Class: Contrast::Agent::Reporting::ApplicationDefendAttackSample

Inherits:
Object
  • Object
show all
Includes:
InputType
Defined in:
lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample.rb

Overview

This is the new ApplicationDefendAttackSample class which includes a samples of an attack for the given rule of the given result observed in the activity period.

Constant Summary

Constants included from InputType

InputType::BODY, InputType::COOKIE_NAME, InputType::COOKIE_VALUE, InputType::DWR_VALUE, InputType::HEADER, InputType::JSON_ARRAYED_VALUE, InputType::JSON_VALUE, InputType::METHOD, InputType::MULTIPART_CONTENT_TYPE, InputType::MULTIPART_FIELD_NAME, InputType::MULTIPART_NAME, InputType::MULTIPART_VALUE, InputType::PARAMETER_NAME, InputType::PARAMETER_VALUE, InputType::QUERYSTRING, InputType::REQUEST, InputType::SOCKET, InputType::UNDEFINED_TYPE, InputType::UNKNOWN, InputType::URI, InputType::URL_PARAMETER, InputType::XML_VALUE

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Methods included from InputType

to_a

Constructor Details

#initializeApplicationDefendAttackSample

Returns a new instance of ApplicationDefendAttackSample.



40
41
42
43
44
45
46
47
48
 
# File 'lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample.rb', line 40

def initialize
  @time_stamp = Contrast::Agent::REQUEST_TRACKER.current&.timer&.start_ms || 0 # in ms
  @blocked = false
  @event_type = :application_defend_attack_sample
  @user_input = Contrast::Agent::Reporting::UserInput.new
  @request = Contrast::Agent::REQUEST_TRACKER.current&.activity&.request
  @stack = Contrast::Utils::StackTraceUtils.build_protect_report_stack_array
  @details = {}
end

Instance Attribute Details

#detailsContrast::Agent::Reporting::Details::ProtectRuleDetails, {}

Details are per rule specific and should be set when the sample is build

Returns:



26
27
28
 
# File 'lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample.rb', line 26

def details
  @details
end

#stackArray<Contrast::Agent::Reporting::ApplicationDefendAttackSampleStack> (readonly)

Returns:



22
23
24
 
# File 'lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample.rb', line 22

def stack
  @stack
end

#time_stampInteger

Returns time in ms.

Returns:

  • (Integer)

    time in ms



28
29
30
 
# File 'lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample.rb', line 28

def time_stamp
  @time_stamp
end

#user_inputContrast::Agent::Reporting::UserInput

Returns:



20
21
22
 
# File 'lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample.rb', line 20

def user_input
  @user_input
end

Class Method Details

.convert(attack_result, attack_sample) ⇒ Object

Parameters:



33
34
35
36
37
 
# File 'lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample.rb', line 33

def convert attack_result, attack_sample
  activity = new
  activity.attach_data(attack_result, attack_sample)
  activity
end

Instance Method Details

#attach_data(attack_result, attack_sample) ⇒ Object

Parameters:



82
83
84
85
86
87
88
89
 
# File 'lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample.rb', line 82

def attach_data attack_result, attack_sample
  @blocked = attack_result.response == ::Contrast::Agent::Reporting::ResponseType::BLOCKED
  @user_input = attack_sample.user_input
  @details = attack_sample.details
  @time_stamp = attack_sample.time_stamp
  @request = FindingRequest.convert(Contrast::Agent::REQUEST_TRACKER.current&.request)
  @stack = Contrast::Utils::StackTraceUtils.build_protect_report_stack_array
end

#blocked?(response_type) ⇒ Boolean

Returns check if response type is blocked.

Parameters:

Returns:

  • (Boolean)

    check if response type is blocked



63
64
65
 
# File 'lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample.rb', line 63

def blocked? response_type
  @blocked = response_type == Contrast::Agent::Reporting::ResponseType::BLOCKED
end

#build_input(user_input) ⇒ Object

Parameters:



68
69
70
71
72
73
74
75
76
77
78
 
# File 'lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample.rb', line 68

def build_input user_input
  {
      documentPath: user_input.path,
      documentType: user_input.document_type.to_s,
      filters: user_input.matcher_ids,
      name: user_input.key,
      time: time_stamp,
      type: user_input.input_type.to_s,
      value: user_input.value
  }
end

#build_time_stampHash

Returns:



92
93
94
95
96
97
 
# File 'lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample.rb', line 92

def build_time_stamp
  {
      start: time_stamp,
      elapsed: Contrast::Utils::Timer.now_ms - time_stamp
  }
end

#to_controlled_hashObject 



50
51
52
53
54
55
56
57
58
59
 
# File 'lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample.rb', line 50

def to_controlled_hash
  {
      blocked: @blocked,
      input: build_input(@user_input),
      details: @details&.to_controlled_hash,
      request: @request&.to_controlled_hash,
      stack: @stack&.map(&:to_controlled_hash),
      timestamp: build_time_stamp
  }
end