## [v1.1.14] - 2023-12-14

- improve: Added javahelp [?] button on the right-top corner of the MacroBuilder tab
- maintenance: Removed the "Tracking Parameter" JPanel which is used only burp from the MacroBuilder Tab.

addOns/automacrobuilder/CHANGELOG.md

@@ -2,6 +2,12 @@
 All notable changes to this add-on will be documented in this file.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
+## [v1.1.14] - 2023-12-14
+### Added
+- improve: Added javahelp [?] button on the right-top corner of the MacroBuilder tab
+### Changed
+- maintenance: Removed the "Tracking Parameter" JPanel which is used only burp from the MacroBuilder Tab. 
+
 ## [v1.1.13] - 2023-12-14
 ### Fixed
 - bugfix: Fixed "null null null" response status-line is appeared in messageView

addOns/automacrobuilder/automacrobuilder.gradle.kts

@@ -1,6 +1,6 @@
 import org.zaproxy.gradle.addon.AddOnStatus
 
-version = "1.1.13"
+version = "1.1.14"
 description = "AutoMacroBuilder for ZAP"
 
 tasks.withType<JavaCompile> {

addOns/automacrobuilder/src/main/java/org/zaproxy/zap/extension/automacrobuilder/CookieManager.java

@@ -82,42 +82,44 @@ public List<HttpCookie> parse(String hostName, String path, String setCookieHead
                             hostName, path,
 
                             true); // SSL attribute is ignored when cookie values ​​are added to
-            String defaultPath = extractDefaultPath(path);
-            originalURIs.add(uri);
-            //
-            // Description of Cookie Attributes
-            //
-            // * domain
-            //   specified:
-            //     cookie is sent specified domain or subdomain of it.
-            //     the domain attribute must be a domain containing the
-            //     current host name, so, only same as host or subdomain can be specified.
-            //     (ex: hostname example.com  domain=example.com or domain=www.example.com)
-            //   Not specified:
-            //     If domain attribute is not specified, the cookie is sent only to the host that sent Set-Cookie.
-            //
-            // * path
-            //   specified:
-            //     cookie is sent to the request path which prefix matches the path value.
-            //
-            //   Not specified:
-            //     defaultPath is assigned as the path value. defaultPath is  directory portion of request-uri.
-            //     ex1. uri=http://test.com/shared/lib/index.php
-            //          defaultPath = /shared/lib
-            //     ex2. uri=http://test.com/index.php
-            //          defaultPath = /
-            //     ex3. uri=http://test.com/
-            //          defaultPath = /
-            //
-            //
-            for (HttpCookie hc : parsedcookies) {
-                String pathProp = hc.getPath();
-                if (pathProp == null || pathProp.isEmpty()) {
-                    hc.setPath(defaultPath);
+            if (uri != null) {
+                String defaultPath = extractDefaultPath(path);
+                originalURIs.add(uri);
+                //
+                // Description of Cookie Attributes
+                //
+                // * domain
+                //   specified:
+                //     cookie is sent specified domain or subdomain of it.
+                //     the domain attribute must be a domain containing the
+                //     current host name, so, only same as host or subdomain can be specified.
+                //     (ex: hostname example.com  domain=example.com or domain=www.example.com)
+                //   Not specified:
+                //     If domain attribute is not specified, the cookie is sent only to the host that sent Set-Cookie.
+                //
+                // * path
+                //   specified:
+                //     cookie is sent to the request path which prefix matches the path value.
+                //
+                //   Not specified:
+                //     defaultPath is assigned as the path value. defaultPath is  directory portion of request-uri.
+                //     ex1. uri=http://test.com/shared/lib/index.php
+                //          defaultPath = /shared/lib
+                //     ex2. uri=http://test.com/index.php
+                //          defaultPath = /
+                //     ex3. uri=http://test.com/
+                //          defaultPath = /
+                //
+                //
+                for (HttpCookie hc : parsedcookies) {
+                    String pathProp = hc.getPath();
+                    if (pathProp == null || pathProp.isEmpty()) {
+                        hc.setPath(defaultPath);
+                    }
+                    cookiestore.add(uri, hc);
                 }
-                cookiestore.add(uri, hc);
+                return parsedcookies;
             }
-            return parsedcookies;
         }
         return null;
     }

addOns/automacrobuilder/src/main/java/org/zaproxy/zap/extension/automacrobuilder/zap/ExtensionAutoMacroBuilder.java

@@ -72,8 +72,7 @@ public class ExtensionAutoMacroBuilder extends ExtensionAdaptor {
             DisplayUtils.getScaledIcon(
                     new ImageIcon(MyWorkPanel.class.getResource(ZAP_ICONS + "/A.png")));
 
-    // private static final ImageIcon ICON =
-    //        new ImageIcon(ExtensionAutoMacroBuilder.class.getResource(RESOURCES + "/cake.png"));
+
 
     // private static final String EXAMPLE_FILE = "example/ExampleFile.txt";
 

addOns/automacrobuilder/src/main/javahelp/help/contents/help.html

@@ -13,8 +13,11 @@ <H2>About</H2>
 <p>
 
 <H2>Descriptions</H2>
+
 <UL>
+    <B>The below links go to the page under  https://github.com/gdgd009xcd/AutoMacroBuilderForZAP/wiki/</B><P></P>
 <LI><A HREF="https://github.com/gdgd009xcd/AutoMacroBuilderForZAP/wiki/1.0.-OverView">OverView</A>
 <LI><A HREF="https://github.com/gdgd009xcd/AutoMacroBuilderForZAP/wiki/1.2.-Basic-Usage">Basic Usage</A>
+</UL>
 </BODY>
 </HTML>

addOns/automacrobuilder/src/main/javahelp/help/index.xml

@@ -5,5 +5,5 @@
 
 <index version="2.0">
     <!-- index entries are merged (sorted) into core index -->
-	<indexitem text="automacrobuilder" target="automacrobuilder" />
+	<indexitem text="automacrobuilder" target="addon.automacrobuilder" />
 </index>

addOns/automacrobuilder/src/main/javahelp/help/map.jhm

@@ -4,5 +4,5 @@
          "http://java.sun.com/products/javahelp/map_1_0.dtd">
 
 <map version="1.0">
-    <mapID target="automacrobuilder" url="contents/help.html" />
+    <mapID target="addon.automacrobuilder" url="contents/help.html" />
 </map>

addOns/automacrobuilder/src/main/javahelp/help/toc.xml

@@ -6,7 +6,7 @@
 <toc version="2.0">
 	<tocitem text="ZAP User Guide" tocid="toplevelitem">
 		<tocitem text="Add Ons" tocid="addons">
-			<tocitem text="AutoMacroBuilderForZAP" target="automacrobuilder"/>
+			<tocitem text="AutoMacroBuilderForZAP" target="addon.automacrobuilder"/>
 		</tocitem>
 	</tocitem>
 </toc>

addOns/automacrobuilder/src/main/resources/burp/Bundle.properties

@@ -28,7 +28,7 @@ MacroBuilderUI.MBtoStepNo.text=Track Parameter Set To Specific Request
 MacroBuilderUI.SAVE.text=Save
 MacroBuilderUI.LOAD.text=Load
 MacroBuilderUI.FINAL\ RESPONSE.text=Final Response
-MacroBuilderUI.MacroRequestListLabel2.text=Macro Requst List
+MacroBuilderUI.MacroRequestListLabelTitle.text=Macro Requst List
 MacroBuilderUI.TakeOverCacheCheckBox.text=At the start to execute, use Cookies/Tracking Params from cache
 MacroBuilderUI.TakeOverInfoLabel.text=<HTML>&sect;&nbsp;If the Session Cookie/Tracking Param(e.g. CSRF token) value has expired<BR>\n&emsp;&emsp; due to a timeout or other reason and the request results in an error,<BR>\n&emsp;&emsp; try clearing this check box.</HTML>
 MacroBuilderUI.ClearMacroBtn.text=Clear
@@ -47,13 +47,13 @@ MacroBuilderUI.INTRUDER.text=Intruder
 MacroBuilderUI.SCANNER.text=Scanner
 MacroBuilderUI.REPEATER.text=Repeater
 MacroBuilderUI.MBmonitorofprocessing.text=Monitor when Processing Burp Tools.
-MacroBuilderUI.baselinemode.text=https://github.com/gdgd009xcd/AutoMacroBuilder/wiki/1.4.baseline-replace-mode
 MacroBuilderUI.TrackingParamterConfig.text=<HTML>&middot; baseline(experimental):<BR>&emsp;you can test(tamper) tracking tokens with scanner/intruder which has baseline request.<BR><BR>\n&middot; replace(default):<BR>&emsp;Tracking tokens is completely replaced with extracted value from previous page's response.\n<BR><BR>* For Details , refer [?] button in the "baseline/replace mode" section.</HTML>
 MacroBuilderUI.TakeOverCache.text=Initialize Cookie / Tracking Parameter value from cache at start
 MacroBuilderUI.TrackingParamBorder.text=Tracking Parameter(e.g. CSRF token)
 MacroBuilderUI.restore.text=Restore
 MacroBuilderUI.update.text=Update
-MacroBuilderUI.describeMessageView=<HTML>this area's component(messageView) was moved to "The information window"<BR>which attached such as  history tab.<BR>You can display from menu:View->Show Tab->messageView Tab<BR>or select popup menu "messageView" in above MacroRequestList area.</HTML>
+MacroBuilderUI.describeMessageView.text=<HTML>this area's component(messageView) was moved to "The information window"<BR>which attached such as  history tab.<BR>You can display from menu:View->Show Tab->messageView Tab<BR>or select popup menu "messageView" in above MacroRequestList area.</HTML>
+MacroBuilderUI.burpTrackingParameterPanelDisabledLabel.text=<HTML>This area's component(Tracking Parameter) is disabled because this addon doesn't require it.</HTML>
 ParmGenAddParms.DialogTitle.text=Select Request parameter
 ParmGenAddParms.HowToRestoreTargetPathRegexInfoTitleLabel1.text=Target Path(Regex)\uFF1A\u3000To restore the default, select with the pull down below
 ParmGenAddParms.CancelBtn.text=Cancel

addOns/automacrobuilder/src/main/resources/burp/Bundle_ja_JP.properties

@@ -28,7 +28,7 @@ MacroBuilderUI.MBtoStepNo.text=\u8FFD\u8DE1\u30D1\u30E9\u30E1\u30FC\u30BF\u5024\
 MacroBuilderUI.SAVE.text=Save
 MacroBuilderUI.LOAD.text=Load
 MacroBuilderUI.FINAL\ RESPONSE.text=final response
-MacroBuilderUI.MacroRequestListLabel2.text=\u30DE\u30AF\u30ED\u30EA\u30AF\u30A8\u30B9\u30C8\u4E00\u89A7
+MacroBuilderUI.MacroRequestListLabelTitle.text=\u30DE\u30AF\u30ED\u30EA\u30AF\u30A8\u30B9\u30C8\u4E00\u89A7
 MacroBuilderUI.TakeOverCacheCheckBox.text=\u30DE\u30AF\u30ED\u5B9F\u884C\u958B\u59CB\u6642\u3001\u8FFD\u8DE1\u30D1\u30E9\u30E1\u30FC\u30BF/Cookie\u5024\u3092\u30AD\u30E3\u30C3\u30B7\u30E5\u304B\u3089\u5F15\u304D\u7D99\u304E\u307E\u3059\u3002
 MacroBuilderUI.TakeOverInfoLabel.text=<HTML>\u203B\u30BF\u30A4\u30E0\u30A2\u30A6\u30C8\u3057\u7121\u52B9\u3068\u306A\u3063\u305F\u30BB\u30C3\u30B7\u30E7\u30F3Cookie\u5024\u306A\u3069\u3092\u30AD\u30E3\u30C3\u30B7\u30E5\u304B\u3089\u5F15\u304D\u7D99\u3044\u3067\u3057\u307E\u3044\u3001<BR>&emsp;\u30EA\u30AF\u30A8\u30B9\u30C8\u304C\u30A8\u30E9\u30FC\u3068\u306A\u308B\u5834\u5408\u306F\u30C1\u30A7\u30C3\u30AF\u3092\u306F\u305A\u3057\u3066\u307F\u3066\u304F\u3060\u3055\u3044\u3002</HTML>
 MacroBuilderUI.ClearMacroBtn.text=\u30AF\u30EA\u30A2
@@ -44,14 +44,13 @@ MacroBuilderUI.INTRUDER.text=Intruder
 MacroBuilderUI.SCANNER.text=Scanner
 MacroBuilderUI.REPEATER.text=Repeater
 MacroBuilderUI.MBmonitorofprocessing.text=\u5B9F\u884C\u4E2D\u306E\u30EA\u30AF\u30A8\u30B9\u30C8\u30EC\u30B9\u30DD\u30F3\u30B9\u8868\u793A\uFF08\u51E6\u7406\u304C\u9045\u304F\u306A\u308B\uFF09
-MacroBuilderUI.baselinemode.text=https://github.com/gdgd009xcd/AutoMacroBuilder/wiki/2.4.baseline-replace%E3%83%A2%E3%83%BC%E3%83%89
 MacroBuilderUI.TakeOverCache.text=\u958B\u59CB\u6642\u306B\u30AD\u30E3\u30C3\u30B7\u30E5\u304B\u3089Cookie/\u8FFD\u8DE1\u30D1\u30E9\u30E1\u30FC\u30BF(e.g. CSRF token)\u5024\u3092\u5F15\u304D\u7D99\u3050
 MacroBuilderUI.TrackingParamBorder.text=\u8FFD\u8DE1\u30D1\u30E9\u30E1\u30FC\u30BF(e.g. CSRF token)
 MacroBuilderUI.restore.text=\u5143\u306B\u623B\u3059
 MacroBuilderUI.update.text=\u66F4\u65B0
 MacroBuilderUI.ParamTrackingBtn.text=\u8FFD\u8DE1
 MacroBuilderUI.messageViewToAddTrackingTabToolTop.text=\u30D1\u30E9\u30E1\u30FC\u30BF\u8FFD\u8DE1\u306E\u7D50\u679C\u3092\u8868\u793A
-MacroBuilderUI.describeMessageView=<HTML>\u3053\u3053\u306B\u8868\u793A\u3057\u3066\u3044\u305F\u30B3\u30F3\u30DD\u30FC\u30CD\u30F3\u30C8\uFF08messageView\uFF09\u306F\u3001<BR>\u5C65\u6B74\u30BF\u30D6\u304C\u8868\u793A\u3055\u308C\u308B\u30A8\u30EA\u30A2\u306B\u79FB\u52D5\u3057\u307E\u3057\u305F\u3002<BR>\u30E1\u30CB\u30E5\u30FC\u304B\u3089\u8868\u793A->\u8868\u793A\u30BF\u30D6->messageView \u30BF\u30D6<BR>\u307E\u305F\u306F\u4E0A\u90E8\u306E\u30DE\u30AF\u30ED\u30EA\u30AF\u30A8\u30B9\u30C8\u4E00\u89A7\u3067\u30DD\u30C3\u30D7\u30A2\u30C3\u30D7\u30E1\u30CB\u30E5\u30FC\u304B\u3089messageView\u3092\u9078\u629E</HTML>
+MacroBuilderUI.describeMessageView.text=<HTML>\u3053\u3053\u306B\u8868\u793A\u3057\u3066\u3044\u305F\u30B3\u30F3\u30DD\u30FC\u30CD\u30F3\u30C8\uFF08messageView\uFF09\u306F\u3001<BR>\u5C65\u6B74\u30BF\u30D6\u304C\u8868\u793A\u3055\u308C\u308B\u30A8\u30EA\u30A2\u306B\u79FB\u52D5\u3057\u307E\u3057\u305F\u3002<BR>\u30E1\u30CB\u30E5\u30FC\u304B\u3089\u8868\u793A->\u8868\u793A\u30BF\u30D6->messageView \u30BF\u30D6<BR>\u307E\u305F\u306F\u4E0A\u90E8\u306E\u30DE\u30AF\u30ED\u30EA\u30AF\u30A8\u30B9\u30C8\u4E00\u89A7\u3067\u30DD\u30C3\u30D7\u30A2\u30C3\u30D7\u30E1\u30CB\u30E5\u30FC\u304B\u3089messageView\u3092\u9078\u629E</HTML>
 MacroBuilderUI.showMessageView.text=\u30E1\u30C3\u30BB\u30FC\u30B8\u8868\u793A
 ParmGenAddParms.DialogTitle.text=parameter\u9078\u629E\u753B\u9762
 ParmGenAddParms.HowToRestoreTargetPathRegexInfoTitleLabel1.text=\u7F6E\u63DB\u5BFE\u8C61\u30D1\u30B9(Regex)\uFF1A\u3000\u65E2\u8A2D\u5B9A\u5024\u306B\u623B\u3059\u5834\u5408\u306F\u3001\u4E0B\u8A18\u306E\u30D7\u30EB\u30C0\u30A6\u30F3\u3067\u9078\u629E