{
  "description": "This workflow monitors a certain session cookie as it passes through HTTP History and updates an environment variable to reflect its value. Update \"cookieName\" in the JS node & the HTTPQL statement for your use case.",
  "edition": 2,
  "graph": {
    "edges": [
      {
        "source": {
          "exec_alias": "exec",
          "node_id": 2
        },
        "target": {
          "exec_alias": "exec",
          "node_id": 1
        }
      },
      {
        "source": {
          "exec_alias": "exec",
          "node_id": 0
        },
        "target": {
          "exec_alias": "exec",
          "node_id": 3
        }
      },
      {
        "source": {
          "exec_alias": "true",
          "node_id": 3
        },
        "target": {
          "exec_alias": "exec",
          "node_id": 2
        }
      }
    ],
    "nodes": [
      {
        "alias": "on_intercept_request",
        "definition_id": "caido/on-intercept-request",
        "display": {
          "x": -20,
          "y": 0
        },
        "id": 0,
        "inputs": [],
        "name": "On intercept request",
        "version": "0.1.0"
      },
      {
        "alias": "passive_end",
        "definition_id": "caido/passive-end",
        "display": {
          "x": -20,
          "y": 300
        },
        "id": 1,
        "inputs": [],
        "name": "Passive End",
        "version": "0.1.0"
      },
      {
        "alias": "javascript",
        "definition_id": "caido/http-code-js",
        "display": {
          "x": -20,
          "y": 210
        },
        "id": 2,
        "inputs": [
          {
            "alias": "request",
            "value": {
              "data": "$on_intercept_request.request",
              "kind": "ref"
            }
          },
          {
            "alias": "code",
            "value": {
              "data": "export async function run(input, sdk) {\n    const cookieName = \"sessionID\"; // The name of the cookie you want to extract\n  \n    const cookieHeaders = input.request.getHeader('Cookie');\n    if (!cookieHeaders || cookieHeaders.length === 0) return;\n    \n    const cookieString = cookieHeaders.join('; ');\n    // Use a template literal to dynamically create the regex for matching the cookieName\n    const sessionIdMatch = cookieString.match(new RegExp(`(?:^|;)\\\\s*${cookieName}=([^;]+)`));\n    \n    if (sessionIdMatch && sessionIdMatch[1]) {\n        try {\n            await sdk.env.setVar({\n                // Use cookieName here as well if you want the environment variable name to match the cookie name\n                name: cookieName,\n                value: sessionIdMatch[1],\n                secret: true,\n                global: true\n            });\n            sdk.console.log(`Updated '${cookieName}' env var.`);\n        } catch (error) {\n            sdk.console.error(`Failed to set '${cookieName}': ${error.message}`);\n        }\n    }\n    return \"success\";\n} ",
              "kind": "string"
            }
          }
        ],
        "name": "Javascript",
        "version": "0.1.0"
      },
      {
        "alias": "matches_httpql",
        "definition_id": "caido/httpql-matches",
        "display": {
          "x": -20,
          "y": 100
        },
        "id": 3,
        "inputs": [
          {
            "alias": "request",
            "value": {
              "data": "$on_intercept_request.request",
              "kind": "ref"
            }
          },
          {
            "alias": "query",
            "value": {
              "data": "req.host.cont:\"caido.rhynorater.com\"",
              "kind": "string"
            }
          }
        ],
        "name": "Scope Definition",
        "version": "0.2.0"
      }
    ]
  },
  "id": "52ead079-a54a-4da8-a1c6-9c73ddac93f8",
  "kind": "passive",
  "name": "MonitorSessionCookie"
}