Module: Contrast::Agent::Protect::Rule::InputClassification::Extendable

Includes:
Reporting::InputType, Reporting::ScoreLevel
Included in:
Base
Defined in:
lib/contrast/agent/protect/rule/input_classification/extendable.rb

Overview

Module holding the overwritable methods for input classification. This is used by the Protect rules to define their own input classification logic. To be Used input_types, score_level, AgentLib, and InputAnalysisResult must be required.

Constant Summary collapse

THRESHOLD = 
90.cs__freeze
WORTHWATCHING_THRESHOLD = 
10.cs__freeze

Constants included from Reporting::ScoreLevel

Reporting::ScoreLevel::DEFINITEATTACK, Reporting::ScoreLevel::IGNORE, Reporting::ScoreLevel::WORTHWATCHING

Constants included from Reporting::InputType

Reporting::InputType::BODY, Reporting::InputType::COOKIE_NAME, Reporting::InputType::COOKIE_VALUE, Reporting::InputType::DWR_VALUE, Reporting::InputType::HEADER, Reporting::InputType::JSON_ARRAYED_VALUE, Reporting::InputType::JSON_VALUE, Reporting::InputType::METHOD, Reporting::InputType::MULTIPART_CONTENT_TYPE, Reporting::InputType::MULTIPART_FIELD_NAME, Reporting::InputType::MULTIPART_NAME, Reporting::InputType::MULTIPART_VALUE, Reporting::InputType::PARAMETER_NAME, Reporting::InputType::PARAMETER_VALUE, Reporting::InputType::QUERYSTRING, Reporting::InputType::REQUEST, Reporting::InputType::SOCKET, Reporting::InputType::UNDEFINED_TYPE, Reporting::InputType::UNKNOWN, Reporting::InputType::URI, Reporting::InputType::URL_PARAMETER, Reporting::InputType::XML_VALUE

Instance Method Summary collapse

Methods included from Reporting::ScoreLevel

to_a

Methods included from Reporting::InputType

to_a

Instance Method Details

#build_ia_result(rule_id, input_type, value, request, input_eval) ⇒ Contrast::Agent::Reporting::InputAnalysisResult?

Creates specific result from the AgentLib evaluation.

Parameters:

Returns:



47
48
49
50
51
52
53
54
55
56
57
 
# File 'lib/contrast/agent/protect/rule/input_classification/extendable.rb', line 47

def build_ia_result rule_id, input_type, value, request, input_eval
  ia_result = new_ia_result(rule_id, input_type, request.path, value)
  score = input_eval&.score || 0
  if score >= WORTHWATCHING_THRESHOLD
    ia_result.score_level = WORTHWATCHING
    ia_result.ids << self::WORTHWATCHING_MATCH
  else
    ia_result.score_level = IGNORE
  end
  ia_result
end

#build_input_eval(rule_id, input_type, value) ⇒ Contrast::AgentLib::EvalResult?

Creates new instance of AgentLib evaluation result with direct call to AgentLib.

Parameters:

Returns:



31
32
33
34
35
36
37
 
# File 'lib/contrast/agent/protect/rule/input_classification/extendable.rb', line 31

def build_input_eval rule_id, input_type, value
  Contrast::AGENT_LIB.eval_input(value,
                                 Contrast::Agent::Protect::Rule::InputClassification::Base.
                                    convert_input_type(input_type),
                                 Contrast::AGENT_LIB.rule_set[rule_id],
                                 Contrast::AGENT_LIB.eval_option[:PREFER_WORTH_WATCHING])
end

#new_ia_result(rule_id, input_type, path, value = nil) ⇒ Object

Creates new isntance of InputAnalysisResult with basic info.

Parameters:



67
68
69
70
71
72
73
74
 
# File 'lib/contrast/agent/protect/rule/input_classification/extendable.rb', line 67

def new_ia_result rule_id, input_type, path, value = nil
  res = Contrast::Agent::Reporting::InputAnalysisResult.new
  res.rule_id = rule_id
  res.input_type = input_type
  res.path = path
  res.value = value
  res
end