Sha256: b91b69f4306de74db1d8dfabcf7a84bd7cb4f8b63622b8623013b6a4e1b46842

Contents?: true

Size: 1.28 KB

Versions: 5

Compression:

Stored size: 1.28 KB

Contents

# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
# frozen_string_literal: true

module Contrast
  module Utils
    module Assess
      # TrackingUtil has methods for determining if a object is being tracked
      class TrackingUtil
        def self.tracked? obj
          return false if obj.nil?

          if Contrast::Utils::DuckUtils.iterable_hash?(obj)
            obj.each_pair do |k, v|
              return true if tracked?(k)
              return true if tracked?(v)
            end
            false
          elsif Contrast::Utils::DuckUtils.iterable_enumerable?(obj)
            obj.any? do |ele|
              tracked?(ele) unless obj == ele
            end
          elsif Contrast::Utils::DuckUtils.quacks_to?(obj, :cs__tracked?)
            obj.cs__tracked?
          else
            false
          end
        rescue StandardError => e
          # This is used to ask if a ton of objects are tracked. They may not
          # all be iterable. Bad things could happen in some cases, like when
          # checking a closed statement for SQL injection trigger events
          logger.warn("#{ e } trying to TrackingUtil.tracked? on object of class #{ obj.cs__class }.")
          false
        end
      end
    end
  end
end

Version data entries

5 entries across 5 versions & 1 rubygems

Version Path
contrast-agent-3.10.2 lib/contrast/utils/assess/tracking_util.rb
contrast-agent-3.10.1 lib/contrast/utils/assess/tracking_util.rb
contrast-agent-3.10.0 lib/contrast/utils/assess/tracking_util.rb
contrast-agent-3.9.1 lib/contrast/utils/assess/tracking_util.rb
contrast-agent-3.9.0 lib/contrast/utils/assess/tracking_util.rb