Module: Contrast::Agent::Protect::Rule::ReflectedXssInputClassification

Extended by:
InputClassification::Base
Defined in:
lib/contrast/agent/protect/rule/xss/reflected_xss_input_classification.rb

Overview

The Ruby implementation of the Protect Reflected XSS rule Input classification

Constant Summary collapse

REFLECTED_XSS_MATCH = 
'reflected-xss-input-tracing-v1'.cs__freeze
WORTHWATCHING_MATCH = 
'xss-worth-watching-v2'.cs__freeze

Constants included from InputClassification::Base

InputClassification::Base::BASE64_INPUT_TYPES, InputClassification::Base::KEYS_NEEDED, InputClassification::Base::UNKNOWN_KEY

Constants included from Reporting::InputType

Reporting::InputType::BODY, Reporting::InputType::COOKIE_NAME, Reporting::InputType::COOKIE_VALUE, Reporting::InputType::DWR_VALUE, Reporting::InputType::HEADER, Reporting::InputType::JSON_ARRAYED_VALUE, Reporting::InputType::JSON_VALUE, Reporting::InputType::METHOD, Reporting::InputType::MULTIPART_CONTENT_TYPE, Reporting::InputType::MULTIPART_FIELD_NAME, Reporting::InputType::MULTIPART_NAME, Reporting::InputType::MULTIPART_VALUE, Reporting::InputType::PARAMETER_NAME, Reporting::InputType::PARAMETER_VALUE, Reporting::InputType::QUERYSTRING, Reporting::InputType::REQUEST, Reporting::InputType::SOCKET, Reporting::InputType::UNDEFINED_TYPE, Reporting::InputType::UNKNOWN, Reporting::InputType::URI, Reporting::InputType::URL_PARAMETER, Reporting::InputType::XML_VALUE

Constants included from InputClassification::Encoding

InputClassification::Encoding::KNOWN_DECODING_EXCEPTIONS

Constants included from InputClassification::Extendable

InputClassification::Extendable::THRESHOLD, InputClassification::Extendable::WORTHWATCHING_THRESHOLD

Constants included from Reporting::ScoreLevel

Reporting::ScoreLevel::DEFINITEATTACK, Reporting::ScoreLevel::IGNORE, Reporting::ScoreLevel::WORTHWATCHING

Method Summary

Methods included from InputClassification::Base

add_needed_key, classify, convert_input_type, find_key

Methods included from Reporting::InputType

to_a

Methods included from Components::Logger::InstanceMethods

#cef_logger, #logger

Methods included from InputClassification::Encoding

#cs__base64?, #cs__decode64

Methods included from InputClassification::Extendable

#build_ia_result, #build_input_eval, #new_ia_result

Methods included from Reporting::ScoreLevel

to_a