Merge remote-tracking branch 'upstream/master'

2025-07-17 18:17:43 +00:00 · 2013-11-19 17:47:29 -05:00 · 2013-11-19 17:47:29 -05:00 · de9a676a64
commit de9a676a64
parent fc85137165 189192e2e9
17 changed files with 2342 additions and 2342 deletions
--- a/Core/src/org/sleuthkit/autopsy/casemodule/NewCaseVisualPanel1.form
+++ b/Core/src/org/sleuthkit/autopsy/casemodule/NewCaseVisualPanel1.form
@ -30,7 +30,7 @@
                          </Group>
                          <Group type="102" alignment="0" attributes="0">
                              <Component id="caseNameLabel" min="-2" max="-2" attributes="0"/>
-                              <EmptySpace min="-2" pref="26" max="-2" attributes="0"/>
+                              <EmptySpace max="32767" attributes="0"/>
                              <Component id="caseNameTextField" min="-2" pref="296" max="-2" attributes="0"/>
                          </Group>
                          <Component id="caseDirTextField" alignment="0" min="-2" pref="380" max="-2" attributes="1"/>
@ -51,7 +51,7 @@
              <EmptySpace type="separate" max="-2" attributes="0"/>
              <Group type="103" groupAlignment="3" attributes="0">
                  <Component id="caseNameLabel" alignment="3" min="-2" max="-2" attributes="0"/>
-                  <Component id="caseNameTextField" alignment="3" min="-2" pref="20" max="-2" attributes="0"/>
+                  <Component id="caseNameTextField" alignment="3" min="-2" max="-2" attributes="0"/>
              </Group>
              <EmptySpace type="unrelated" max="-2" attributes="0"/>
              <Group type="103" groupAlignment="3" attributes="0">
--- a/Core/src/org/sleuthkit/autopsy/casemodule/NewCaseVisualPanel1.java
+++ b/Core/src/org/sleuthkit/autopsy/casemodule/NewCaseVisualPanel1.java
@ -93,7 +93,7 @@ final class NewCaseVisualPanel1 extends JPanel implements DocumentListener{
        jLabel2 = new javax.swing.JLabel();
        caseDirTextField = new javax.swing.JTextField();
-        jLabel1.setFont(new java.awt.Font("Tahoma", 1, 14));
+        jLabel1.setFont(new java.awt.Font("Tahoma", 1, 14)); // NOI18N
        org.openide.awt.Mnemonics.setLocalizedText(jLabel1, org.openide.util.NbBundle.getMessage(NewCaseVisualPanel1.class, "NewCaseVisualPanel1.jLabel1.text_1")); // NOI18N
        org.openide.awt.Mnemonics.setLocalizedText(caseNameLabel, org.openide.util.NbBundle.getMessage(NewCaseVisualPanel1.class, "NewCaseVisualPanel1.caseNameLabel.text_1")); // NOI18N
@ -133,7 +133,7 @@ final class NewCaseVisualPanel1 extends JPanel implements DocumentListener{
                                .addComponent(caseParentDirTextField, javax.swing.GroupLayout.PREFERRED_SIZE, 296, javax.swing.GroupLayout.PREFERRED_SIZE))
                            .addGroup(javax.swing.GroupLayout.Alignment.LEADING, layout.createSequentialGroup()
                                .addComponent(caseNameLabel)
-                                .addGap(26, 26, 26)
+                                .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)
                                .addComponent(caseNameTextField, javax.swing.GroupLayout.PREFERRED_SIZE, 296, javax.swing.GroupLayout.PREFERRED_SIZE))
                            .addComponent(caseDirTextField, javax.swing.GroupLayout.Alignment.LEADING, javax.swing.GroupLayout.PREFERRED_SIZE, 380, javax.swing.GroupLayout.PREFERRED_SIZE))
                        .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED)
@ -148,7 +148,7 @@ final class NewCaseVisualPanel1 extends JPanel implements DocumentListener{
                .addGap(18, 18, 18)
                .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE)
                    .addComponent(caseNameLabel)
-                    .addComponent(caseNameTextField, javax.swing.GroupLayout.PREFERRED_SIZE, 20, javax.swing.GroupLayout.PREFERRED_SIZE))
+                    .addComponent(caseNameTextField, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE))
                .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED)
                .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE)
                    .addComponent(caseDirLabel)
--- a/Core/src/org/sleuthkit/autopsy/corecomponents/Installer.java
+++ b/Core/src/org/sleuthkit/autopsy/corecomponents/Installer.java
@ -105,11 +105,7 @@ public class Installer extends ModuleInstall {
        }
        final String[] UI_MENU_ITEM_KEYS = new String[]{"MenuBarUI",
-                                                        "MenuUI",
+                                                        };
                                                        "MenuItemUI",
                                                        "CheckBoxMenuItemUI",
                                                        "RadioButtonMenuItemUI",
                                                        "PopupMenuUI"};
        Map<Object, Object> uiEntries = new TreeMap<Object, Object>();
--- a/Core/src/org/sleuthkit/autopsy/datamodel/BlackboardArtifactNode.java
+++ b/Core/src/org/sleuthkit/autopsy/datamodel/BlackboardArtifactNode.java
@ -19,6 +19,7 @@
 package org.sleuthkit.autopsy.datamodel;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.LinkedHashMap;
 import java.util.List;
 import java.util.Map;
@ -45,6 +46,15 @@ public class BlackboardArtifactNode extends DisplayableItemNode {
    private Content associated;
    private List<NodeProperty> customProperties;
    static final Logger logger = Logger.getLogger(BlackboardArtifactNode.class.getName());
    /**
     * Artifact types which should have the associated content's full unique path
     * as a property.
     */
    private static final Integer[] SHOW_UNIQUE_PATH = new Integer[] { 
        BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getTypeID(),
        BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getTypeID(),
        BlackboardArtifact.ARTIFACT_TYPE.TSK_TAG_FILE.getTypeID(),
    };
    /**
     * Construct blackboard artifact node from an artifact and using provided
@ -107,30 +117,38 @@ public class BlackboardArtifactNode extends DisplayableItemNode {
                    entry.getValue()));
        }
        String path = "";
        try {
            path = associated.getUniquePath();
        } catch (TskCoreException ex) {
            logger.log(Level.SEVERE, "Except while calling Content.getUniquePath() on " + associated);
        }
        final int artifactTypeID = artifact.getArtifactTypeID();
        //custom additional properties
        //TODO use addNodeProperty() instead of hardcoding here
        if (artifactTypeID == BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getTypeID()
                || artifactTypeID == BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getTypeID()) {
            ss.put(new NodeProperty("File Path",
                    "File Path",
                    NO_DESCR,
                    path));
        }
        //append custom node properties
        if (customProperties != null) {
            for (NodeProperty np : customProperties) {
                ss.put(np);
            }
        }
        final int artifactTypeId = artifact.getArtifactTypeID();
        if (Arrays.asList(SHOW_UNIQUE_PATH).contains(artifactTypeId)) {
            String sourcePath = "";
            try {
                sourcePath = associated.getUniquePath();
            } catch (TskCoreException ex) {
                logger.log(Level.WARNING, "Failed to get unique path from: " + associated.getName());
            }
            if (sourcePath.isEmpty() == false) {
                ss.put(new NodeProperty("File Path", "File Path", 
                        NO_DESCR, sourcePath));
            }
        } else {
            String dataSource = "";
            try {
                dataSource = associated.getImage().getName();
            } catch (TskCoreException ex) {
                logger.log(Level.WARNING, "Failed to get image name from " + associated.getName());
            }
            if (dataSource.isEmpty() == false) {
                ss.put(new NodeProperty("Data Source", "Data Source",
                        NO_DESCR, dataSource));
            }
        }
        return s;
--- a/Core/src/org/sleuthkit/autopsy/datamodel/Tags.java
+++ b/Core/src/org/sleuthkit/autopsy/datamodel/Tags.java
@ -417,20 +417,6 @@ public class Tags implements AutopsyVisitableItem {
                tagNode.addNodeProperty(resultTypeProp);
            }
            try {
                //add source path property
                 final AbstractFile sourceFile = skCase.getAbstractFileById(artifact.getObjectID());
                 final String sourcePath = sourceFile.getUniquePath();
                 NodeProperty sourcePathProp = new NodeProperty("Source File Path",
                        "Source File Path",
                        NO_DESCR,
                        sourcePath);
                tagNode.addNodeProperty(sourcePathProp);
            } catch (TskCoreException ex) {
                logger.log(Level.SEVERE, "Error getting a file from artifact to get source file path for a tag, ", ex);
            }
            return tagNode;
        }
--- a/Core/src/org/sleuthkit/autopsy/directorytree/NewWindowViewAction.java
+++ b/Core/src/org/sleuthkit/autopsy/directorytree/NewWindowViewAction.java
@ -22,6 +22,7 @@ package org.sleuthkit.autopsy.directorytree;
 import java.awt.event.ActionEvent;
 import java.util.logging.Level;
 import javax.swing.AbstractAction;
 import javax.swing.SwingUtilities;
 import org.openide.nodes.Node;
 import org.openide.windows.Mode;
 import org.openide.windows.WindowManager;
@ -63,12 +64,20 @@ public class NewWindowViewAction extends AbstractAction{
            }
        }
-        DataContentTopComponent dctc = DataContentTopComponent.createUndocked(name, this.contentNode);
+        final DataContentTopComponent dctc = DataContentTopComponent.createUndocked(name, null);
        Mode m = WindowManager.getDefault().findMode("outputFloat");
        m.dockInto(dctc);
        dctc.open();
        // Queue setting the node on the EDT thread to be done later so the dctc
        // can completely initialize.
        SwingUtilities.invokeLater(new Runnable() {
            @Override
            public void run() {
                dctc.setNode(contentNode);
            }
        });
    }
--- a/Core/src/org/sleuthkit/autopsy/report/ReportGenerator.java
+++ b/Core/src/org/sleuthkit/autopsy/report/ReportGenerator.java
@ -830,13 +830,13 @@ public class ReportGenerator {
        switch (type) {
            case TSK_WEB_BOOKMARK:
-                columnHeaders = new ArrayList<>(Arrays.asList(new String[] {"URL", "Title", "Date Accessed", "Program", "Source File"}));
+                columnHeaders = new ArrayList<>(Arrays.asList(new String[] {"URL", "Title", "Date Created", "Program", "Source File"}));
                break;
            case TSK_WEB_COOKIE: 
                columnHeaders = new ArrayList<>(Arrays.asList(new String[] {"URL", "Date/Time", "Name", "Value", "Program", "Source File"}));
                break;
            case TSK_WEB_HISTORY: 
-                columnHeaders = new ArrayList<>(Arrays.asList(new String[] {"URL", "Date Accessed", "Referrer", "Name", "Program", "Source File"}));
+                columnHeaders = new ArrayList<>(Arrays.asList(new String[] {"URL", "Date Accessed", "Referrer", "Title", "Program", "Source File"}));
                break;
            case TSK_WEB_DOWNLOAD: 
                columnHeaders = new ArrayList<>(Arrays.asList(new String[] {"Destination", "Source URL", "Date Accessed", "Program", "Source File"}));
@ -997,7 +997,7 @@ public class ReportGenerator {
                List<String> bookmark = new ArrayList<>();
                bookmark.add(attributes.get(ATTRIBUTE_TYPE.TSK_URL.getTypeID()));
                bookmark.add(attributes.get(ATTRIBUTE_TYPE.TSK_TITLE.getTypeID()));
-                bookmark.add(attributes.get(ATTRIBUTE_TYPE.TSK_DATETIME_ACCESSED.getTypeID()));
+                bookmark.add(attributes.get(ATTRIBUTE_TYPE.TSK_DATETIME_CREATED.getTypeID()));
                bookmark.add(attributes.get(ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID()));
                bookmark.add(getFileUniquePath(artifactData.getObjectID()));
                return bookmark;
@ -1015,7 +1015,7 @@ public class ReportGenerator {
                history.add(attributes.get(ATTRIBUTE_TYPE.TSK_URL.getTypeID()));
                history.add(attributes.get(ATTRIBUTE_TYPE.TSK_DATETIME_ACCESSED.getTypeID()));
                history.add(attributes.get(ATTRIBUTE_TYPE.TSK_REFERRER.getTypeID()));
-                history.add(attributes.get(ATTRIBUTE_TYPE.TSK_NAME.getTypeID()));
+                history.add(attributes.get(ATTRIBUTE_TYPE.TSK_TITLE.getTypeID()));
                history.add(attributes.get(ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID()));
                history.add(getFileUniquePath(artifactData.getObjectID()));
                return history;
--- a/HashDatabase/src/org/sleuthkit/autopsy/hashdatabase/HashDbIngestModule.java
+++ b/HashDatabase/src/org/sleuthkit/autopsy/hashdatabase/HashDbIngestModule.java
@ -271,7 +271,7 @@ public class HashDbIngestModule extends IngestModuleAbstractFile {
                detailsSb.append("</table>");
                services.postMessage(IngestMessage.createDataMessage(++messageId, this,
-                        "Notable: " + abstractFile.getName(),
+                        "Known Bad: " + abstractFile.getName(),
                        detailsSb.toString(),
                        abstractFile.getName() + md5Hash,
                        badFile));
@ -280,7 +280,6 @@ public class HashDbIngestModule extends IngestModuleAbstractFile {
        } catch (TskException ex) {
            logger.log(Level.WARNING, "Error creating blackboard artifact", ex);
        }
    }
    private ProcessResult processFile(AbstractFile file) {
--- a/KeywordSearch/src/org/sleuthkit/autopsy/keywordsearch/Bundle.properties
+++ b/KeywordSearch/src/org/sleuthkit/autopsy/keywordsearch/Bundle.properties
@ -1,91 +1,91 @@
-OpenIDE-Module-Display-Category=Ingest Module
+OpenIDE-Module-Display-Category=Ingest Module
-OpenIDE-Module-Long-Description=\
+OpenIDE-Module-Long-Description=\
-    Keyword Search ingest module.\n\n\
+    Keyword Search ingest module.\n\n\
-    The module indexes files found in the disk image at ingest time.  \
+    The module indexes files found in the disk image at ingest time.  \
-    It then periodically runs the search on the indexed files using one or more keyword lists (containing pure words and/or regular expressions) and posts results.\n\n\
+    It then periodically runs the search on the indexed files using one or more keyword lists (containing pure words and/or regular expressions) and posts results.\n\n\
-    The module also contains additional tools integrated in the main GUI, such as keyword list configuration, keyword seach bar in the top-right corner, extracted text viewer and search results viewer showing highlighted keywords found.
+    The module also contains additional tools integrated in the main GUI, such as keyword list configuration, keyword seach bar in the top-right corner, extracted text viewer and search results viewer showing highlighted keywords found.
-OpenIDE-Module-Name=KeywordSearch
+OpenIDE-Module-Name=KeywordSearch
-ListBundleName=Keyword Lists
+ListBundleName=Keyword Lists
-ListBundleConfig=Keyword List Configuration
+ListBundleConfig=Keyword List Configuration
-IndexProgressPanel.statusText.text=Status text
+IndexProgressPanel.statusText.text=Status text
-IndexProgressPanel.cancelButton.text=Cancel
+IndexProgressPanel.cancelButton.text=Cancel
-ExtractedContentPanel.hitLabel.text=Matches on page:
+ExtractedContentPanel.hitLabel.text=Matches on page:
-ExtractedContentPanel.hitCountLabel.text=-
+ExtractedContentPanel.hitCountLabel.text=-
-ExtractedContentPanel.hitOfLabel.text=of
+ExtractedContentPanel.hitOfLabel.text=of
-ExtractedContentPanel.hitTotalLabel.text=-
+ExtractedContentPanel.hitTotalLabel.text=-
-ExtractedContentPanel.hitButtonsLabel.text=Match
+ExtractedContentPanel.hitButtonsLabel.text=Match
-ExtractedContentPanel.hitPreviousButton.text=
+ExtractedContentPanel.hitPreviousButton.text=
-ExtractedContentPanel.hitNextButton.text=
+ExtractedContentPanel.hitNextButton.text=
-ExtractedContentPanel.copyMenuItem.text=Copy
+ExtractedContentPanel.copyMenuItem.text=Copy
-ExtractedContentPanel.selectAllMenuItem.text=Select All
+ExtractedContentPanel.selectAllMenuItem.text=Select All
-KeywordSearchEditListPanel.saveListButton.text=Copy List
+KeywordSearchEditListPanel.saveListButton.text=Copy List
-KeywordSearchEditListPanel.addWordField.text=
+KeywordSearchEditListPanel.addWordField.text=
-KeywordSearchEditListPanel.addWordButton.text=Add
+KeywordSearchEditListPanel.addWordButton.text=Add
-KeywordSearchEditListPanel.chRegex.text=Regular Expression
+KeywordSearchEditListPanel.chRegex.text=Regular Expression
-KeywordSearchEditListPanel.deleteWordButton.text=Remove Selected
+KeywordSearchEditListPanel.deleteWordButton.text=Remove Selected
-KeywordSearchEditListPanel.cutMenuItem.text=Cut
+KeywordSearchEditListPanel.cutMenuItem.text=Cut
-KeywordSearchEditListPanel.selectAllMenuItem.text=Select All
+KeywordSearchEditListPanel.selectAllMenuItem.text=Select All
-KeywordSearchEditListPanel.pasteMenuItem.text=Paste
+KeywordSearchEditListPanel.pasteMenuItem.text=Paste
-KeywordSearchEditListPanel.copyMenuItem.text=Copy
+KeywordSearchEditListPanel.copyMenuItem.text=Copy
-KeywordSearchEditListPanel.exportButton.text=Export List
+KeywordSearchEditListPanel.exportButton.text=Export List
-KeywordSearchEditListPanel.deleteListButton.text=Delete List
+KeywordSearchEditListPanel.deleteListButton.text=Delete List
-KeywordSearchListsManagementPanel.newListButton.text=New List
+KeywordSearchListsManagementPanel.newListButton.text=New List
-KeywordSearchEditListPanel.useForIngestCheckbox.text=Enable for ingest
+KeywordSearchEditListPanel.useForIngestCheckbox.text=Use during ingest
-KeywordSearchListsManagementPanel.importButton.text=Import List
+KeywordSearchListsManagementPanel.importButton.text=Import List
-KeywordSearchPanel.searchBox.text=Search...
+KeywordSearchPanel.searchBox.text=Search...
-KeywordSearchPanel.regExCheckboxMenuItem.text=Use Regular Expressions
+KeywordSearchPanel.regExCheckboxMenuItem.text=Use Regular Expressions
-KeywordSearchPanel.settingsLabel.text=
+KeywordSearchPanel.settingsLabel.text=
-KeywordSearchListsViewerPanel.searchAddButton.text=Search
+KeywordSearchListsViewerPanel.searchAddButton.text=Search
-KeywordSearchListsViewerPanel.manageListsButton.text=Manage Lists
+KeywordSearchListsViewerPanel.manageListsButton.text=Manage Lists
-KeywordSearchListsViewerPanel.ingestIndexLabel.text=Files Indexed:
+KeywordSearchListsViewerPanel.ingestIndexLabel.text=Files Indexed:
-KeywordSearchEditListPanel.selectorsCombo.toolTipText=Regular Expression selector type (optional)
+KeywordSearchEditListPanel.selectorsCombo.toolTipText=Regular Expression selector type (optional)
-KeywordSearchPanel.searchButton.text=
+KeywordSearchPanel.searchButton.text=
-KeywordSearchPanel.cutMenuItem.text=Cut
+KeywordSearchPanel.cutMenuItem.text=Cut
-KeywordSearchPanel.copyMenuItem.text=Copy
+KeywordSearchPanel.copyMenuItem.text=Copy
-KeywordSearchPanel.pasteMenuItem.text=Paste
+KeywordSearchPanel.pasteMenuItem.text=Paste
-KeywordSearchPanel.selectAllMenuItem.text=Select All
+KeywordSearchPanel.selectAllMenuItem.text=Select All
-ExtractedContentPanel.pageButtonsLabel.text=Page
+ExtractedContentPanel.pageButtonsLabel.text=Page
-ExtractedContentPanel.pageNextButton.text=
+ExtractedContentPanel.pageNextButton.text=
-ExtractedContentPanel.pagePreviousButton.actionCommand=pagePreviousButton
+ExtractedContentPanel.pagePreviousButton.actionCommand=pagePreviousButton
-ExtractedContentPanel.pagePreviousButton.text=
+ExtractedContentPanel.pagePreviousButton.text=
-ExtractedContentPanel.pagesLabel.text=Page:
+ExtractedContentPanel.pagesLabel.text=Page:
-ExtractedContentPanel.pageOfLabel.text=of
+ExtractedContentPanel.pageOfLabel.text=of
-ExtractedContentPanel.pageCurLabel.text=-
+ExtractedContentPanel.pageCurLabel.text=-
-ExtractedContentPanel.pageTotalLabel.text=-
+ExtractedContentPanel.pageTotalLabel.text=-
-ExtractedContentPanel.hitLabel.toolTipText=
+ExtractedContentPanel.hitLabel.toolTipText=
-KeywordSearchEditListPanel.ingestMessagesCheckbox.text=Enable sending messages to inbox during ingest
+KeywordSearchEditListPanel.ingestMessagesCheckbox.text=Send messages to inbox during ingest
-KeywordSearchEditListPanel.ingestMessagesCheckbox.toolTipText=Send messages during triage / ingest when hits on keyword from this list occur
+KeywordSearchEditListPanel.ingestMessagesCheckbox.toolTipText=Send messages during ingest when hits on keyword from this list occur
-KeywordSearchConfigurationPanel2.skipNSRLCheckBox.text=Do not add files in NSRL (known files) to keyword index during ingest
+KeywordSearchConfigurationPanel2.skipNSRLCheckBox.text=Do not add files in NSRL (known files) to keyword index during ingest
-KeywordSearchConfigurationPanel2.skipNSRLCheckBox.toolTipText=Requires Hash DB service to had run previously, or be selected for next ingest.
+KeywordSearchConfigurationPanel2.skipNSRLCheckBox.toolTipText=Requires Hash DB service to had run previously, or be selected for next ingest.
-KeywordSearchConfigurationPanel2.filesIndexedValue.text=-
+KeywordSearchConfigurationPanel2.filesIndexedValue.text=-
-KeywordSearchConfigurationPanel2.filesIndexedLabel.text=Files in keyword index:
+KeywordSearchConfigurationPanel2.filesIndexedLabel.text=Files in keyword index:
-KeywordSearchIngestSimplePanel.languagesLabel.text=Scripts enabled for string extraction from unknown file types:
+KeywordSearchIngestSimplePanel.languagesLabel.text=Scripts enabled for string extraction from unknown file types:
-KeywordSearchIngestSimplePanel.languagesValLabel.text=-
+KeywordSearchIngestSimplePanel.languagesValLabel.text=-
-KeywordSearchIngestSimplePanel.languagesLabel.toolTipText=Scripts enabled for string extraction from unknown file types. Changes can be done in Advanced Settings.
+KeywordSearchIngestSimplePanel.languagesLabel.toolTipText=Scripts enabled for string extraction from unknown file types. Changes can be done in Advanced Settings.
-KeywordSearchIngestSimplePanel.languagesValLabel.toolTipText=
+KeywordSearchIngestSimplePanel.languagesValLabel.toolTipText=
-KeywordSearchConfigurationPanel3.languagesLabel.text=Enabled scripts (languages):
+KeywordSearchConfigurationPanel3.languagesLabel.text=Enabled scripts (languages):
-KeywordSearchConfigurationPanel2.chunksLabel.text=Chunks in keyword index:
+KeywordSearchConfigurationPanel2.chunksLabel.text=Chunks in keyword index:
-KeywordSearchConfigurationPanel2.chunksValLabel.text=-
+KeywordSearchConfigurationPanel2.chunksValLabel.text=-
-KeywordSearchConfigurationPanel3.enableUTF8Checkbox.text=Enable UTF8 text extraction
+KeywordSearchConfigurationPanel3.enableUTF8Checkbox.text=Enable UTF8 text extraction
-KeywordSearchConfigurationPanel3.enableUTF16Checkbox.text=Enable UTF16LE and UTF16BE string extraction
+KeywordSearchConfigurationPanel3.enableUTF16Checkbox.text=Enable UTF16LE and UTF16BE string extraction
-KeywordSearchEditListPanel.keywordOptionsLabel.text=Keyword Options
+KeywordSearchEditListPanel.keywordOptionsLabel.text=Keyword Options
-KeywordSearchEditListPanel.listOptionsLabel.text=List Options
+KeywordSearchEditListPanel.listOptionsLabel.text=List Options
-KeywordSearchConfigurationPanel3.ingestSettingsLabel.text=Ingest settings for string extraction from unknown file types (changes effective on next ingest):
+KeywordSearchConfigurationPanel3.ingestSettingsLabel.text=Ingest settings for string extraction from unknown file types (changes effective on next ingest):
-KeywordSearchConfigurationPanel2.settingsLabel.text=Settings
+KeywordSearchConfigurationPanel2.settingsLabel.text=Settings
-KeywordSearchConfigurationPanel2.informationLabel.text=Information
+KeywordSearchConfigurationPanel2.informationLabel.text=Information
-KeywordSearchListsManagementPanel.keywordListsLabel.text=Keyword Lists:
+KeywordSearchListsManagementPanel.keywordListsLabel.text=Keyword Lists:
-KeywordSearchEditListPanel.keywordsLabel.text=Keywords:
+KeywordSearchEditListPanel.keywordsLabel.text=Keywords:
-KeywordSearchConfigurationPanel2.timeRadioButton1.toolTipText=20 mins. (fastest ingest time)
+KeywordSearchConfigurationPanel2.timeRadioButton1.toolTipText=20 mins. (fastest ingest time)
-KeywordSearchConfigurationPanel2.timeRadioButton1.text=20 minutes (slowest feedback, fastest ingest)
+KeywordSearchConfigurationPanel2.timeRadioButton1.text=20 minutes (slowest feedback, fastest ingest)
-KeywordSearchConfigurationPanel2.timeRadioButton2.toolTipText=10 minutes (faster overall ingest time than default)
+KeywordSearchConfigurationPanel2.timeRadioButton2.toolTipText=10 minutes (faster overall ingest time than default)
-KeywordSearchConfigurationPanel2.timeRadioButton2.text=10 minutes (slower feedback, faster ingest)
+KeywordSearchConfigurationPanel2.timeRadioButton2.text=10 minutes (slower feedback, faster ingest)
-KeywordSearchConfigurationPanel2.timeRadioButton3.toolTipText=5 minutes (overall ingest time will be longer)
+KeywordSearchConfigurationPanel2.timeRadioButton3.toolTipText=5 minutes (overall ingest time will be longer)
-KeywordSearchConfigurationPanel2.timeRadioButton3.text=5 minutes (default)
+KeywordSearchConfigurationPanel2.timeRadioButton3.text=5 minutes (default)
-KeywordSearchIngestSimplePanel.encodingsLabel.text=Encodings:
+KeywordSearchIngestSimplePanel.encodingsLabel.text=Encodings:
-KeywordSearchIngestSimplePanel.keywordSearchEncodings.text=-
+KeywordSearchIngestSimplePanel.keywordSearchEncodings.text=-
-KeywordSearchIngestSimplePanel.titleLabel.text=Select keyword lists to enable during ingest:
+KeywordSearchIngestSimplePanel.titleLabel.text=Select keyword lists to enable during ingest:
-OpenIDE-Module-Short-Description=Keyword Search ingest module, extracted text viewer and keyword search tools
+OpenIDE-Module-Short-Description=Keyword Search ingest module, extracted text viewer and keyword search tools
-KeywordSearchListsViewerPanel.manageListsButton.toolTipText=Manage keyword lists, their settings and associated keywords. The settings are shared among all cases.
+KeywordSearchListsViewerPanel.manageListsButton.toolTipText=Manage keyword lists, their settings and associated keywords. The settings are shared among all cases.
-KeywordSearchConfigurationPanel2.frequencyLabel.text=Results update frequency during ingest:
+KeywordSearchConfigurationPanel2.frequencyLabel.text=Results update frequency during ingest:
-KeywordSearchConfigurationPanel2.timeRadioButton4.text_1=1 minute (faster feedback, longest ingest)
+KeywordSearchConfigurationPanel2.timeRadioButton4.text_1=1 minute (faster feedback, longest ingest)
-KeywordSearchConfigurationPanel2.timeRadioButton4.toolTipText=1 minute (overall ingest time will be longest)
+KeywordSearchConfigurationPanel2.timeRadioButton4.toolTipText=1 minute (overall ingest time will be longest)
--- a/KeywordSearch/src/org/sleuthkit/autopsy/keywordsearch/docs/keywordsearch-about.html
+++ b/KeywordSearch/src/org/sleuthkit/autopsy/keywordsearch/docs/keywordsearch-about.html
@ -1,81 +1,81 @@
-<!--
+<!--
-Autopsy Forensic Browser
+Autopsy Forensic Browser
-
+
-Copyright 2011 Basis Technology Corp.
+Copyright 2011 Basis Technology Corp.
-Contact: carrier <at> sleuthkit <dot> org
+Contact: carrier <at> sleuthkit <dot> org
-
+
-Licensed under the Apache License, Version 2.0 (the "License");
+Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
+you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
+You may obtain a copy of the License at
-
+
-    http://www.apache.org/licenses/LICENSE-2.0
+    http://www.apache.org/licenses/LICENSE-2.0
-
+
-Unless required by applicable law or agreed to in writing, software
+Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
+distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
+See the License for the specific language governing permissions and
-limitations under the License.
+limitations under the License.
-->
+-->
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-<html>
+<html>
-    <head>
+    <head>
-        <title>Keyword Search</title>
+        <title>Keyword Search</title>
-        <link rel="stylesheet" href="nbdocs:/org/sleuthkit/autopsy/core/docs/ide.css" type="text/css">
+        <link rel="stylesheet" href="nbdocs:/org/sleuthkit/autopsy/core/docs/ide.css" type="text/css">
-        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-    </head>
+    </head>
-    <body>
+    <body>
-        <h2>Keyword Search</h2>
+        <h2>Keyword Search</h2>
-        <p>
+        <p>
-            Autopsy ships a keyword search module, which provides the <a href="nbdocs:/org/sleuthkit/autopsy/ingest/docs/ingest-about.html">ingest capability</a>
+            Autopsy ships a keyword search module, which provides the <a href="nbdocs:/org/sleuthkit/autopsy/ingest/docs/ingest-about.html">ingest capability</a>
-            and also supports a manual text search mode.  
+            and also supports a manual text search mode.  
-        </p>
+        </p>
-        <p>The keyword search ingest module extracts text from the files on the image being ingested and adds them to the index that can then be searched.</p>
+        <p>The keyword search ingest module extracts text from the files on the image being ingested and adds them to the index that can then be searched.</p>
-        <p>
+        <p>
-            Autopsy tries its best to extract maximum amount of text from the files being indexed.
+            Autopsy tries its best to extract maximum amount of text from the files being indexed.
-            First, the indexing will try to extract text from supported file formats, such as pure text file format, MS Office Documents, PDF files, Email files, and many others.
+            First, the indexing will try to extract text from supported file formats, such as pure text file format, MS Office Documents, PDF files, Email files, and many others.
-            If the file is not supported by the standard text extractor, Autopsy will fallback to string extraction algorithm.
+            If the file is not supported by the standard text extractor, Autopsy will fallback to string extraction algorithm.
-            String extraction on unknown file formats or arbitrary binary files can often still extract a good amount of text from the file, often good enough to provide additional clues.
+            String extraction on unknown file formats or arbitrary binary files can often still extract a good amount of text from the file, often good enough to provide additional clues.
-            However, string extraction will not be able to extract text strings from binary files that have been encrypted.
+            However, string extraction will not be able to extract text strings from binary files that have been encrypted.
-        </p>
+        </p>
-        <p>
+        <p>
-            Autopsy ships with some built-in lists that define regular expressions and enable user to search for Phone Numbers, IP addresses, URLs and E-mail addresses.
+            Autopsy ships with some built-in lists that define regular expressions and enable user to search for Phone Numbers, IP addresses, URLs and E-mail addresses.
-            However, enabling some of these very general lists can produce a very large number of hits, many of them can be false-positives.
+            However, enabling some of these very general lists can produce a very large number of hits, many of them can be false-positives.
-        </p>
+        </p>
-        <p>
+        <p>
-            Once files are in the index, they can be searched quickly for specific keywords, regular expressions, 
+            Once files are in the index, they can be searched quickly for specific keywords, regular expressions, 
-            or using keyword search lists that can contain a mixture of keywords and regular expressions.
+            or using keyword search lists that can contain a mixture of keywords and regular expressions.
-            Search queries can be executed automatically by the ingest during the ingest run, or at the end of the ingest, depending on the current settings and the time it takes to ingest the image.
+            Search queries can be executed automatically by the ingest during the ingest run, or at the end of the ingest, depending on the current settings and the time it takes to ingest the image.
-        </p>
+        </p>
-        <p>Search queries can also be executed manually by the user at any time, as long as there are some files already indexed and ready to be searched.</p>
+        <p>Search queries can also be executed manually by the user at any time, as long as there are some files already indexed and ready to be searched.</p>
-        <p>
+        <p>
-            Keyword search module will save the search results regardless whether the search is performed by the ingest process, or manually by the user.
+            Keyword search module will save the search results regardless whether the search is performed by the ingest process, or manually by the user.
-            The saved results are available in the Directory Tree in the left hand side panel.
+            The saved results are available in the Directory Tree in the left hand side panel.
-        </p>
+        </p>
-        <p>
+        <p>
-            To see keyword search results in real-time while ingest is running, add keyword lists using the
+            To see keyword search results in real-time while ingest is running, add keyword lists using the
-            <a href="nbdocs:/org/sleuthkit/autopsy/keywordsearch/docs/keywordsearch-configuration.html">Keyword Search Configuration Dialog</a>
+            <a href="nbdocs:/org/sleuthkit/autopsy/keywordsearch/docs/keywordsearch-configuration.html">Keyword Search Configuration Dialog</a>
-            and select the "Use during ingest" check box. 
+            and select the "Use during ingest" check box. 
-            You can select "Enable sending messages to inbox during ingest" per list, if the hits on that list should be reported in the Inbox, which is recommended for very specific searches.
+            You can select "Send messages to inbox during ingest" per list, if the hits on that list should be reported in the Inbox, which is recommended for very specific searches.
-        </p>
+        </p>
-        <p>
+        <p>
-            See <a href="nbdocs:/org/sleuthkit/autopsy/ingest/docs/ingest-about.html">(Ingest)</a>
+            See <a href="nbdocs:/org/sleuthkit/autopsy/ingest/docs/ingest-about.html">(Ingest)</a>
-            for more information on ingest in general.
+            for more information on ingest in general.
-        </p>
+        </p>
-        <p>
+        <p>
-            Once there are files in the index, the <a href="nbdocs:/org/sleuthkit/autopsy/keywordsearch/docs/keywordsearch-bar.html">Keyword Search Bar</a>
+            Once there are files in the index, the <a href="nbdocs:/org/sleuthkit/autopsy/keywordsearch/docs/keywordsearch-bar.html">Keyword Search Bar</a>
-            will be available for use to manually search at any time.
+            will be available for use to manually search at any time.
-        </p>
+        </p>
-    </body>
+    </body>
-</html>
+</html>
-<!--
+<!--
-    Tip: to create a link which will open in an external web browser, try:
+    Tip: to create a link which will open in an external web browser, try:
-    <object classid="java:org.netbeans.modules.javahelp.BrowserDisplayer">
+    <object classid="java:org.netbeans.modules.javahelp.BrowserDisplayer">
-        <param name="content" value="http://www.netbeans.org/">
+        <param name="content" value="http://www.netbeans.org/">
-        <param name="text" value="<html><u>http://www.netbeans.org/</u></html>">
+        <param name="text" value="<html><u>http://www.netbeans.org/</u></html>">
-        <param name="textFontSize" value="medium">
+        <param name="textFontSize" value="medium">
-        <param name="textColor" value="blue">
+        <param name="textColor" value="blue">
-    </object>
+    </object>
-    To create a link to a help set from another module, you need to know the code name base and path, e.g.:
+    To create a link to a help set from another module, you need to know the code name base and path, e.g.:
-    <a href="nbdocs://org.netbeans.modules.usersguide/org/netbeans/modules/usersguide/configure/configure_options.html">Using the Options Window</a>
+    <a href="nbdocs://org.netbeans.modules.usersguide/org/netbeans/modules/usersguide/configure/configure_options.html">Using the Options Window</a>
-    (This link will behave sanely if that module is disabled or missing.)
+    (This link will behave sanely if that module is disabled or missing.)
-->
+-->
--- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Chrome.java
+++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Chrome.java
@ -150,12 +150,9 @@ public class Chrome extends Extract {
                Collection<BlackboardAttribute> bbattributes = new ArrayList<BlackboardAttribute>();
                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_URL.getTypeID(), "Recent Activity", ((result.get("url").toString() != null) ? result.get("url").toString() : "")));
                //bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_URL_DECODED.getTypeID(), "Recent Activity", ((result.get("url").toString() != null) ? EscapeUtil.decodeURL(result.get("url").toString()) : "")));
                //TODO Revisit usage of deprecated constructor per TSK-583
                //bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_LAST_ACCESSED.getTypeID(), "Recent Activity", "Last Visited", ((Long.valueOf(result.get("last_visit_time").toString())) / 10000000)));
                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME_ACCESSED.getTypeID(), "Recent Activity", ((Long.valueOf(result.get("last_visit_time").toString())) / 10000000)));
                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_REFERRER.getTypeID(), "Recent Activity", ((result.get("from_visit").toString() != null) ? result.get("from_visit").toString() : "")));
-                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_NAME.getTypeID(), "Recent Activity", ((result.get("title").toString() != null) ? result.get("title").toString() : "")));
+                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_TITLE.getTypeID(), "Recent Activity", ((result.get("title").toString() != null) ? result.get("title").toString() : "")));
                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID(), "Recent Activity", "Chrome"));
                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DOMAIN.getTypeID(), "Recent Activity", (Util.extractDomain((result.get("url").toString() != null) ? result.get("url").toString() : ""))));
                this.addArtifact(ARTIFACT_TYPE.TSK_WEB_HISTORY, historyFile, bbattributes);
@ -276,8 +273,8 @@ public class Chrome extends Extract {
                    //TODO Revisit usage of deprecated constructor as per TSK-583
                    //bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_LAST_ACCESSED.getTypeID(), "Recent Activity", "Last Visited", (date / 10000000)));
                    bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_URL.getTypeID(), "Recent Activity", url));
-                    bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_NAME.getTypeID(), "Recent Activity", name));
+                    bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_TITLE.getTypeID(), "Recent Activity", name));
-                    bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME_ACCESSED.getTypeID(), "Recent Activity", (date / 10000000)));
+                    bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME_CREATED.getTypeID(), "Recent Activity", (date / 10000000)));
                    bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID(), "Recent Activity", "Chrome"));
                    bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DOMAIN.getTypeID(), "Recent Activity", domain));
                    bbart.addAttributes(bbattributes);
--- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java
+++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java
@ -157,8 +157,8 @@ public class ExtractIE extends Extract {
            Collection<BlackboardAttribute> bbattributes = new ArrayList<BlackboardAttribute>();
            bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_URL.getTypeID(), "RecentActivity", url));
-            bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_NAME.getTypeID(), "RecentActivity", name));
+            bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_TITLE.getTypeID(), "RecentActivity", name));
-            bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME_ACCESSED.getTypeID(), "RecentActivity", datetime));
+            bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME_CREATED.getTypeID(), "RecentActivity", datetime));
            bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID(), "RecentActivity", "Internet Explorer"));
            bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DOMAIN.getTypeID(), "RecentActivity", domain));
            this.addArtifact(ARTIFACT_TYPE.TSK_WEB_BOOKMARK, favoritesFile, bbattributes);
@ -507,7 +507,7 @@ public class ExtractIE extends Extract {
                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME_ACCESSED.getTypeID(), "RecentActivity", ftime));
                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_REFERRER.getTypeID(), "RecentActivity", ""));
-                // @@@ NOte that other browser modules are adding NAME in hre for the title
+                // @@@ NOte that other browser modules are adding TITLE in hre for the title
                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID(), "RecentActivity", "Internet Explorer"));
                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DOMAIN.getTypeID(), "RecentActivity", domain));
                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_USER_NAME.getTypeID(), "RecentActivity", user));
--- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java
+++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java
@ -132,11 +132,9 @@ public class Firefox extends Extract {
                Collection<BlackboardAttribute> bbattributes = new ArrayList<BlackboardAttribute>();
                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_URL.getTypeID(), "RecentActivity", ((result.get("url").toString() != null) ? result.get("url").toString() : "")));
                //bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_URL_DECODED.getTypeID(), "RecentActivity", ((result.get("url").toString() != null) ? EscapeUtil.decodeURL(result.get("url").toString()) : "")));
                //TODO Revisit usage of deprecated constructor as per TSK-583
                //bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_LAST_ACCESSED.getTypeID(), "RecentActivity", "Last Visited", (Long.valueOf(result.get("visit_date").toString()))));
                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME_ACCESSED.getTypeID(), "RecentActivity", (Long.valueOf(result.get("visit_date").toString()))));
                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_REFERRER.getTypeID(), "RecentActivity", ((result.get("ref").toString() != null) ? result.get("ref").toString() : "")));
-                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_NAME.getTypeID(), "RecentActivity", ((result.get("title").toString() != null) ? result.get("title").toString() : "")));
+                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_TITLE.getTypeID(), "RecentActivity", ((result.get("title").toString() != null) ? result.get("title").toString() : "")));
                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID(), "RecentActivity", "FireFox"));
                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DOMAIN.getTypeID(), "RecentActivity", (Util.extractDomain((result.get("url").toString() != null) ? result.get("url").toString() : ""))));
                this.addArtifact(ARTIFACT_TYPE.TSK_WEB_HISTORY, historyFile, bbattributes);
@ -199,10 +197,9 @@ public class Firefox extends Extract {
                Collection<BlackboardAttribute> bbattributes = new ArrayList<BlackboardAttribute>();
                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_URL.getTypeID(), "RecentActivity", ((result.get("url").toString() != null) ? result.get("url").toString() : "")));
-                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_NAME.getTypeID(), "RecentActivity", ((result.get("title").toString() != null) ? result.get("title").toString() : "")));
+                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_TITLE.getTypeID(), "RecentActivity", ((result.get("title").toString() != null) ? result.get("title").toString() : "")));
-                long time = Long.valueOf(result.get("dateAdded").toString());
+                if (Long.valueOf(result.get("dateAdded").toString()) > 0) {
-                if (time > 0) {
+                    bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME_CREATED.getTypeID(), "RecentActivity", (Long.valueOf(result.get("dateAdded").toString()))));
                    bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME_ACCESSED.getTypeID(), "RecentActivity", Long.valueOf(result.get("dateAdded").toString())));
                }
                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID(), "RecentActivity", "FireFox"));
                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DOMAIN.getTypeID(), "RecentActivity", (Util.extractDomain((result.get("url").toString() != null) ? result.get("url").toString() : ""))));
@ -358,8 +355,6 @@ public class Firefox extends Extract {
                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_URL.getTypeID(), "RecentActivity", ((result.get("source").toString() != null) ? result.get("source").toString() : "")));
                //bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_URL_DECODED.getTypeID(), "RecentActivity", ((result.get("source").toString() != null) ? EscapeUtil.decodeURL(result.get("source").toString()) : "")));
                //TODO Revisit usage of deprecated constructor as per TSK-583
                //bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_LAST_ACCESSED.getTypeID(), "RecentActivity", "Last Visited", (Long.valueOf(result.get("startTime").toString()))));
                bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME_ACCESSED.getTypeID(), "RecentActivity", (Long.valueOf(result.get("startTime").toString()))));
                try {
--- a/test/README.txt
+++ b/test/README.txt
@ -1,13 +1,13 @@
-This folder contains the data and scripts required to run regression tests
+This folder contains the data and scripts required to run regression tests
-for Autopsy. There is a 'Testing' folder in the root directory that contains
+for Autopsy. There is a 'Testing' folder in the root directory that contains
-the Java code that drives Autopsy to perform the tests. 
+the Java code that drives Autopsy to perform the tests. 
-
+
-To run these tests:
+To run these tests:
- You will need python3.  We run this from within Cygwin.
+- You will need python3.  We run this from within Cygwin.
- Download the input images by typing 'ant test-download-imgs' in the root Autopsy folder.
+- Download the input images by typing 'ant test-download-imgs' in the root Autopsy folder.
-  This will place images in 'test/input'.
+  This will place images in 'test/input'.
- Run 'python3 regression.py' from inside of the 'test/scripts' folder.
+- Run 'python3 regression.py' from inside of the 'test/scripts' folder.
- Alternatively, run 'python3 regression.py -l [CONFIGFILE] to run the tests on a specified
+- Alternatively, run 'python3 regression.py -l [CONFIGFILE] to run the tests on a specified
-  list of images using a configuration file. See config.xml in the 'test/scripts' folder to
+  list of images using a configuration file. See config.xml in the 'test/scripts' folder to
-  see configuration file formatting.
+  see configuration file formatting.
- Run 'python3 regression.py -h' to see other options. 
+- Run 'python3 regression.py -h' to see other options. 
--- a/test/script/Emailer.py
+++ b/test/script/Emailer.py
@ -1,49 +1,49 @@
-import smtplib
+import smtplib
-from email.mime.image import MIMEImage
+from email.mime.image import MIMEImage
-from email.mime.multipart import MIMEMultipart
+from email.mime.multipart import MIMEMultipart
-from email.mime.text import MIMEText
+from email.mime.text import MIMEText
-from email.mime.base import MIMEBase
+from email.mime.base import MIMEBase
-from email import encoders
+from email import encoders
-import xml
+import xml
-from xml.dom.minidom import parse, parseString
+from xml.dom.minidom import parse, parseString
-
+
-def send_email(to, server, subj, body, attachments):
+def send_email(to, server, subj, body, attachments):
-    """Send an email with the given information.
+    """Send an email with the given information.
-
+
-    Args:
+    Args:
-        to: a String, the email address to send the email to
+        to: a String, the email address to send the email to
-        server: a String, the mail server to send from
+        server: a String, the mail server to send from
-        subj: a String, the subject line of the message
+        subj: a String, the subject line of the message
-        body: a String, the body of the message
+        body: a String, the body of the message
-        attachments: a listof_pathto_File, the attachements to include
+        attachments: a listof_pathto_File, the attachements to include
-    """
+    """
-    msg = MIMEMultipart()
+    msg = MIMEMultipart()
-    msg['Subject'] = subj
+    msg['Subject'] = subj
-    # me == the sender's email address
+    # me == the sender's email address
-    # family = the list of all recipients' email addresses
+    # family = the list of all recipients' email addresses
-    msg['From'] = 'AutopsyTest'
+    msg['From'] = 'AutopsyTest'
-    msg['To'] = to
+    msg['To'] = to
-    msg.preamble = 'This is a test'
+    msg.preamble = 'This is a test'
-    container = MIMEText(body, 'plain')
+    container = MIMEText(body, 'plain')
-    msg.attach(container)
+    msg.attach(container)
-    Build_email(msg, attachments)
+    Build_email(msg, attachments)
-    s = smtplib.SMTP(server)
+    s = smtplib.SMTP(server)
-    try:
+    try:
-        print('Sending Email')
+        print('Sending Email')
-        s.sendmail(msg['From'], msg['To'], msg.as_string())
+        s.sendmail(msg['From'], msg['To'], msg.as_string())
-    except Exception as e:
+    except Exception as e:
-        print(str(e))
+        print(str(e))
-    s.quit()
+    s.quit()
-
+
-def Build_email(msg, attachments):
+def Build_email(msg, attachments):
-    for file in attachments:
+    for file in attachments:
-        part = MIMEBase('application', "octet-stream")
+        part = MIMEBase('application', "octet-stream")
-        atach = open(file, "rb")
+        atach = open(file, "rb")
-        attch = atach.read()
+        attch = atach.read()
-        noml = file.split("\\")
+        noml = file.split("\\")
-        nom = noml[len(noml)-1]
+        nom = noml[len(noml)-1]
-        part.set_payload(attch)
+        part.set_payload(attch)
-        encoders.encode_base64(part)
+        encoders.encode_base64(part)
-        part.add_header('Content-Disposition', 'attachment; filename="' + nom + '"')
+        part.add_header('Content-Disposition', 'attachment; filename="' + nom + '"')
-        msg.attach(part)
+        msg.attach(part)
-
+
--- a/test/script/regression.py
+++ b/test/script/regression.py
--- a/test/script/srcupdater.py
+++ b/test/script/srcupdater.py
@ -1,187 +1,187 @@
-import codecs
+import codecs
-import datetime
+import datetime
-import logging
+import logging
-import os
+import os
-import re
+import re
-import shutil
+import shutil
-import socket
+import socket
-import sqlite3
+import sqlite3
-import subprocess
+import subprocess
-import sys
+import sys
-from sys import platform as _platform
+from sys import platform as _platform
-import time
+import time
-import traceback
+import traceback
-import xml
+import xml
-from xml.dom.minidom import parse, parseString
+from xml.dom.minidom import parse, parseString
-import Emailer
+import Emailer
-from regression_utils import *
+from regression_utils import *
-
+
-def compile(errore, attachli, parsedin):
+def compile(errore, attachli, parsedin):
-	global redo
+	global redo
-	global tryredo
+	global tryredo
-	global failedbool
+	global failedbool
-	global errorem
+	global errorem
-	errorem = errore
+	errorem = errore
-	global attachl
+	global attachl
-	attachl = attachli
+	attachl = attachli
-	global passed
+	global passed
-	global parsed
+	global parsed
-	parsed = parsedin
+	parsed = parsedin
-	passed = True
+	passed = True
-	tryredo = False
+	tryredo = False
-	redo = True
+	redo = True
-	while(redo):
+	while(redo):
-		passed = True
+		passed = True
-		if(passed):
+		if(passed):
-			gitPull("sleuthkit")
+			gitPull("sleuthkit")
-		if(passed):
+		if(passed):
-			vsBuild()
+			vsBuild()
-		if(passed):
+		if(passed):
-			gitPull("autopsy")
+			gitPull("autopsy")
-		if(passed):
+		if(passed):
-			antBuild("datamodel", False)
+			antBuild("datamodel", False)
-		if(passed):
+		if(passed):
-			antBuild("autopsy", True)
+			antBuild("autopsy", True)
-		if(passed):
+		if(passed):
-			redo = False
+			redo = False
-		else:
+		else:
-			print("Compile Failed")
+			print("Compile Failed")
-			time.sleep(3600)
+			time.sleep(3600)
-	attachl = []
+	attachl = []
-	errorem = "The test standard didn't match the gold standard.\n"
+	errorem = "The test standard didn't match the gold standard.\n"
-	failedbool = False
+	failedbool = False
-	if(tryredo):
+	if(tryredo):
-		errorem = ""
+		errorem = ""
-		errorem += "Rebuilt properly.\n"
+		errorem += "Rebuilt properly.\n"
-		Emailer.send_email(parsed, errorem, attachl, True)
+		Emailer.send_email(parsed, errorem, attachl, True)
-		attachl = []
+		attachl = []
-		passed = True
+		passed = True
-
+
-#Pulls from git
+#Pulls from git
-def gitPull(TskOrAutopsy):
+def gitPull(TskOrAutopsy):
-	global SYS
+	global SYS
-	global errorem
+	global errorem
-	global attachl
+	global attachl
-	ccwd = ""
+	ccwd = ""
-	gppth = make_local_path("..", "GitPullOutput" + TskOrAutopsy + ".txt")
+	gppth = make_local_path("..", "GitPullOutput" + TskOrAutopsy + ".txt")
-	attachl.append(gppth)
+	attachl.append(gppth)
-	gpout = open(gppth, 'a')
+	gpout = open(gppth, 'a')
-	toPull = "https://www.github.com/sleuthkit/" + TskOrAutopsy
+	toPull = "https://www.github.com/sleuthkit/" + TskOrAutopsy
-	call = ["git", "pull", toPull]
+	call = ["git", "pull", toPull]
-	if TskOrAutopsy == "sleuthkit":
+	if TskOrAutopsy == "sleuthkit":
-		ccwd = os.path.join("..", "..", "..", "sleuthkit")
+		ccwd = os.path.join("..", "..", "..", "sleuthkit")
-	else:
+	else:
-		ccwd = os.path.join("..", "..")
+		ccwd = os.path.join("..", "..")
-	subprocess.call(call, stdout=sys.stdout, cwd=ccwd)
+	subprocess.call(call, stdout=sys.stdout, cwd=ccwd)
-	gpout.close()
+	gpout.close()
-
+
-
+
-#Builds TSK as a win32 applicatiion
+#Builds TSK as a win32 applicatiion
-def vsBuild():
+def vsBuild():
-	global redo
+	global redo
-	global tryredo
+	global tryredo
-	global passed
+	global passed
-	global parsed
+	global parsed
-	#Please ensure that the current working directory is $autopsy/testing/script
+	#Please ensure that the current working directory is $autopsy/testing/script
-	oldpath = os.getcwd()
+	oldpath = os.getcwd()
-	os.chdir(os.path.join("..", "..", "..","sleuthkit", "win32"))
+	os.chdir(os.path.join("..", "..", "..","sleuthkit", "win32"))
-	vs = []
+	vs = []
-	vs.append("/cygdrive/c/windows/microsoft.NET/framework/v4.0.30319/MSBuild.exe")
+	vs.append("/cygdrive/c/windows/microsoft.NET/framework/v4.0.30319/MSBuild.exe")
-	vs.append(os.path.join("Tsk-win.sln"))
+	vs.append(os.path.join("Tsk-win.sln"))
-	vs.append("/p:configuration=release")
+	vs.append("/p:configuration=release")
-	vs.append("/p:platform=win32")
+	vs.append("/p:platform=win32")
-	vs.append("/t:clean")
+	vs.append("/t:clean")
-	vs.append("/t:rebuild")
+	vs.append("/t:rebuild")
-	print(vs)
+	print(vs)
-	VSpth = make_local_path("..", "VSOutput.txt")
+	VSpth = make_local_path("..", "VSOutput.txt")
-	VSout = open(VSpth, 'a')
+	VSout = open(VSpth, 'a')
-	subprocess.call(vs, stdout=VSout)
+	subprocess.call(vs, stdout=VSout)
-	VSout.close()
+	VSout.close()
-	os.chdir(oldpath)
+	os.chdir(oldpath)
-	chk = os.path.join("..", "..", "..","sleuthkit", "win32", "Release", "libtsk_jni.dll")
+	chk = os.path.join("..", "..", "..","sleuthkit", "win32", "Release", "libtsk_jni.dll")
-	try:
+	try:
-		open(chk)
+		open(chk)
-	except IOError as e:
+	except IOError as e:
-		global errorem
+		global errorem
-		global attachl
+		global attachl
-		if(not tryredo):
+		if(not tryredo):
-			errorem += "LIBTSK C++ failed to build.\n"
+			errorem += "LIBTSK C++ failed to build.\n"
-			attachl.append(VSpth)
+			attachl.append(VSpth)
-			send_email(parsed, errorem, attachl, False)
+			send_email(parsed, errorem, attachl, False)
-		tryredo = True
+		tryredo = True
-		passed = False
+		passed = False
-		redo = True
+		redo = True
-
+
-
+
-
+
-#Builds Autopsy or the Datamodel
+#Builds Autopsy or the Datamodel
-def antBuild(which, Build):
+def antBuild(which, Build):
-	global redo
+	global redo
-	global passed
+	global passed
-	global tryredo
+	global tryredo
-	global parsed
+	global parsed
-	directory = os.path.join("..", "..")
+	directory = os.path.join("..", "..")
-	ant = []
+	ant = []
-	if which == "datamodel":
+	if which == "datamodel":
-		directory = os.path.join("..", "..", "..", "sleuthkit", "bindings", "java")
+		directory = os.path.join("..", "..", "..", "sleuthkit", "bindings", "java")
-	ant.append("ant")
+	ant.append("ant")
-	ant.append("-f")
+	ant.append("-f")
-	ant.append(directory)
+	ant.append(directory)
-	ant.append("clean")
+	ant.append("clean")
-	if(Build):
+	if(Build):
-		ant.append("build")
+		ant.append("build")
-	else:
+	else:
-		ant.append("dist")
+		ant.append("dist")
-	antpth = make_local_path("..", "ant" + which + "Output.txt")
+	antpth = make_local_path("..", "ant" + which + "Output.txt")
-	antout = open(antpth, 'a')
+	antout = open(antpth, 'a')
-	succd = subprocess.call(ant, stdout=antout)
+	succd = subprocess.call(ant, stdout=antout)
-	antout.close()
+	antout.close()
-	global errorem
+	global errorem
-	global attachl
+	global attachl
-	if which == "datamodel":
+	if which == "datamodel":
-		chk = os.path.join("..", "..", "..","sleuthkit",  "bindings", "java", "dist", "TSK_DataModel.jar")
+		chk = os.path.join("..", "..", "..","sleuthkit",  "bindings", "java", "dist", "TSK_DataModel.jar")
-		try:
+		try:
-			open(chk)
+			open(chk)
-		except IOError as e:
+		except IOError as e:
-			if(not tryredo):
+			if(not tryredo):
-				errorem += "DataModel Java build failed.\n"
+				errorem += "DataModel Java build failed.\n"
-				attachl.append(antpth)
+				attachl.append(antpth)
-				Emailer.send_email(parsed, errorem, attachl, False)
+				Emailer.send_email(parsed, errorem, attachl, False)
-			passed = False
+			passed = False
-			tryredo = True
+			tryredo = True
-	elif (succd != 0 and (not tryredo)):
+	elif (succd != 0 and (not tryredo)):
-		errorem += "Autopsy build failed.\n"
+		errorem += "Autopsy build failed.\n"
-		attachl.append(antpth)
+		attachl.append(antpth)
-		Emailer.send_email(parsed, errorem, attachl, False)
+		Emailer.send_email(parsed, errorem, attachl, False)
-		tryredo = True
+		tryredo = True
-	elif (succd != 0):
+	elif (succd != 0):
-		passed = False
+		passed = False
-
+
-
+
-def main():
+def main():
-	errore = ""
+	errore = ""
-	attachli = []
+	attachli = []
-	config_file = ""
+	config_file = ""
-	arg = sys.argv.pop(0)
+	arg = sys.argv.pop(0)
-	arg = sys.argv.pop(0)
+	arg = sys.argv.pop(0)
-	config_file = arg
+	config_file = arg
-	parsedin = parse(config_file)
+	parsedin = parse(config_file)
-	compile(errore, attachli, parsedin)
+	compile(errore, attachli, parsedin)
-
+
-class OS:
+class OS:
-  LINUX, MAC, WIN, CYGWIN = range(4)
+  LINUX, MAC, WIN, CYGWIN = range(4)
-if __name__ == "__main__":
+if __name__ == "__main__":
-	global SYS
+	global SYS
-	if _platform == "linux" or _platform == "linux2":
+	if _platform == "linux" or _platform == "linux2":
-		SYS = OS.LINUX
+		SYS = OS.LINUX
-	elif _platform == "darwin":
+	elif _platform == "darwin":
-		SYS = OS.MAC
+		SYS = OS.MAC
-	elif _platform == "win32":
+	elif _platform == "win32":
-		SYS = OS.WIN
+		SYS = OS.WIN
-	elif _platform == "cygwin":
+	elif _platform == "cygwin":
-		SYS = OS.CYGWIN
+		SYS = OS.CYGWIN
-
+
-	if SYS is OS.WIN or SYS is OS.CYGWIN:
+	if SYS is OS.WIN or SYS is OS.CYGWIN:
-		main()
+		main()
-	else:
+	else:
-		print("We only support Windows and Cygwin at this time.")
+		print("We only support Windows and Cygwin at this time.")