xxe.rb in contrast-agent-5.2.0

- old
+ new

@@ -1,18 +1,21 @@
 # Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
 require 'contrast/agent/protect/rule/base'
 require 'contrast/utils/timer'
+require 'contrast/components/logger'
 
 module Contrast
   module Agent
     module Protect
       module Rule
         # Implementation of the XXE Protect Rule used to evaluate XML calls for exploit
         # of unsafe external entity resolution.
         class Xxe < Contrast::Agent::Protect::Rule::Base
+          include Contrast::Components::Logger::InstanceMethods
+
           NAME = 'xxe'
           BLOCK_MESSAGE = 'XXE rule triggered. Response blocked.'
           EXTERNAL_ENTITY_PATTERN = /<!ENTITY\s+[a-zA-Z0-f]+\s+(?:SYSTEM|PUBLIC)\s+(.*?)>/.cs__freeze
 
           def rule_name
@@ -34,9 +37,10 @@
             return unless result
 
             append_to_activity(context, result)
             return unless blocked?
 
+            cef_logging result, :successful_attack, xml
             raise Contrast::SecurityException.new(self, BLOCK_MESSAGE)
           end
 
           protected
 