remove global rq - Githubissues

EnableSecurity / wafw00f

WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

https://www.enablesecurity.com/

BSD 3-Clause "New" or "Revised" License

5.18k stars 926 forks source link

remove global rq #129

Closed mazlum closed 3 years ago

mazlum commented 3 years ago

Which category is this pull request?

[ ] A new feature/enhancement.
[ ] Fix an issue/feature-request.
[x] An improvement to existing modules.
[ ] Other (Please mention below).

Where has this been tested?

Python Version
- [x] v3.x
- [x] v2.x
Operating System:
- [x] Linux (Please specify distro)
- [x] Windows
- [x] MacOS

I think global rq is not a good practice. And it blocks to use WAFW00F as a library. This way we can use as a library.

For example;

  from wafw00f.main import WAFW00F

  attacker = WAFW00F(target="http://example.com")
  waf = attacker.identwaf()

0xInfection commented 3 years ago

WAFW00F was never intended to be made available as a library, but rather as a CLI tool. Anyways, I've been seeing a lot of people using the code as a library, and it doesn't affect normal behaviour of the tool, so it doesn't hurt to merge this in.

@sandrogauci what are your thoughts? :)

sandrogauci commented 3 years ago

agreed @0xInfection. Also, good to avoid global vars.

I'd written:

i did notice that some behaviors are changed so that might require some tests/checks. e.g. rq = attacker.normalRequest() is removed in line 422 main.py.

but noticed that stuff is handled in the WAFW00F class. So it looks fine. (still i didn't actually test yet)

0xInfection commented 3 years ago

Did some testing, looks fine to me. We can always revert if something breaks. :)

Thanks @mazlum!