Module: Contrast::Utils::InvalidConfigurationUtil

Includes:

Components::Logger::InstanceMethods, Components::Scope::InstanceMethods

Included in:

Framework::Rack::Patch::SessionCookie, Framework::Rails::Patch::AssessConfiguration, Framework::Sinatra::Patch::EncryptedSessionCookie

Defined in:

lib/contrast/utils/invalid_configuration_util.rb

Overview

This utility allows us to report invalid configurations detected in customer applications, as determined by Configuration Rules at runtime.

Constant Summary

CS__PATH =

'path'

CS__SESSION_ID =

'sessionId'

CS__SNIPPET =

'snippet'

Instance Method Summary

• #cs__report_finding(rule_id, user_provided_options, call_location) ⇒ Object

  Build and report a finding for the given rule.

Methods included from Components::Scope::InstanceMethods

#contrast_enter_method_scopes!, #contrast_exit_method_scopes!, #with_app_scope, #with_contrast_scope, #with_deserialization_scope, #with_split_scope

Methods included from Components::Logger::InstanceMethods

#cef_logger, #logger

Instance Method Details

#cs__report_finding(rule_id, user_provided_options, call_location) ⇒ Object

Build and report a finding for the given rule

Parameters:

• rule_id (String) —

  the rule that was violated by the configuration

• user_provided_options (Hash) —

  the configuration value(s) which violated the rule

• call_location (Thread::Backtrace::Location) —

  the location where the bad configuration was set

# File 'lib/contrast/utils/invalid_configuration_util.rb', line 25

def cs__report_finding rule_id, user_provided_options, call_location
  with_contrast_scope do
    finding = build_finding(rule_id, user_provided_options, call_location)
    return unless finding

    Contrast::Agent::Assess::Policy::TriggerMethod.report_finding(finding)
  end
rescue StandardError => e
  logger.error('Unable to build a finding', e, rule: rule_id)
end