Sha256: 000d51318b9785ada0b74ad0317b4802b381170d2a084ffbb5cf8ca922e4a6b4

Contents?: true

Size: 1.38 KB

Versions: 24

Compression:

Stored size: 1.38 KB

Contents

# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
# frozen_string_literal: true

module Contrast
  module Agent
    module Protect
      module Rule
        class NoSqli
          # The Mongo specific NoSQL scanner, used by the NoSQLI rule to
          # determine if a NoSQL attack was performed against a Mongo database.
          #
          # @deprecated RUBY-356
          class MongoNoSqlScanner < Contrast::Agent::Protect::Rule::DefaultScanner
            # Is the current & next character '//' or are the current and
            # subsequent characters '<--' ?
            def start_line_comment? char, index, query
              if char == Contrast::Utils::ObjectShare::SLASH && query[index + 1] == Contrast::Utils::ObjectShare::SLASH
                return true
              end

              char == Contrast::Utils::ObjectShare::LEFT_ANGLE &&
                  query[index + 1] == Contrast::Utils::ObjectShare::DASH &&
                  query[index + 2] == Contrast::Utils::ObjectShare::DASH
            end

            def start_block_comment? _char, _index, _query
              false
            end

            # Indicates if '""' inside of double quotes is the equivalent of '\"'
            def double_quote_escape_in_double_quote?
              true
            end
          end
        end
      end
    end
  end
end

Version data entries

24 entries across 24 versions & 1 rubygems

Version Path
contrast-agent-6.11.0 lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb
contrast-agent-6.10.0 lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb
contrast-agent-6.9.0 lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb
contrast-agent-6.8.0 lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb
contrast-agent-6.7.0 lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb
contrast-agent-6.6.5 lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb
contrast-agent-6.6.4 lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb
contrast-agent-6.6.3 lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb
contrast-agent-6.6.2 lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb
contrast-agent-6.6.1 lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb
contrast-agent-6.6.0 lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb
contrast-agent-6.5.1 lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb
contrast-agent-6.5.0 lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb
contrast-agent-6.4.0 lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb
contrast-agent-6.3.0 lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb
contrast-agent-6.2.0 lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb
contrast-agent-6.1.2 lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb
contrast-agent-6.1.1 lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb
contrast-agent-6.1.0 lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb
contrast-agent-6.0.0 lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb