Sha256: 2cc64e93b7256bf66c062d0dcfd1640e5f901a886f1850ccacac850a10008145
Contents?: true
Size: 1.4 KB
Versions: 2
Compression:
Stored size: 1.4 KB
Contents
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
# frozen_string_literal: true
module Contrast
module Agent
module Protect
module Rule
class NoSqli
# The Mongo specific NoSQL scanner, used by the NoSQLI rule to
# determine if a NoSQL attack was performed against a Mongo database.
#
# @deprecated RUBY-356
class MongoNoSqlScanner < Contrast::Agent::Protect::Rule::DefaultScanner
# Is the current & next character '//' or are the current and
# subsequent characters '<--' ?
def start_line_comment? char, index, query
if char == Contrast::Utils::ObjectShare::SLASH &&
query[index + 1] == Contrast::Utils::ObjectShare::SLASH
return true
end
char == Contrast::Utils::ObjectShare::LEFT_ANGLE &&
query[index + 1] == Contrast::Utils::ObjectShare::DASH &&
query[index + 2] == Contrast::Utils::ObjectShare::DASH
end
def start_block_comment? _char, _index, _query
false
end
# Indicates if '""' inside of double quotes is the equivalent of '\"'
def double_quote_escape_in_double_quote?
true
end
end
end
end
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| contrast-agent-4.6.0 | lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb |
| contrast-agent-4.5.0 | lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb |