Sha256: 26dd83217ff286e91a1e1ce084bd869364c45b8e59e12b208cdfbf13a1911f9b
Contents?: true
Size: 1.93 KB
Versions: 2
Compression:
Stored size: 1.93 KB
Contents
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
# frozen_string_literal: true
require 'contrast/agent/protect/rule/base_service'
require 'contrast/agent/protect/rule/sql_sample_builder'
module Contrast
module Agent
module Protect
module Rule
# The Ruby implementation of the Protect NoSQL Injection rule.
class NoSqli < Contrast::Agent::Protect::Rule::BaseService
# Generate a sample for the No-SQL injection detection rule, allowing for reporting to and rendering
# by TeamServer
include SqlSampleBuilder::NoSqliSample
# Defining build_attack_with_match method
include SqlSampleBuilder::AttackBuilder
NAME = 'nosql-injection'
BLOCK_MESSAGE = 'NoSQLi rule triggered. Response blocked.'
def rule_name
NAME
end
def block_message
BLOCK_MESSAGE
end
def infilter context, database, query_string
return unless infilter?(context)
result = find_attacker(context, query_string, database: database)
return unless result
append_to_activity(context, result)
raise Contrast::SecurityException.new(self, BLOCK_MESSAGE) if blocked?
end
protected
def find_attacker context, potential_attack_string, **kwargs
if potential_attack_string
# We need the query hash to be a JSON string to match on JSON input attacks
begin
potential_attack_string = JSON.generate(potential_attack_string).to_s
rescue JSON::GeneratorError
logger.trace('Error in JSON::generate', input: potential_attack_string)
nil
end
end
super(context, potential_attack_string, **kwargs)
end
end
end
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| contrast-agent-5.1.0 | lib/contrast/agent/protect/rule/no_sqli.rb |
| contrast-agent-5.0.0 | lib/contrast/agent/protect/rule/no_sqli.rb |