Sha256: b34db14bd968500818fe829578eea135e3f7df6e5000c97bdf954f8680d358f7

Contents?: true

Size: 1.05 KB

Versions: 6

Compression:

Stored size: 1.05 KB

Contents

# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
# frozen_string_literal: true

require 'contrast/utils/object_share'

module Contrast
  module Agent
    module Reporting
      # helper methods used for masking
      module MaskerUtils
        include Contrast::Utils::ObjectShare

        # Mask raw query as it comes from the env.
        # exp:
        # 'ssn=1234567&id=%272%20or%202%20=%202%27' =>
        # 'ssn=contrast-redacted-ssn&id=contrast-redacted-id'
        #
        # @param query [String]
        # @param results [Array<Contrast::Agent::Reporting::ApplicationDefendAttackActivitys>]
        # results to match against.
        def mask_raw_query query, results
          masked = EMPTY_STRING
          hash = URI.decode_www_form(query).to_h
          mask_with_dictionary(results, hash)
          # Restore to string form.
          hash.each { |k, v| masked += "#{ k }=#{ v }&" }
          query = masked
          query.chomp!(masked[-1])
        end
      end
    end
  end
end

Version data entries

6 entries across 6 versions & 1 rubygems

Version Path
contrast-agent-6.11.0 lib/contrast/agent/reporting/masker/masker_utils.rb
contrast-agent-6.10.0 lib/contrast/agent/reporting/masker/masker_utils.rb
contrast-agent-6.9.0 lib/contrast/agent/reporting/masker/masker_utils.rb
contrast-agent-6.8.0 lib/contrast/agent/reporting/masker/masker_utils.rb
contrast-agent-6.7.0 lib/contrast/agent/reporting/masker/masker_utils.rb
contrast-agent-6.6.5 lib/contrast/agent/reporting/masker/masker_utils.rb