如何在尝试打印存在警报的网址时解决并发问题？ [英] How to solve concurrency problems when trying to print the URLs for which there was an alert?

问题描述

我尝试使用PhantomJS循环浏览几个网址，打开网页并检查是否有任何网页上有提醒。我还在打印发生警报的页面的网址。

I am trying to use PhantomJS to loop through a couple of URLs, open the pages and check if there was an alert on any of the pages. I am also printing the URLs of the pages where an alert occurred.

代码如下：

var page = require('webpage');

var u = ["http://127.0.0.1/DVWA-1.0.8/vulnerabilities/xss_r/?name=<SCRIPT>alert('XSS');</SCRIPT>", "http://127.0.0.1/DVWA-1.0.8/vulnerabilities/xss_r/?name=abcd"]
var url = "";

for(var i = 0; i < u.length; i++) {
  url = u[i];

  var webpage = page.create();

  phantom.addCookie({
    'name':'PHPSESSID',
    'value':'00885b45d9ddda3e757371b177c5959b',
    'domain':'127.0.0.1'
  });

  webpage.onAlert = function(alertMessage){
    console.log("Alert URL: " + webpage.url);
    console.log("Alert occured with message: " + alertMessage);
  }

  webpage.open(url, function (status) {
    console.log("Opening URL:  " + webpage.url);
    phantom.exit();
  });
}

我希望输出的部分是：

I would expect the part of the output to be:

Alert URL: http://127.0.0.1/DVWA-1.0.8/vulnerabilities/xss_r/?name=<SCRIPT>alert('XSS');</SCRIPT>
Alert occured with message: XSS

但是，它每次都不同，例如：

But instead, it differs each time and shows incorrect output like:

Alert URL: http://127.0.0.1/DVWA-1.0.8/vulnerabilities/xss_r/?name=abcd
Alert occured with message: XSS

看起来这是因为并发回调。

It looks like this happens because of the concurrency of the callbacks.

有没有办法处理这个，以确保输出是预期的？

Is there a way to handle this in order to ensure that the output is as expected? Or is this library not meant to be used like this and should I try something else?

推荐答案

您可以在这里创建一个新页面循环，就PhantomJS运行时而言，这本质上是一个新的选项卡。它将同时执行。要为脚本添加结构和可重现性，您必须写一个小链接。

You create a new page in the loop which is essentially a new tab as far as the PhantomJS runtime is concerned. It will be executed concurrently. To add structure and reproducability to the script, you would have to write a little chaining.

这样应该可以工作：

var page = require('webpage');

var u = ["http://127.0.0.1/DVWA-1.0.8/vulnerabilities/xss_r/?name=<SCRIPT>alert('XSS');</SCRIPT>", "http://127.0.0.1/DVWA-1.0.8/vulnerabilities/xss_r/?name=abcd"]

function each(list, func, done){
  var len = list.length,
      previous = done;
  for(var i = len - 1; i >= 0; i--) {
    (function(item, done){ // IIFE
      previous = function(){
        func(item, done);
      };
    })(list[i], previous);
  }
  previous(); // start the chain
}

each(u, function(url, done){
  var webpage = page.create();

  phantom.addCookie({
    'name':'PHPSESSID',
    'value':'00885b45d9ddda3e757371b177c5959b',
    'domain':'127.0.0.1'
  });

  webpage.onAlert = function(alertMessage){
    console.log("Alert URL: " + webpage.url);
    console.log("Alert occured with message: " + alertMessage);
  }

  webpage.open(url, function (status) {
    console.log("Opening URL:  " + webpage.url);
    done();
  });
}, function(){
  phantom.exit();
});

这篇关于如何在尝试打印存在警报的网址时解决并发问题？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！