lib/contrast/agent/protect/rule/xxe.rb in contrast-agent-4.6.0 vs lib/contrast/agent/protect/rule/xxe.rb in contrast-agent-4.7.0
- old
+ new
@@ -13,11 +13,11 @@
class Xxe < Contrast::Agent::Protect::Rule::Base
NAME = 'xxe'
BLOCK_MESSAGE = 'XXE rule triggered. Response blocked.'
EXTERNAL_ENTITY_PATTERN = /<!ENTITY\s+[a-zA-Z0-f]+\s+(?:SYSTEM|PUBLIC)\s+(.*?)>/.cs__freeze
- def name
+ def rule_name
NAME
end
# Given an xml, evaluate it for an XXE attack. There's no return here
# as this method handles appending the evaluation to the request
@@ -57,16 +57,11 @@
xxe_details = build_details(xml)
return unless xxe_details
ia_result = build_evaluation(xxe_details.xml)
- build_attack_with_match(
- context,
- ia_result,
- nil,
- nil,
- details: xxe_details)
+ build_attack_with_match(context, ia_result, nil, nil, details: xxe_details)
end
# Given an XML determined to be unsafe, build out the details of the
# attack. The details will include a substring of the given XML up to
# the end of the prolog, where the external entities are declared.
@@ -116,11 +111,11 @@
# We know that this attack happened, so the result is always matched
# and the level is always critical. Only variable is the XML value
# supplied by the attacker.
def build_evaluation xml
ia_result = Contrast::Api::Settings::InputAnalysisResult.new
- ia_result.rule_id = name
+ ia_result.rule_id = rule_name
ia_result.input_type = :UNKNOWN
ia_result.value = Contrast::Utils::StringUtils.protobuf_safe_string(xml)
ia_result
end
@@ -131,13 +126,11 @@
match
end
def build_wrapper entity_wrapper
wrapper = Contrast::Api::Dtm::XxeWrapper.new
- wrapper.system_id = Contrast::Utils::StringUtils.protobuf_safe_string(
- entity_wrapper.system_id)
- wrapper.public_id = Contrast::Utils::StringUtils.protobuf_safe_string(
- entity_wrapper.public_id)
+ wrapper.system_id = Contrast::Utils::StringUtils.protobuf_safe_string(entity_wrapper.system_id)
+ wrapper.public_id = Contrast::Utils::StringUtils.protobuf_safe_string(entity_wrapper.public_id)
wrapper
end
end
end
end