Module: Aikido::Zen::Sinks::HTTPClient::Extensions
- Defined in:
- lib/aikido/zen/sinks/httpclient.rb
Class Method Summary collapse
Instance Method Summary collapse
Class Method Details
.perform_scan(req, &block) ⇒ Object
30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 |
# File 'lib/aikido/zen/sinks/httpclient.rb', line 30 def self.perform_scan(req, &block) wrapped_request = wrap_request(req) connection = Aikido::Zen::OutboundConnection.from_uri(req.http_header.request_uri) # Store the request information so the DNS sinks can pick it up. if (context = Aikido::Zen.current_context) prev_request = context["ssrf.request"] context["ssrf.request"] = wrapped_request end SINK.scan(connection: connection, request: wrapped_request, operation: "request") yield ensure context["ssrf.request"] = prev_request if context end |
Instance Method Details
#do_get_block(req) ⇒ Object
47 48 49 |
# File 'lib/aikido/zen/sinks/httpclient.rb', line 47 def do_get_block(req, *) Extensions.perform_scan(req) { super } end |
#do_get_header(req, res) ⇒ Object
55 56 57 58 59 60 61 62 |
# File 'lib/aikido/zen/sinks/httpclient.rb', line 55 def do_get_header(req, res, *) super.tap do Aikido::Zen::Scanners::SSRFScanner.track_redirects( request: Extensions.wrap_request(req), response: Extensions.wrap_response(res) ) end end |
#do_get_stream(req) ⇒ Object
51 52 53 |
# File 'lib/aikido/zen/sinks/httpclient.rb', line 51 def do_get_stream(req, *) Extensions.perform_scan(req) { super } end |