From d83acef428e29dfb36e5ab67138dc6f5ed9f6902 Mon Sep 17 00:00:00 2001
From: arnydo <arnydo@gmail.com>
Date: Tue, 11 Dec 2018 15:13:24 -0500
Subject: [PATCH] Change headers to dict and update long template

---
 analyzers/EmlParser/parse.py              |   2 +-
 thehive-templates/EmlParser_1_1/long.html | 176 ++++++++++++----------
 2 files changed, 94 insertions(+), 84 deletions(-)

diff --git a/analyzers/EmlParser/parse.py b/analyzers/EmlParser/parse.py
index abc5879ba..ce4f1e0c0 100755
--- a/analyzers/EmlParser/parse.py
+++ b/analyzers/EmlParser/parse.py
@@ -67,7 +67,7 @@ def parseEml(filepath):
     #cause eml_parser does not provide raw headers (as far as I know)
     hParser = email.parser.HeaderParser()
     h = hParser.parsestr(raw_eml)
-    result['headers'] = (str(h).split('\n\n')[0])
+    result['headers'] = dict(h)
 
     parsed_eml = eml_parser.eml_parser.decode_email(filepath, include_raw_body=True, include_attachment_data=True)
     #parsed_eml['header'].keys() gives:
diff --git a/thehive-templates/EmlParser_1_1/long.html b/thehive-templates/EmlParser_1_1/long.html
index a1fe34110..afc431a20 100644
--- a/thehive-templates/EmlParser_1_1/long.html
+++ b/thehive-templates/EmlParser_1_1/long.html
@@ -1,86 +1,96 @@
 <div class="panel panel-danger" ng-if="!success">
-    <div class="panel-heading">
-        <strong>{{(artifact.data || artifact.attachment.name) | fang}}</strong>
+        <div class="panel-heading">
+            <strong>{{(artifact.data || artifact.attachment.name) | fang}}</strong>
+        </div>
+        <div class="panel-body">
+            {{content.errorMessage}}
+        </div>
     </div>
-    <div class="panel-body">
-        {{content.errorMessage}}
+    
+    
+    <div class="panel panel-info" ng-if="success">
+        <div class="panel-heading">
+            Email message details
+        </div>
+        <div class="panel-body">
+            <div ng-show="content.traits.is_anonymous_proxy" class="alert alert-warning">Is anonymous proxy</div>
+            <div ng-show="content.traits.is_satellite_provider" class="alert alert-warning">Is satellite provider</div>
+        
+            <dl class="dl-horizontal">
+                <dt>From</dt>
+                <dd>{{content.displayFrom}} ({{content.sender}})</dd>
+            </dl>
+            <dl class="dl-horizontal">
+                <dt>To</dt>
+                <dd>{{content.displayTo}} ({{content.receivers}})</dd>
+            </dl>
+            <dl class="dl-horizontal">
+                <dt>Subject</dt>
+                <dd>{{content.subject || '-'}}</dd>
+            </dl>
+            <dl class="dl-horizontal">
+                <dt>Topic</dt>
+                <dd>{{content.topic || '-'}}</dd>
+            </dl>
+            <dl class="dl-horizontal">
+                <dt>Bcc</dt>
+                <dd>{{content.bcc || '-'}}</dd>
+            </dl>
+            <dl class="dl-horizontal" ng-if="content.attachments && content.attachments.length !== 0">
+                <dt>Attachments</dt>
+                <dd>
+                    <div class="bm10">This message file includes
+                        <ng-pluralize count="content.attachments.length" when="{'1': '1 attachment', 'other': '{} attachments'}"></ng-pluralize>
+                    </div>
+                    <table class="table table-striped table-bordered">
+                        <thead>
+                            <tr>
+                                <th class="col-md-2" >Filename</th>
+                                <th >File information</th>
+    
+                            </tr>
+                        </thead>
+                        <tbody ng-repeat="a in content.attachments">
+                            <tr>
+                                <td rowspan=4>{{a.filename}}</td>
+                                <td>[MD5]: {{a.md5}}</td>
+                            </tr>
+                            <tr>
+                                <td>[SHA1]: {{a.sha1}}</td>
+                            </tr>
+                            <tr>
+                                <td>[SHA256]: {{a.sha256}}</td>
+                            </tr>
+                            <tr>
+                                <td>
+                                    {{a.mime}}
+                                </td>
+                            </tr>
+                        </tbody>
+                    </table>
+                </dd>
+            </dl>
+            <dl class="dl-horizontal">
+                <dt>Headers</dt>
+                <dd>
+                    <table class="table table-striped table-bordered">
+                            <tr>
+                                <th class="col-md-2">Header</th>
+                                <th>Content</th>
+                            </tr>
+                            <tr ng-repeat="(k, v) in content.headers">
+                                <td>{{k}}</td>
+                                <td>{{v}}</td>
+                            </tr>
+                    </table>
+                </dd>
+            </dl>
+            <dl class="dl-horizontal">
+                <dt>Body</dt>
+                <dd>
+                    <pre>{{content.body}}</pre>
+                </dd>
+            </dl>
+        </div>
     </div>
-</div>
-
-
-<div class="panel panel-info" ng-if="success">
-    <div class="panel-heading">
-        Email message details
-    </div>
-    <div class="panel-body">
-        <div ng-show="content.traits.is_anonymous_proxy" class="alert alert-warning">Is anonymous proxy</div>
-        <div ng-show="content.traits.is_satellite_provider" class="alert alert-warning">Is satellite provider</div>
-
-        <dl class="dl-horizontal">
-            <dt>From</dt>
-            <dd>{{content.displayFrom}} ({{content.sender}})</dd>
-        </dl>
-        <dl class="dl-horizontal">
-            <dt>To</dt>
-            <dd>{{content.displayTo}} ({{content.receivers}})</dd>
-        </dl>
-        <dl class="dl-horizontal">
-            <dt>Subject</dt>
-            <dd>{{content.subject || '-'}}</dd>
-        </dl>
-        <dl class="dl-horizontal">
-            <dt>Topic</dt>
-            <dd>{{content.topic || '-'}}</dd>
-        </dl>
-        <dl class="dl-horizontal">
-            <dt>Bcc</dt>
-            <dd>{{content.bcc || '-'}}</dd>
-        </dl>
-        <dl class="dl-horizontal" ng-if="content.attachments && content.attachments.length !== 0">
-            <dt>Attachments</dt>
-            <dd>
-                <div class="bm10">This message file includes
-                    <ng-pluralize count="content.attachments.length" when="{'1': '1 attachment', 'other': '{} attachments'}"></ng-pluralize>
-                </div>
-                <table class="table table-striped table-bordered">
-                    <thead>
-                        <tr>
-                            <th class="col-md-2" >Filename</th>
-                            <th >File information</th>
-
-                        </tr>
-                    </thead>
-                    <tbody ng-repeat="a in content.attachments">
-                        <tr>
-                            <td rowspan=4>{{a.filename}}</td>
-                            <td>[MD5]: {{a.md5}}</td>
-                        </tr>
-                        <tr>
-                            <td>[SHA1]: {{a.sha1}}</td>
-                        </tr>
-                        <tr>
-                            <td>[SHA256]: {{a.sha256}}</td>
-                        </tr>
-                        <tr>
-                            <td>
-                                {{a.mime}}
-                            </td>
-                        </tr>
-                    </tbody>
-                </table>
-            </dd>
-        </dl>
-        <dl class="dl-horizontal">
-            <dt>Headers</dt>
-            <dd>
-                <pre>{{content.headers}}</pre>
-            </dd>
-        </dl>
-        <dl class="dl-horizontal">
-            <dt>Body</dt>
-            <dd>
-                <pre>{{content.body}}</pre>
-            </dd>
-        </dl>
-    </div>
-</div>
+