불필요한 코드 수정

2026-06-04 08:11:52 +09:00 · 2025-06-09 23:12:28 +09:00 · 2025-06-09 23:12:28 +09:00 · 4059cc7adb
commit 4059cc7adb
parent cba2d545b6
1 changed files with 5 additions and 17 deletions
--- a/addon/cleintsecret_check.py
+++ b/addon/cleintsecret_check.py
@ -1,9 +1,5 @@
-# client_secret_check.py
-from mitmproxy import http, ctx
+from mitmproxy import http
 from urllib.parse import urlparse, parse_qs
-from typing import Optional, List
-import lib.target as target
-from lib.report import save_report


 class ClientSecretChecker:
@ -29,7 +25,7 @@ class ClientSecretChecker:
        referer = flow.request.headers.get("Referer", "")
        return "client_secret" in referer

-    def check_client_secret_leak(self, flow: http.HTTPFlow) -> List[str]:
+    def check_client_secret_leak(self, flow: http.HTTPFlow) -> list[str]:
        messages = []

        if self.has_client_secret_in_uri(flow.request.url):
@ -43,22 +39,14 @@ class ClientSecretChecker:

        return messages

-    def response(self, flow: http.HTTPFlow) -> None:
+    async def request(self, flow: http.HTTPFlow) -> None:
        try:
            if not self.is_oauth_uri(flow.request.url):
                return

            issues = self.check_client_secret_leak(flow)
            if issues:
-                desc = " | ".join(issues)
-                report_data = [{
-                    'target': target.load(),
-                    'status': "HIGH",
-                    'title': "OAuth Client Secret Exposure",
-                    'description': desc,
-                    'uri': flow.request.url,
-                }]
-                save_report(report_data)
-                print(f"[INFO] Client Secret Check: {desc}")
+                print(f"[HIGH] OAuth Client Secret Exposure: {' | '.join(issues)}")
+                print(f"[URL] {flow.request.url}")
        except Exception as e:
            print(f"[ERROR] Client Secret Check failed: {e}")