stdin support, include url path, better error handling

README.md

@@ -39,6 +39,9 @@ Using Corsy is pretty simple
 ##### Scan URLs from a file
 `python3 corsy.py -i /path/urls.txt`
 
+##### Scan URLs from stdin
+`cat urls.txt | python3 corsy.py`
+
 ##### Number of threads
 `python3 corsy.py -u https://example.com -t 20`
 

core/requester.py

@@ -1,12 +1,21 @@
 import urllib3
 import requests
+from core.colors import bad
 
 urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
 
+# Added better error handling.
+# Added verbose options.
 
 def requester(url, scheme, headers, origin):
     headers['Origin'] = scheme + origin
-    response = requests.get(url, headers=headers, verify=False).headers
+    try:
-    for key, value in response.items():
+        response = requests.get(url, headers=headers, verify=False).headers
-        if key.lower() == 'access-control-allow-origin':
+        for key, value in response.items():
-            return response
+            if key.lower() == 'access-control-allow-origin':
+                return response
+    except requests.exceptions.RequestException as e:
+        if 'Failed to establish a new connection' in str(e):
+            print ('%s %s is unreachable' % (bad, url))
+        elif 'requests.exceptions.TooManyRedirects:' in str(e):
+        	print ('%s %s has too many redirects' % (bad, url))

core/utils.py

@@ -2,6 +2,7 @@ import os
 import re
 import json
 import tempfile
+import re
 
 from urllib.parse import urlparse
 
@@ -35,6 +36,15 @@ def create_url_list(target_url, inp_file):
         urls.append(target_url)
     return urls
 
+def create_stdin_list(target_url, inp_file):
+    urls = []
+    if inp_file:
+        for line in inp_file.readlines():
+            if line.startswith(('http://', 'https://')):
+                urls.append(line.rstrip('\n'))
+    if target_url and target_url.startswith(('http://', 'https://')):
+        urls.append(target_url)
+    return urls
 
 def prompt(default=None):
     editor = 'nano'

corsy.py

@@ -7,7 +7,7 @@ import argparse
 from requests.exceptions import ConnectionError
 
 from core.tests import active_tests
-from core.utils import host, prompt, format_result, extractHeaders, create_url_list
+from core.utils import host, prompt, format_result, extractHeaders, create_url_list, create_stdin_list
 from core.colors import bad, end, red, run, good, grey, green, white, yellow
 
 
@@ -55,7 +55,13 @@ else:
         'Connection': 'close',
     }
 
-urls = create_url_list(target, inp_file)
+
+# PIPE output from other tools such as httprobe etc
+if sys.stdin.isatty():
+    urls = create_url_list(target, inp_file)
+else:
+    urls = create_stdin_list(target, sys.stdin)
+
 
 def cors(target, header_dict, delay):
     url = target
@@ -63,12 +69,11 @@ def cors(target, header_dict, delay):
     parsed = urlparse(url)
     netloc = parsed.netloc
     scheme = parsed.scheme
-    url = scheme + '://' + netloc
+    url = scheme + '://' + netloc + parsed.path
     try:
         return active_tests(url, root, scheme, header_dict, delay)
     except ConnectionError as exc:
-        print(f'[WARNING] Unable to connect to {target}: {exc}')
+        print('%s Unable to connect to %s' % (bad, root))
-
 
 if urls:
     if len(urls) > 1: