불필요한 코드 수정

2026-06-05 00:41:27 +09:00 · 2025-06-09 23:12:28 +09:00 · 2025-06-09 23:12:28 +09:00 · 4059cc7adb
commit 4059cc7adb
parent cba2d545b6
1 changed files with 5 additions and 17 deletions
--- a/addon/cleintsecret_check.py
+++ b/addon/cleintsecret_check.py
@ -1,9 +1,5 @@
-# client_secret_check.py
+from mitmproxy import http
 from mitmproxy import http, ctx
 from urllib.parse import urlparse, parse_qs
 from typing import Optional, List
 import lib.target as target
 from lib.report import save_report
 class ClientSecretChecker:
@ -29,7 +25,7 @@ class ClientSecretChecker:
        referer = flow.request.headers.get("Referer", "")
        return "client_secret" in referer
-    def check_client_secret_leak(self, flow: http.HTTPFlow) -> List[str]:
+    def check_client_secret_leak(self, flow: http.HTTPFlow) -> list[str]:
        messages = []
        if self.has_client_secret_in_uri(flow.request.url):
@ -43,22 +39,14 @@ class ClientSecretChecker:
        return messages
-    def response(self, flow: http.HTTPFlow) -> None:
+    async def request(self, flow: http.HTTPFlow) -> None:
        try:
            if not self.is_oauth_uri(flow.request.url):
                return
            issues = self.check_client_secret_leak(flow)
            if issues:
-                desc = " | ".join(issues)
+                print(f"[HIGH] OAuth Client Secret Exposure: {' | '.join(issues)}")
-                report_data = [{
+                print(f"[URL] {flow.request.url}")
                    'target': target.load(),
                    'status': "HIGH",
                    'title': "OAuth Client Secret Exposure",
                    'description': desc,
                    'uri': flow.request.url,
                }]
                save_report(report_data)
                print(f"[INFO] Client Secret Check: {desc}")
        except Exception as e:
            print(f"[ERROR] Client Secret Check failed: {e}")