=2 referenceObject=${object_fqdn_Id}|TSG_FIELD_HTTP_HOST,${object_url_Id}|TSG_FIELD_HTTP_URL,${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR ${rescode} ${policyId3} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyId2} set Variable {"policyType":"pxy_manipulation","policyIds":[${policyId3}]} @@ -815,8 +819,8 @@ ProxyPolicy-Hijack-Http-00021 Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/proxyPolicy-Deny-HTTP-00023.bat ... ELSE set variable curl \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://open.node.com/test/xiaozhu/xiaozhu.html - ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset - ... ELSE Create List Connection reset by peer + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 控制小蛇在地图范围内移动 + ... ELSE Create List 控制小蛇在地图范围内移动 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist}