Sha256: 599ed134d0dbeef36a79ab758ce7103fdb42f9276471564dfbb75548587d7a54
Contents?: true
Size: 1.51 KB
Versions: 2
Compression:
Stored size: 1.51 KB
Contents
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details. # frozen_string_literal: true require 'contrast/agent/protect/rule/base_service' require 'contrast/agent/protect/rule/xss/reflected_xss_input_classification' require 'contrast/agent/reporting/input_analysis/input_type' module Contrast module Agent module Protect module Rule # The Ruby implementation of the Protect Cross-Site Scripting rule. class Xss < Contrast::Agent::Protect::Rule::BaseService include Contrast::Agent::Reporting::InputType NAME = 'reflected-xss' BLOCK_MESSAGE = 'XSS rule triggered. Response blocked.' APPLICABLE_USER_INPUTS = [ BODY, PARAMETER_NAME, PARAMETER_VALUE, JSON_VALUE, MULTIPART_VALUE, MULTIPART_FIELD_NAME, XML_VALUE, DWR_VALUE, URI, QUERYSTRING ].cs__freeze def rule_name NAME end def block_message BLOCK_MESSAGE end # XSS Upload input classification # # @return [module<Contrast::Agent::Protect::Rule::ReflectedXssInputClassification>] def classification @_classification ||= Contrast::Agent::Protect::Rule::ReflectedXssInputClassification.cs__freeze end def stream_safe? false end def applicable_user_inputs APPLICABLE_USER_INPUTS end end end end end end
Version data entries
2 entries across 2 versions & 1 rubygems
Version | Path |
---|---|
contrast-agent-6.11.0 | lib/contrast/agent/protect/rule/xss.rb |
contrast-agent-6.10.0 | lib/contrast/agent/protect/rule/xss.rb |