CORS扫描工具

参数链接：
https://github.com/chenjj/CORScanner

未发现Cors风险

已发现Cors风险

py2遇到的坑：

1. 提示https ssl告警
   /usr/local/lib/python2.7/site-packages/requests/packages/urllib3/connectionpool.py:791: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html
   InsecureRequestWarning)

   vim common/corscheck.py
   加入 requests.packages.urllib3.disable_warnings() 可关闭ssl证书告警提示
   原因：urllib3.disable_warnings没有起到作用

2. 使用pip安装future报超时
   ReadTimeoutError: HTTPSConnectionPool(host='files.pythonhosted.org', port=443): Read timed out.

   修改超时限制
   pip install future --default-timeout=1000

3. 安装最新pip 19.3.1后执行pip install报错
   Traceback (most recent call last):
   File "/usr/bin/pip", line 7, in
   from pip import main
   ImportError: cannot import name main

   修改如下：
   vim /usr/bin/pip

   from pip import main
   from pip._internal import main

   sys.exit(main._main())

4. 更新pip一直提示超时
   方法一：
   官网pip最新下载链接：https://pypi.org/project/pip/#history

   方法二：换源，如下
   pip install -i https://pypi.doubanio.com/simple/ 包名