I am trying to write a HTTP Sender script that drops requests to certain URLs.
To start off, I have been playing around with converting the example Proxy script "Drop messages not in scope.js" to a HttpSender script. See below:
function sendingRequest(msg, initiator, helper) {
if (!msg.isInScope()) {
print("Msg not in scope: " + msg.getRequestHeader().getURI().toString());
msg.setResponseBody("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 3.2//EN\">\n" +
"<html><head></head><body><h1>403 Forbidden</h1>\n" +
"Out of scope request blocked by ZAP script 'Drop requests not in scope.js'\n" +
"</body></html>");
msg.setResponseHeader("HTTP/1.1 403 Forbidden\r\n" +
"Content-Type: text/html; charset=UTF-8");
msg.getResponseHeader().setContentLength(msg.getResponseBody().length());
msg.getResponseHeader().setStatusCode(403);
}
return msg;
}