Contents

# Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
# frozen_string_literal: true

require 'contrast/utils/object_share'

module Contrast
  module Agent
    module Reporting
      # helper methods used for masking
      module MaskerUtils
        include Contrast::Utils::ObjectShare

        # Mask raw query as it comes from the env.
        # exp:
        # 'ssn=1234567&id=%272%20or%202%20=%202%27' =>
        # 'ssn=contrast-redacted-ssn&id=contrast-redacted-id'
        #
        # @param query [String]
        # @param results [Array<Contrast::Agent::Reporting::ApplicationDefendAttackActivitys>]
        # results to match against.
        def mask_raw_query query, results
          masked = EMPTY_STRING
          hash = URI.decode_www_form(query).to_h
          mask_with_dictionary(results, hash)
          # Restore to string form.
          hash.each { |k, v| masked += "#{ k }=#{ v }&" }
          query = masked
          query.chomp!(masked[-1])
        end
      end
    end
  end
end

Version data entries

10 entries across 10 versions & 1 rubygems

Version	Path
contrast-agent-7.2.0	lib/contrast/agent/reporting/masker/masker_utils.rb
contrast-agent-7.1.0	lib/contrast/agent/reporting/masker/masker_utils.rb
contrast-agent-7.0.0	lib/contrast/agent/reporting/masker/masker_utils.rb
contrast-agent-6.15.3	lib/contrast/agent/reporting/masker/masker_utils.rb
contrast-agent-6.15.2	lib/contrast/agent/reporting/masker/masker_utils.rb
contrast-agent-6.15.1	lib/contrast/agent/reporting/masker/masker_utils.rb
contrast-agent-6.15.0	lib/contrast/agent/reporting/masker/masker_utils.rb
contrast-agent-6.14.0	lib/contrast/agent/reporting/masker/masker_utils.rb
contrast-agent-6.13.0	lib/contrast/agent/reporting/masker/masker_utils.rb
contrast-agent-6.12.0	lib/contrast/agent/reporting/masker/masker_utils.rb