# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details. # frozen_string_literal: true cs__scoped_require 'contrast/components/interface' cs__scoped_require 'zlib' cs__scoped_require 'digest' module Contrast module Agent module Assess module Rule # The base class for each of our Assess Rules class Base include Contrast::Components::Interface access_component :logging, :analysis, :agent, :settings def initialize SETTINGS.assess_rules[name] = self end # Should return the name as it is known to Teamserver; defaults to # class def name cs__class.name end def enabled? ASSESS.enabled? && !ASSESS.rule_disabled?(name) end def prefilter _context; end # If a rule needs to inspect the response body it is not stream safe # The rule should override this and return false def stream_safe? true end def postfilter _context; end # this rule is excluded if any of the given exclusions have a # protection rule that matches this rule name def excluded? exclusions Array(exclusions).any? do |ex| ex.assess_rule?(name) end end def send_report finding finding.rule_id = name finding.hash_code = generate_hash(finding) finding.preflight = Contrast::Utils::PreflightUtil.create_preflight(finding) finding.version = Contrast::Agent::Assess::Policy::TriggerMethod::CURRENT_FINDING_VERSION finding.tags = ASSESS.tags.to_s current_context = Contrast::Agent::REQUEST_TRACKER.current current_context.activity.findings << finding end def generate_hash finding Contrast::Utils::HashDigest.generate_trigger_hash(finding) end def trace_tags @_trace_tags ||= ASSESS.tags.to_s end end end end end end