Merge pull request #6 from PortSwigger/examples

Add Proxy HTTP filter examples.

Proxy/HTTP/FilterOnCookieValue.bambda

@@ -0,0 +1,16 @@
+/**
+ * Filters Proxy HTTP history for requests with a specific Cookie value.
+ *
+ * @author LostCoder
+ **/
+
+if (requestResponse.request().hasParameter("foo", HttpParameterType.COOKIE)) {
+	var cookieValue = requestResponse
+		.request()
+		.parameter("foo", HttpParameterType.COOKIE)
+		.value();
+
+	return cookieValue.contains("1337");
+}
+
+return false;

Proxy/HTTP/FindJSONresponsesWithIncorrectContentType.bambda

@@ -0,0 +1,17 @@
+/**
+ * Finds JSON responses with wrong Content-Type
+ *
+ * The content is probably json but the content type is not application/json
+ *
+ * @author albinowax
+ **/
+
+var contentType = requestResponse.hasResponse() ? requestResponse.response().headerValue("Content-Type") : null;
+
+if (contentType != null && !contentType.contains("application/json")) {
+ String body = requestResponse.response().bodyToString().trim();
+
+ return body.startsWith( "{" ) || body.startsWith( "[" );
+}
+
+return false;

Proxy/HTTP/FindRolesWithinJWTClaims.bambda

@@ -0,0 +1,28 @@
+/**
+ * Find role within JWT claims
+ *
+ * @author Trikster
+ **/
+
+if (!requestResponse.hasResponse())
+{
+    return false;
+}
+
+var body = requestResponse.response().bodyToString().trim();
+
+if (requestResponse.response().hasHeader("authorization")) {
+    var authValue = requestResponse.response().headerValue("authorization");
+
+    if (authValue.startsWith("Bearer ey")) {
+        var tokens = authValue.split("\\.");
+
+        if (tokens.length == 3) {
+            var decodedClaims = utilities().base64Utils().decode(tokens[1], Base64DecodingOptions.URL).toString();
+
+            return decodedClaims.toLowerCase().contains("role");
+        }
+    }
+}
+
+return false;