Showing 24 of 31 total issues
Method send_uri
has a Cognitive Complexity of 155 (exceeds 5 allowed). Consider refactoring. Open
def send_uri(uri, method: 'GET', headers: {}, body: '')
uri = uri.to_s
body = body.to_s
headers = {} unless headers.is_a?(Hash)
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
File http.rb
has 974 lines of code (exceeds 250 allowed). Consider refactoring. Open
module SSRFProxy
#
# SSRFProxy::HTTP object takes information required to connect
# to a HTTP(S) server vulnerable to Server-Side Request Forgery
# (SSRF) and issue arbitrary HTTP requests via the vulnerable
Method guess_status
has a Cognitive Complexity of 84 (exceeds 5 allowed). Consider refactoring. Open
def guess_status(response)
result = {}
# response status code returned by php-simple-proxy and php-json-proxy
if response =~ /"status":{"http_code":([\d]+)}/
result['code'] = $1
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method send_uri
has 318 lines of code (exceeds 25 allowed). Consider refactoring. Open
def send_uri(uri, method: 'GET', headers: {}, body: '')
uri = uri.to_s
body = body.to_s
headers = {} unless headers.is_a?(Hash)
Method guess_status
has 208 lines of code (exceeds 25 allowed). Consider refactoring. Open
def guess_status(response)
result = {}
# response status code returned by php-simple-proxy and php-json-proxy
if response =~ /"status":{"http_code":([\d]+)}/
result['code'] = $1
Method initialize
has a Cognitive Complexity of 45 (exceeds 5 allowed). Consider refactoring. Open
def initialize(url: nil,
file: nil,
proxy: nil,
ssl: false,
method: 'GET',
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method initialize
has 149 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(url: nil,
file: nil,
proxy: nil,
ssl: false,
method: 'GET',
Method send_request
has 103 lines of code (exceeds 25 allowed). Consider refactoring. Open
def send_request(request)
response_error = { 'uri' => '',
'duration' => '0',
'http_version' => '1.0',
'headers' => "Server: #{@banner}\n",
Method send_http_request
has 83 lines of code (exceeds 25 allowed). Consider refactoring. Open
def send_http_request(url, method, headers, body)
# use upstream proxy
if @proxy.nil?
http = Net::HTTP::Proxy(nil).new(
@url.host,
Method send_http_request
has a Cognitive Complexity of 20 (exceeds 5 allowed). Consider refactoring. Open
def send_http_request(url, method, headers, body)
# use upstream proxy
if @proxy.nil?
http = Net::HTTP::Proxy(nil).new(
@url.host,
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method send_request
has a Cognitive Complexity of 20 (exceeds 5 allowed). Consider refactoring. Open
def send_request(request)
response_error = { 'uri' => '',
'duration' => '0',
'http_version' => '1.0',
'headers' => "Server: #{@banner}\n",
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method initialize
has a Cognitive Complexity of 15 (exceeds 5 allowed). Consider refactoring. Open
def initialize(ssrf, interface = '127.0.0.1', port = 8081)
@banner = 'SSRF Proxy'
@server = nil
@logger = ::Logger.new(STDOUT).tap do |log|
log.progname = 'ssrf-proxy-server'
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method initialize
has 45 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(ssrf, interface = '127.0.0.1', port = 8081)
@banner = 'SSRF Proxy'
@server = nil
@logger = ::Logger.new(STDOUT).tap do |log|
log.progname = 'ssrf-proxy-server'
Method run_rules
has 44 lines of code (exceeds 25 allowed). Consider refactoring. Open
def run_rules(url, rules)
str = url.to_s
return str if rules.nil?
rules.each do |rule|
case rule
Method handle_connection
has 43 lines of code (exceeds 25 allowed). Consider refactoring. Open
def handle_connection(socket)
start_time = Time.now
_, port, host = socket.peeraddr
logger.debug("Client #{host}:#{port} connected")
request = socket.read
Method parse_http_request
has 40 lines of code (exceeds 25 allowed). Consider refactoring. Open
def parse_http_request(request)
# parse method
if request.to_s !~ /\A(GET|HEAD|DELETE|POST|PUT|OPTIONS) /
logger.warn('HTTP request method is not supported')
raise SSRFProxy::HTTP::Error::InvalidClientRequest,
Method handle_connection
has a Cognitive Complexity of 13 (exceeds 5 allowed). Consider refactoring. Open
def handle_connection(socket)
start_time = Time.now
_, port, host = socket.peeraddr
logger.debug("Client #{host}:#{port} connected")
request = socket.read
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Avoid deeply nested control flow statements. Open
elsif response =~ /HTTPError: HTTP Error \d+/
if response =~ /HTTPError: HTTP Error 400: Bad Request/
result['code'] = 400
result['message'] = 'Bad Request'
elsif response =~ /HTTPError: HTTP Error 401: Unauthorized/
Avoid deeply nested control flow statements. Open
if response =~ /\[Errno -2\] Name or service not known/
result['code'] = 502
result['message'] = 'Bad Gateway'
elsif response =~ /\[Errno 101\] Network is unreachable/
result['code'] = 502
Method parse_http_request
has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring. Open
def parse_http_request(request)
# parse method
if request.to_s !~ /\A(GET|HEAD|DELETE|POST|PUT|OPTIONS) /
logger.warn('HTTP request method is not supported')
raise SSRFProxy::HTTP::Error::InvalidClientRequest,
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"