Sha256: 2cd4b099b9a65279d6803ed47357ba8c2b364c992a095c9dd0c2cdd11ed069b2
Contents?: true
Size: 1.51 KB
Versions: 8
Compression:
Stored size: 1.51 KB
Contents
# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
# frozen_string_literal: true
module Contrast
module Agent
module Assess
module Rule
# Those rules which function by scanning the Response body in order to
# detect vulnerabilities. These rules should each have their own
# Contrast::Agent::Assess::RuleResponseWatcher.
#
# Note: Most have been moved to the Service, as they typically watch
# the Request or Response bodies, parsing out vulnerabilities
# therein. CSRF is an exception to this as the rule requires a change
# to the Response body to function.
class ResponseScanningRule < Contrast::Agent::Assess::Rule::Base
def watcher
# raise(
# NotImplementedError,
# 'A child rule should have overridden the watcher method')
end
def stream_safe?
false
end
def generate_hash finding
Contrast::Utils::HashDigest.generate_response_hash(finding)
end
def postfilter context
findings = watcher.postfilter(context) if watcher && context
return unless findings
if findings.is_a?(Array)
findings.each do |finding|
send_report(finding) if finding
end
else
send_report(findings)
end
end
end
end
end
end
end
Version data entries
8 entries across 8 versions & 1 rubygems