Sha256: b83e3fe4e9f4b7f11d06099c873693078587457a44c0dc4b622c28397d983392

Contents?: true

Size: 1.83 KB

Versions: 3

Compression:

Stored size: 1.83 KB

Contents

# Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
# frozen_string_literal: true

require 'contrast/agent/protect/rule/base_service'
require 'contrast/agent/reporting/input_analysis/input_type'
require 'contrast/agent/reporting/input_analysis/score_level'
require 'contrast/agent/protect/rule/unsafe_file_upload/unsafe_file_upload_input_classification'

module Contrast
  module Agent
    module Protect
      module Rule
        # The Ruby implementation of the Protect Unsafe File Upload rule.
        # The unsafe-file-upload rule can trigger the following results:
        # BLOCKED in Blocking mode and SUSPICIOUS in Monitor mode.
        class UnsafeFileUpload < Contrast::Agent::Protect::Rule::BaseService
          include Contrast::Agent::Reporting::InputType

          NAME = 'unsafe-file-upload'
          BLOCK_MESSAGE = 'Unsafe file upload rule triggered. Request blocked.'
          APPLICABLE_USER_INPUTS = [MULTIPART_NAME, MULTIPART_FIELD_NAME].cs__freeze

          def rule_name
            NAME
          end

          def applicable_user_inputs
            APPLICABLE_USER_INPUTS
          end

          def block_message
            BLOCK_MESSAGE
          end

          # Unsafe File Upload input classification
          #
          # @return [module<Contrast::Agent::Protect::Rule::UnsafeFileUploadInputClassification>]
          def classification
            @_classification ||= Contrast::Agent::Protect::Rule::UnsafeFileUploadInputClassification.cs__freeze
          end

          private

          # @param context [Contrast::Agent::RequestContext]
          # @return [Boolean]
          def prefilter? context
            return false unless context
            return false unless enabled?

            true
          end
        end
      end
    end
  end
end

Version data entries

3 entries across 3 versions & 1 rubygems

Version Path
contrast-agent-6.14.0 lib/contrast/agent/protect/rule/unsafe_file_upload.rb
contrast-agent-6.13.0 lib/contrast/agent/protect/rule/unsafe_file_upload.rb
contrast-agent-6.12.0 lib/contrast/agent/protect/rule/unsafe_file_upload.rb