Class: Contrast::Agent::Assess::Policy::Propagator::RackProtection

Inherits:

Base

• Object
• Base
• Contrast::Agent::Assess::Policy::Propagator::RackProtection

Defined in:

lib/contrast/agent/assess/policy/propagator/rack_protection.rb

Overview

Rack::Protection offers several protections against vulnerabilities. Of these, some apply to dataflow and need to be accounted for in order to properly tag data. Others apply to configurations and may be used to suppress configuration vulnerabilities in the future.

Class Method Summary

• .escaped_params(propagation_node, preshift, ret, _block) ⇒ nil, String

  Our custom instrumentation for the Rack::Protection::EscapedParams#escape_string method.

Methods inherited from Base

find_source, propagate, tracked_value?

Class Method Details

.escaped_params(propagation_node, preshift, ret, _block) ⇒ nil, String

Our custom instrumentation for the Rack::Protection::EscapedParams#escape_string method

Parameters:

• propagation_node (Contrast::Agent::Assess::Policy::PropagationNode) —

  the node that governs this propagation event.

• preshift (Contrast::Agent::Assess::PreShift) —

  The capture of the state of the code just prior to the invocation of the patched method.

• ret (nil, String) —

  the target to which to propagate.

Returns:

• (nil, String) —

  ret

# File 'lib/contrast/agent/assess/policy/propagator/rack_protection.rb', line 21

def escaped_params propagation_node, preshift, ret, _block
  Contrast::Agent::Assess::Policy::Propagator::Splat.propagate(propagation_node, preshift, ret)
  apply_escaper_tags(preshift.object, ret)
  ret
end