Merge branch 'master' into v3

# Conflicts:
#	build.gradle
#	src/main/java/com/nccgroup/loggerplusplus/LoggerPlusPlus.java
#	src/main/java/com/nccgroup/loggerplusplus/logentry/LogEntry.java

.github/workflows/codeql.yml

@@ -0,0 +1,69 @@
+name: "CodeQL"
+
+on:
+ push:
+ branches: [ 'master' ]
+ pull_request:
+ # The branches below must be a subset of the branches above
+ branches: [ 'master' ]
+ schedule:
+ - cron: '30 11 * * 2'
+
+jobs:
+ analyze:
+ name: Analyze
+ runs-on: ubuntu-latest
+ permissions:
+ actions: read
+ contents: read
+ security-events: write
+
+ strategy:
+ fail-fast: false
+ matrix:
+ language: [ 'java' ]
+ # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+ # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+
+ steps:
+ - name: Checkout repository
+ uses: actions/checkout@v3
+
+ - name: Set up Java
+ uses: actions/setup-java@v2
+ with:
+ distribution: adopt
+ java-version: '15'
+
+ # Initializes the CodeQL tools for scanning.
+ - name: Initialize CodeQL
+ uses: github/codeql-action/init@v2
+ with:
+ languages: ${{ matrix.language }}
+ # If you wish to specify custom queries, you can do so here or in a config file.
+ # By default, queries listed here will override any specified in a config file.
+ # Prefix the list here with "+" to use these queries and those in the config file.
+
+ # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+ queries: +security-and-quality
+
+
+ # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
+ # If this step fails, then you should remove it and run the build manually (see below)
+ - name: Autobuild
+ uses: github/codeql-action/autobuild@v2
+
+ # ℹ️ Command-line programs to run using the OS shell.
+ # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+
+ # If the Autobuild fails above, remove it and uncomment the following three lines. 
+ # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
+
+ # - run: |
+ # echo "Run, Build Application using script"
+ # ./location_of_script_within_repo/buildscript.sh
+
+ - name: Perform CodeQL Analysis
+ uses: github/codeql-action/analyze@v2
+ with:
+ category: "/language:${{matrix.language}}"

src/main/java/com/nccgroup/loggerplusplus/LoggerPlusPlus.java

@@ -23,6 +23,8 @@
 import java.awt.*;
 import java.util.Arrays;
 import java.util.List;
+import java.util.stream.Collectors;
+import java.util.stream.Collectors;
 
 import static com.nccgroup.loggerplusplus.util.Globals.PREF_RESTRICT_TO_SCOPE;
 
@@ -91,15 +93,32 @@ public void initialize(MontoyaApi montoya) {
  montoya.proxy().registerResponseHandler(logProcessor.getProxyHttpResponseHandler());
 
  //Add menu item to Burp's frame menu.
- JFrame rootFrame = (JFrame) SwingUtilities.getWindowAncestor(mainViewController.getUiComponent());
- try{
+ JFrame rootFrame = null;
+ try {
+ rootFrame = getBurpFrame();
  JMenuBar menuBar = rootFrame.getJMenuBar();
- loggerMenu = new LoggerMenu(LoggerPlusPlus.this);
- menuBar.add(loggerMenu, menuBar.getMenuCount() - 1);
- }catch (NullPointerException nPException){
- loggerMenu = null;
+ if(menuBar != null) {
+ loggerMenu = new LoggerMenu(LoggerPlusPlus.this);
+ menuBar.add(loggerMenu, menuBar.getMenuCount() - 1);
+ }
+ } catch (Exception e) {
+ log.error("Could not find root frame. Window JMenu will not be added");
  }
+ }
 
+ private JFrame getBurpFrame() throws Exception {
+ // Get all frames
+ Frame[] allFrames = JFrame.getFrames();
+ // Filter the stream find the main burp window frame, and convert to a list
+ List<Frame> filteredFrames = Arrays.stream(allFrames).filter(f ->
+ f.getTitle().startsWith("Burp Suite") && f.isVisible()
+ ).collect(Collectors.toList());
+ // If size is 1, we have the main burp frame. Otherwise fails
+ if (filteredFrames.size() == 1) {
+ return (JFrame) filteredFrames.get(0);
+ } else {
+ throw new Exception("Expected one burp pane, but found " + filteredFrames.size());
+ }
  }
 
  public void unloadExtension() {

src/main/java/com/nccgroup/loggerplusplus/logentry/LogEntry.java

@@ -540,6 +540,8 @@ public Object getValueByKey(LogEntryField columnName) {
  return (this.url != null ? this.url.getPath() : "");
  case QUERY:
  return (this.url != null ? this.url.getQuery() : "");
+ case PATHQUERY:
+ return this.url.getFile();
  case STATUS:
  return this.responseStatus;
  case STATUS_TEXT:

src/main/java/com/nccgroup/loggerplusplus/logentry/LogEntryField.java

@@ -28,6 +28,7 @@ public enum LogEntryField {
  METHOD(FieldGroup.REQUEST, String.class, "The request method used.", "Method"),
  PATH(FieldGroup.REQUEST, String.class, "The path component of the requested URL.", "Path"),
  QUERY(FieldGroup.REQUEST, String.class, "The query parameters of the requested URL.", "Query", "GetParams", "QueryParams"),
+ PATHQUERY(FieldGroup.REQUEST, String.class, "The path and query components of the requested URL.", "PathQuery"),
  PROTOCOL(FieldGroup.REQUEST, String.class, "The protocol component of the requested URL.", "Protocol"),
  ISSSL(FieldGroup.REQUEST, Boolean.class, "Did the request use SSL?", "IsSSL", "ssl"),
  USES_COOKIE_JAR(FieldGroup.REQUEST, String.class, "Compares the cookies with the cookie jar to see if any of them are in use.", "UsesCookieJar", "CookieJar"),

src/main/java/com/nccgroup/loggerplusplus/logview/entryviewer/RequestViewerController.java

@@ -26,6 +26,9 @@ public RequestViewerController(Preferences preferences) {
  }
 
  public void setDisplayedEntity(LogEntry logEntry) {
+ // Only update message if it's new. This fixes issue #164 and improves performance during heavy scanning.
+ if (this.currentEntry == logEntry) { return; }
+
  this.currentEntry = logEntry;
 
  if (logEntry == null || logEntry.getRequest() == null) {

src/main/java/com/nccgroup/loggerplusplus/util/Globals.java

@@ -83,7 +83,7 @@ public enum Protocol {HTTP, HTTPS}
  "\"filter\":{\"filter\":\"Request.Complete == False\"},\"filterString\":\"Request.Complete == False\",\"backgroundColor\":{\"value\":-16777216,\"falpha\":0.0}," +
  "\"foregroundColor\":{\"value\":-65536,\"falpha\":0.0},\"enabled\":true,\"modified\":false,\"shouldRetest\":true,\"priority\":1}}";
 
- public static final int CURRENT_COLUMN_VERSION = 7;
+ public static final int CURRENT_COLUMN_VERSION = 8;
  private static int colOrder = 0;
  public static final String DEFAULT_LOG_TABLE_COLUMNS_JSON = new StringBuilder().append("[")
  .append("{'id':" + NUMBER + ",'name':'Number','defaultVisibleName':'#','visibleName':'#','preferredWidth':65,'readonly':true,'order':" + colOrder++ + ",'visible':true,'description':'" + StringEscapeUtils.escapeJson(NUMBER.getDescription()) + "'},")
@@ -99,6 +99,7 @@ public enum Protocol {HTTP, HTTPS}
  .append("{'id':" + PATH + ",'name':'Path','defaultVisibleName':'Path','visibleName':'Path','preferredWidth':250,'readonly':true,'order':" + colOrder++ + ",'visible':true,'description':'" + StringEscapeUtils.escapeJson(PATH.getDescription()) + "'},")
  .append("{'id':" + EXTENSION + ",'name':'UrlExtension','defaultVisibleName':'Extension','visibleName':'Extension','preferredWidth':70,'readonly':true,'order':" + colOrder++ + ",'visible':false,'description':'" + StringEscapeUtils.escapeJson(EXTENSION.getDescription()) + "'},")
  .append("{'id':" + QUERY + ",'name':'Query','defaultVisibleName':'Query','visibleName':'Query','preferredWidth':250,'readonly':true,'order':" + colOrder++ + ",'visible':true,'description':'" + StringEscapeUtils.escapeJson(QUERY.getDescription()) + "'},")
+ .append("{'id':" + PATHQUERY + ",'name':'Path Query','defaultVisibleName':'Path Query','visibleName':'Path Query','preferredWidth':250,'readonly':true,'order':" + colOrder++ + ",'visible':false,'description':'" + StringEscapeUtils.escapeJson(PATHQUERY.getDescription()) + "'},")
  .append("{'id':" + URL + ",'name':'Url','defaultVisibleName':'URL','visibleName':'URL','preferredWidth':250,'readonly':true,'order':" + colOrder++ + ",'visible':false,'description':'" + StringEscapeUtils.escapeJson(URL.getDescription()) + "'},")
  .append("{'id':" + HASPARAMS + ",'name':'Has Params','defaultVisibleName':'Has Params','visibleName':'Has Params','preferredWidth':75,'readonly':true,'order':" + colOrder++ + ",'visible':false,'description':'" + StringEscapeUtils.escapeJson(HASPARAMS.getDescription()) + "'},")
  .append("{'id':" + STATUS + ",'name':'Status','defaultVisibleName':'Status','visibleName':'Status','preferredWidth':55,'readonly':true,'order':" + colOrder++ + ",'visible':true,'description':'" + StringEscapeUtils.escapeJson(STATUS.getDescription()) + "'},")