MIME type作为路径黑名单

pom.xml

@@ -171,6 +171,13 @@
 			<version>3.4.0</version>
 		</dependency>
 
+		<!-- https://mvnrepository.com/artifact/org.apache.tika/tika-core -->
+		<!--用于获取MIME类型的完整列表-->
+		<dependency>
+		    <groupId>org.apache.tika</groupId>
+		    <artifactId>tika-core</artifactId>
+		    <version>3.0.0-BETA</version>
+		</dependency>
 
 	</dependencies>
 

src/base/FindUrlAction.java

@@ -28,6 +28,8 @@
 import burp.IHttpRequestResponse;
 import burp.IHttpService;
 import burp.threadRequester;
+import org.apache.tika.mime.MediaType;
+import org.apache.tika.mime.MimeTypes;
 
 public class FindUrlAction implements ActionListener {
 	private IContextMenuInvocation invocation;
@@ -48,26 +50,7 @@ public class FindUrlAction implements ActionListener {
 			+ "sheetjs.openxmlformats.org\r\n"
 			+ "www.w3.org");
 
-	public static final List<String> blackPath = TextUtils.textToLines("application/json\r\n"
-			+ "application/octet-stream\r\n"
-			+ "application/pdf\r\n"
-			+ "application/vnd.\r\n"
-			+ "application/x-mso\r\n"
-			+ "application/x-www-form-urlencoded\r\n"
-			+ "application/xml\r\n"
-			+ "application/zip\r\n"
-			+ "image/bmp\r\n"
-			+ "image/gif\r\n"
-			+ "image/jpeg\r\n"
-			+ "image/pdf\r\n"
-			+ "image/png\r\n"
-			+ "image/tiff\r\n"
-			+ "image/x-\r\n"
-			+ "text/css\r\n"
-			+ "text/html\r\n"
-			+ "text/javascript\r\n"
-			+ "text/plain");
-
+	public static final List<String> blackPath = MimeTypesList.genMIMETypeListAsPathBlackList();
 
 	public static Proxy CurrentProxy;
 	public static HashMap<String, String> httpServiceBaseUrlMap = new HashMap<>();

src/base/MimeTypesList.java

@@ -0,0 +1,63 @@
+package base;
+
+import java.io.File;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.commons.io.FileUtils;
+import org.apache.tika.mime.MediaType;
+import org.apache.tika.mime.MimeTypes;
+
+public class MimeTypesList {
+	 public static void main(String[] args) {
+		 genMIMETypeListAsPathBlackList();
+	 }
+
+	/**
+	 * 生成用于作为路径黑名单的MIME列表
+	 * @param args
+	 */
+    public static List<String> genMIMETypeListAsPathBlackList() {
+    	List<String> result = new ArrayList<>();
+
+        // 获取默认的 MimeTypes 实例
+        MimeTypes allTypes = MimeTypes.getDefaultMimeTypes();
+
+        // 获取所有已注册的 MIME 类型
+        for (MediaType type : allTypes.getMediaTypeRegistry().getTypes()) {
+        	String typeStr = type.getType().toString();
+        	//"text" for "text/plain"
+        	String subTypeStr = type.getSubtype().toString();
+        	//"plain" for "text/plain"
+        	if (subTypeStr.contains(";")) {
+        		subTypeStr = subTypeStr.substring(0,subTypeStr.indexOf(";")+1);
+        	}
+        	if (subTypeStr.contains("-")) {
+        		subTypeStr = subTypeStr.substring(0,subTypeStr.indexOf("-")+1);
+        	}
+        	if (subTypeStr.contains(".")) {
+        		subTypeStr = subTypeStr.substring(0,subTypeStr.indexOf(".")+1);
+        	}
+        	if (subTypeStr.contains("+")) {
+        		subTypeStr = subTypeStr.substring(0,subTypeStr.indexOf("+")+1);
+        	}
+
+            String item  =typeStr+"/"+subTypeStr;
+            System.out.println(item);
+
+            if (!result.contains(item)) {
+            	result.add(item);
+            }
+        }
+
+//        try {
+//			FileUtils.writeLines(new File("blackPath.txt"), result);
+//		} catch (IOException e) {
+//			// TODO Auto-generated catch block
+//			e.printStackTrace();
+//		}
+
+        return result;
+    }
+}