rule_applicator.rb in contrast-agent-6.12.0

- old
+ new

@@ -1,6 +1,6 @@
-# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
 require 'contrast/components/logger'
 require 'contrast/agent/protect/input_analyzer/input_analyzer'
 
@@ -47,14 +47,19 @@
 
           # applies input_analysis for the invoked rule
           #
           # @param rule_id [String] name of the rule
           # @param context [Contrast::Agent::RequestContext] current request contest
+          # @return [Contrast::Agent::Reporting::InputAnalysis, nil]
           def apply_classification rule_id, context
             return unless context
             return unless (ia = context.agent_input_analysis)
 
             Contrast::Agent::Protect::InputAnalyzer.input_classification_for(rule_id, ia)
+            # We add the triggered rule to the list. After request analysis will skip this rule
+            # as already it's input applicable types has been analysed.
+            ia.triggered_rules << rule_name
+            ia
           end
 
           protected
 
           # Calls the actual rule for this applicator, if required. Most rules