contrast-agent 3.8.4

data/lib/contrast/agent/assess/frozen_properties.rb

@@ -0,0 +1,41 @@
+# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+cs__scoped_require 'set'
+cs__scoped_require 'base64'
+cs__scoped_require 'contrast/utils/tag_util'
+cs__scoped_require 'contrast/utils/prevent_serialization'
+
+module Contrast
+  module Agent
+    module Assess
+      # This class is used as an NoOP version of Properties. We'll pass this to
+      # any attempt to access Properties on a frozen object including
+      # AssessExtension iff that object did not have Properties before it was
+      # placed in a frozen state.
+      class FrozenProperties
+        include Contrast::Utils::PreventSerialization
+
+        def events
+          Contrast::Utils::ObjectShare::EMPTY_ARRAY
+        end
+
+        def properties
+          Contrast::Utils::ObjectShare::EMPTY_HASH
+        end
+
+        def tracked?
+          false
+        end
+
+        def tagged? _label
+          false
+        end
+
+        def any_tags_between? _start, _finish
+          false
+        end
+      end
+    end
+  end
+end

data/lib/contrast/agent/assess/insulator.rb

@@ -0,0 +1,53 @@
+# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+cs__scoped_require 'contrast/utils/prevent_serialization'
+cs__scoped_require 'contrast/agent/assess/properties'
+
+module Contrast
+  module Agent
+    module Assess
+      # This is just a wrapper around Properties so that if they are on a frozen
+      # object, they are left mutable for us.
+      class Insulator
+        # Return a new delegator with a properties method, used to track
+        # properties in a manner that won't be serialized.
+        #
+        # @return [SimpleDelegator<Object>]
+        def self.generate
+          delegator = SimpleDelegator.new(nil)
+          delegator.extend(Contrast::Utils::PreventPsychSerialization)
+          delegator
+        end
+
+        # Return the frozen properties delegator, which is a
+        #
+        # @return [SimpleDelegator<Object>]
+        def self.generate_frozen
+          @_generate_frozen ||= begin
+                                  delegator = SimpleDelegator.new(nil)
+                                  delegator.extend(Contrast::Utils::PreventPsychSerialization)
+                                  delegator
+                                end
+        end
+      end
+    end
+  end
+end
+
+# Our patch of the SimpleDelegator class, allowing us to leverage its
+# marshal_dump and marshal_load methods to hide our properties on an object so
+# that they will not be dumped or loaded.
+# We do this to prevent polluting data that may run on applications that are no
+# longer instrumented with Contrast
+class SimpleDelegator
+  # rubocop:disable Naming/MemoizedInstanceVariableName
+  def properties
+    @delegate_properties ||= Contrast::Agent::Assess::Properties.new
+  end
+
+  def frozen_properties
+    @delegate_frozen_properties ||= Contrast::Agent::Assess::FrozenProperties.new
+  end
+  # rubocop:enable Naming/MemoizedInstanceVariableName
+end

data/lib/contrast/agent/assess/policy/dynamic_source_factory.rb

@@ -0,0 +1,78 @@
+# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+cs__scoped_require 'contrast/agent/patching/policy/method_policy'
+
+module Contrast
+  module Agent
+    module Assess
+      module Policy
+        # This class is used to create dynamic source nodes & source nodes from a db model that receives untrusted data
+        class DynamicSourceFactory
+          DB_SOURCE_TYPE = 'TAINTED_DATABASE'
+          WRITE_QUERY_TIME = 'writeDateTimeUtc'
+          WRITE_QUERY_URL = 'writeRequestUrl'
+          READ_TABLE = 'readTable'
+          READ_COLUMN = 'readColumn'
+          class << self
+            def create_sources klass, tainted_columns
+              instance_methods = klass.instance_methods
+              instance_methods.concat(klass.private_instance_methods)
+              tainted_columns.each_pair do |field, events|
+                dynamic_source_node = create_source_node(klass, field)
+                Contrast::Agent::Assess::Policy::Policy.instance.add_node(dynamic_source_node, :dynamic_source)
+
+                method_policy = Contrast::Agent::Patching::Policy::MethodPolicy.new
+                method_policy.method_name = field.to_sym
+                method_policy.method_visibility = :public
+                method_policy.instance_method = true
+                method_policy.source_node = dynamic_source_node
+                Contrast::Agent::Patching::Policy::Patcher.patch_method(klass, instance_methods, method_policy)
+
+                current_context = Contrast::Agent::REQUEST_TRACKER.current
+
+                next unless current_context.activity.dynamic_sources[dynamic_source_node.id]
+
+                dynamic_source = create_dynamic_source(current_context, dynamic_source_node, field, events)
+
+                node_id = Contrast::Utils::StringUtils.force_utf8(dynamic_source_node.id)
+                current_context.activity.dynamic_sources[node_id] = dynamic_source
+              end
+            end
+
+            private
+
+            def create_source_node klass, field
+              node = Contrast::Agent::Assess::Policy::SourceNode.new
+              node.class_name = klass.cs__name
+              node.instance_method = true
+              node.method_name = field.to_sym
+              node.method_visibility = :public
+              node.target_string = Contrast::Utils::ObjectShare::RETURN_KEY
+              node.type = DB_SOURCE_TYPE
+              node.add_property('dynamic_source_id', node.id)
+              node
+            end
+
+            def create_dynamic_source current_context, source_node, field, events
+              dynamic_source = Contrast::Api::Dtm::DynamicSource.new
+              dynamic_source.class_name = Contrast::Utils::StringUtils.force_utf8(source_node.class_name)
+              dynamic_source.method_name = Contrast::Utils::StringUtils.force_utf8(field)
+              dynamic_source.instance_method = source_node.instance_method?
+              dynamic_source.target = Contrast::Utils::StringUtils.force_utf8(source_node.target_string)
+              events.each do |event|
+                dynamic_source.events << event.to_dtm_event
+              end
+              dynamic_source.properties[READ_TABLE] = Contrast::Utils::StringUtils.force_utf8(source_node.class_name)
+              dynamic_source.properties[READ_COLUMN] = Contrast::Utils::StringUtils.force_utf8(field)
+              dynamic_source.properties[WRITE_QUERY_TIME] = Contrast::Utils::StringUtils.force_utf8(Contrast::Utils::Timer.now_ms)
+              url = current_context.request.normalized_uri
+              dynamic_source.properties[WRITE_QUERY_URL] = Contrast::Utils::StringUtils.force_utf8(url)
+              dynamic_source
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/contrast/agent/assess/policy/patcher.rb

@@ -0,0 +1,85 @@
+# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+cs__scoped_require 'contrast/agent/assess/policy/policy'
+cs__scoped_require 'contrast/agent/patching/policy/patcher'
+cs__scoped_require 'contrast/agent/patching/policy/method_policy'
+cs__scoped_require 'contrast/agent/patching/policy/module_policy'
+
+module Contrast
+  module Agent
+    module Assess
+      module Policy
+        # This is how we patch into our customer's code. It provides a way to
+        # track which classes we need to patch into and, once we've woven,
+        # provides a map for which methods our renamed functions need to call
+        # and how.
+        module Patcher
+          include Contrast::Components::Interface
+          access_component :logging, :analysis, :agent, :scope
+
+          class << self
+            def policy
+              Contrast::Agent::Assess::Policy::Policy.instance
+            end
+
+            def patcher
+              Contrast::Agent::Patching::Policy::Patcher
+            end
+
+            # Some of the methods we care about, especially those used as dynamic
+            # sources, are truly dynamic, in that they do not exist on class
+            # load. These methods only exist once a module or class eval has been
+            # called. This hook is provided so that patches to those methods can
+            # pass us execution flow once a new method has been made available.
+            def patch_assess_on_eval mod
+              return unless ASSESS.enabled?
+
+              with_contrast_scope { patcher.patch_specific_module(mod) }
+            rescue StandardError => e
+              logger.warn(
+                  e,
+                  "Unable to patch assess into #{ mod.cs__name } on eval")
+            end
+
+            # Exposed so that methods can be dynamically patched on creation at
+            # runtime, like those generated by
+            # ActiveRecord::AttributeMethods::Read::ClassMethods#define_method_attribute
+            CLASS_TYPES = [
+              Contrast::Utils::ObjectShare::CLASS,
+              Contrast::Utils::ObjectShare::MODULE
+            ].cs__freeze
+            def patch_assess_method clazz, method_name
+              # Module.define_method is called a lot in Class and Module. We
+              # currently do not expect these define_methods to result in methods
+              # that require patching, so for the sake of performance, we're going
+              # to skip evaluating them
+              class_name = clazz.cs__name
+              return if CLASS_TYPES.include?(class_name)
+              return unless ASSESS.enabled?
+
+              source_nodes = Contrast::Agent::Patching::Policy::ModulePolicy.nodes_for_module(policy.sources, class_name)
+              return if source_nodes.empty?
+
+              method_array = []
+              method_array << method_name
+              source_nodes.each do |source_node|
+                next unless source_node.method_name.to_s == method_name
+
+                method_policy = Contrast::Agent::Patching::Policy::MethodPolicy.new(source_node: source_node,
+                                                                                    method_name: source_node.method_name,
+                                                                                    method_visibility: source_node.method_visibility,
+                                                                                    instance_method: true)
+                patcher.patch_method(clazz, method_array, method_policy)
+              end
+            rescue StandardError => e
+              logger.warn(
+                  e,
+                  "Unable to patch assess into #{ class_name }##{ method_name } on define_method_attribute")
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/contrast/agent/assess/policy/policy.rb

@@ -0,0 +1,116 @@
+# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+cs__scoped_require 'json'
+cs__scoped_require 'contrast/agent/assess/rule/provider/hardcoded_value_rule'
+cs__scoped_require 'contrast/agent/assess/rule/provider/hardcoded_key'
+cs__scoped_require 'contrast/agent/assess/rule/provider/hardcoded_password'
+cs__scoped_require 'contrast/agent/assess/policy/policy_node'
+cs__scoped_require 'contrast/agent/assess/policy/source_node'
+cs__scoped_require 'contrast/agent/assess/policy/propagation_node'
+cs__scoped_require 'contrast/agent/assess/policy/trigger_node'
+cs__scoped_require 'contrast/agent/patching/policy/policy'
+
+module Contrast
+  module Agent
+    module Assess
+      module Policy
+        # This is just a holder for our policy. Takes the policy JSON and
+        # converts it into hashes that we can access nicely
+        class Policy < Contrast::Agent::Patching::Policy::Policy
+          # Indicates the folder in `resources` where this policy lives.
+          def self.policy_folder
+            'assess'
+          end
+
+          # Indicates is this feature has been disabled by the configuration,
+          # read at startup, and therefore can never be enabled.
+          def disabled_globally?
+            ASSESS.forcibly_disabled?
+          end
+
+          def node_type
+            Contrast::Agent::Assess::Policy::TriggerNode
+          end
+
+          def initialize
+            super
+            load_providers
+          end
+
+          # Our policy for dataflow rules is a 'dope ass' JSON file. Rather than
+          # hard code in a bunch of things to monkey patch, we let the JSON file
+          # define the conditions in which sources, propagators, and triggers are
+          # applied.
+          # This let's us be flexible and extensible
+          # * when we want to do lvl 2 rules, we could have the customers unzip
+          # our gem, insert things into the json, zip, and go *
+          def from_hash_string string
+            # The default behavior of the agent is to load the policy on startup,
+            # as at this point we do not know in which mode we'll be run.
+            #
+            # If the configuration file explicitly disables a feature, we know
+            # that we will not ever be able to enable it, so in that case, we
+            # can skip policy loading.
+            return if disabled_globally?
+
+            policy_data = JSON.parse(string)
+
+            policy_data[SOURCES_KEY].each do |source_hash|
+              source = Contrast::Agent::Assess::Policy::SourceNode.new(source_hash)
+              add_node(source, :source)
+            end
+
+            policy_data[PROPAGATION_KEY].each do |propagator_hash|
+              prop = Contrast::Agent::Assess::Policy::PropagationNode.new(propagator_hash)
+              add_node(prop, :propagator)
+            end
+
+            policy_data[RULES_KEY].each do |rule_hash|
+              rule_hash[TRIGGERS_KEY].each do |trigger_hash|
+                trigger_node = node_type.new(trigger_hash, rule_hash)
+                add_node(trigger_node)
+              end
+            end
+
+            tracked_classes.concat(policy_data[TRACKED_CLASSES_KEY])
+          end
+
+          # Providers is a term that we're taking from Java until we come up with
+          # a name that we (I) don't hate. Basically, these are more static like
+          # rules. They don't do dataflow or response scanning. Instead, they
+          # watch for things to be loaded (configs, classes, whateves) and
+          # determine if these loaded things are unsafe.
+          #
+          # ** if we want, we could add this as a section to the aforementioned
+          # 'dope ass' JSON
+          def load_providers
+            PROVIDER_CLASSES.each do |clazz|
+              instance = clazz.new
+              providers[instance.rule_id] = instance
+            end
+          end
+
+          PROVIDER_CLASSES = [
+            Contrast::Agent::Assess::Rule::Provider::HardcodedKey,
+            Contrast::Agent::Assess::Rule::Provider::HardcodedPassword
+          ].cs__freeze
+
+          # Handles updating the dynamic sources of this Application and indicates
+          # if doing so results in a state that requires repatching -- i.e. new
+          # dynamic sources have been discovered by agents monitoring other
+          # instances of this application
+          def update_dynamic_sources dynamic_sources_map
+            dynamic_sources_map.each do |key, dynamic_source|
+              # key is the dynamic source node id
+              next if sources.any? { |source| source.id == key }
+
+              dynamic_source_node = Contrast::Agent::Assess::Policy::SourceNode.build_dynamic_source(key, dynamic_source)
+              add_node(dynamic_source_node, :dynamic_source)
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/contrast/agent/assess/policy/policy_node.rb

@@ -0,0 +1,289 @@
+# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+cs__scoped_require 'contrast/agent/patching/policy/policy_node'
+
+module Contrast
+  module Agent
+    module Assess
+      module Policy
+        # This class functions to translate our policy.json into an actionable
+        # Ruby object, allowing for dynamic patching over hardcoded patching.
+        class PolicyNode < Contrast::Agent::Patching::Policy::PolicyNode
+          attr_accessor :tags, :type
+          attr_reader   :sources, :targets, :source_string, :target_string
+
+          def initialize policy_hash = {}
+            super(policy_hash)
+            @source_string = policy_hash[JSON_SOURCE]
+            @target_string = policy_hash[JSON_TARGET]
+            @tags = Set.new(policy_hash[JSON_TAGS])
+            generate_sources
+            generate_targets
+          end
+
+          def feature
+            'Assess'
+          end
+
+          def node_class
+            'Node'
+          end
+
+          def node_type
+            :TYPE_METHOD
+          end
+
+          def target
+            @_target ||= begin
+              if targets&.any?
+                targets[0]
+              elsif sources&.any?
+                sources[0]
+              end
+            end
+          end
+
+          def source_string= value
+            @source_string = value
+            generate_sources
+          end
+
+          def target_string= value
+            @target_string = value
+            generate_targets
+          end
+
+          # Sometimes we need to tie information to an event. We'll add a
+          # properties section to the patch node, which can pass them along to
+          # the pre-dtm event
+          def add_property name, value
+            return unless name && value
+
+            @properties ||= {}
+            @properties[name] = value
+          end
+
+          def get_property name
+            return unless @properties
+
+            @properties[name]
+          end
+
+          # Given a source in the format A,B,C, populate the sources of this node
+          # 1) Split on ','
+          # 2) If 'O', add the source, else it's P (we don't have R sources) and
+          #    needs to be converted. P type will either be P:name or P# where #
+          #    is the index of the paramter. Drop the P and store the int as int
+          #    or name as symbol
+          def generate_sources
+            if source_string
+              @sources = []
+              source_string.split(Contrast::Utils::ObjectShare::COMMA).each do |s|
+                is_object = (s == Contrast::Utils::ObjectShare::OBJECT_KEY)
+                if is_object
+                  @sources << s
+                else
+                  parameter_source = s[1..-1]
+                  @sources << if parameter_source.start_with?(Contrast::Utils::ObjectShare::COLON)
+                                parameter_source[1..-1].to_sym
+                              else
+                                parameter_source.to_i
+                              end
+                end
+              end
+            else
+              @sources = Contrast::Utils::ObjectShare::EMPTY_ARRAY
+            end
+          end
+
+          # Given a target in the format A,B,C, populate the targets of this node
+          # 1) Split on ','
+          # 2) If 'O' or 'R', add the target, else it's P and needs to be
+          #    converted. P type will either be P:name or P# where # is the index
+          #    of the paramter. Drop the P and store the int as int or name as
+          #    symbol
+          def generate_targets
+            if target_string
+              @targets = []
+              target_string.split(Contrast::Utils::ObjectShare::COMMA).each do |t|
+                case t
+                when Contrast::Utils::ObjectShare::OBJECT_KEY
+                  @targets << t
+                when Contrast::Utils::ObjectShare::RETURN_KEY
+                  @targets << t
+                else
+                  parameter_target = t[1..-1]
+                  @targets << if parameter_target.start_with?(Contrast::Utils::ObjectShare::COLON)
+                                parameter_target[1..-1].to_sym
+                              else
+                                parameter_target.to_i
+                              end
+                end
+              end
+            else
+              @targets = Contrast::Utils::ObjectShare::EMPTY_ARRAY
+            end
+          end
+
+          # Don't let nodes be created that will be missing things we need
+          # later on. Really, if they don't have these things, they couldn't have
+          # done their jobs anyway.
+          def validate
+            super
+            validate_tags
+          end
+
+          # TeamServer is picky. The tags here match to ENUMs there. If there
+          # isn't a matching ENUM in TS land, the database gets got. We really
+          # don't want to get them, so we're going to prevent the node from being
+          # made.
+          def validate_tags
+            return unless tags
+
+            tags.each do |tag|
+              next if VALID_TAGS.include?(tag) || VALID_SOURCE_TAGS.include?(tag)
+
+              raise(ArgumentError,
+                    "#{ node_class } #{ id } had an invalid tag. #{ tag } is not a known value.")
+            end
+          end
+
+          ALL_TYPE = 'A'
+          CREATION_TYPE = 'CREATION'
+          TRIGGER_TYPE = 'TRIGGER'
+          TO_MARKER = '2'
+          # Convert our action, built from our source and target, into
+          # the TS appropriate action. That's a single source to single
+          # target marker (A,O,P,R)
+          #
+          # Creation (source nodes) don't have sources (they are the source)
+          # Trigger (trigger nodes) don't have targets (they are the target)
+          # Everything else (propagation nodes) are Source2Target
+          def build_action
+            @event_action ||= begin
+              source = source_string
+              target = target_string
+              if source.nil?
+                :CREATION
+              elsif target.nil?
+                :TRIGGER
+              else
+                # TeamServer can't handle the multi-source or multi-target
+                # values. Give it some help by changing them to 'A'
+                source = ALL_TYPE if source.include?(Contrast::Utils::ObjectShare::COMMA)
+                target = ALL_TYPE if target.include?(Contrast::Utils::ObjectShare::COMMA)
+                str = source[0] + TO_MARKER + target[0] # TODO: RUBY-139 PERF -- save in the patcher
+                str.to_sym
+              end
+            end
+            @event_action
+          end
+
+          # EventTagTypeDTM
+          VALID_TAGS = %w[
+            XML_ENCODED
+            XML_DECODED
+            HTML_ENCODED
+            HTML_DECODED
+            URL_ENCODED
+            URL_DECODED
+            CSS_ENCODED
+            CSS_DECODED
+            BASE64_ENCODED
+            BASE64_DECODED
+            JAVASCRIPT_ENCODED
+            JAVASCRIPT_DECODED
+            JAVA_ENCODED
+            JAVA_DECODED
+            CSV_ENCODED
+            CSV_DECODED
+            SQL_ENCODED
+            SQL_DECODED
+            LDAP_ENCODED
+            LDAP_DECODED
+            XPATH_ENCODED
+            XPATH_DECODED
+            OS_ENCODED
+            OS_DECODED
+            VBSCRIPT_ENCODED
+            VBSCRIPT_DECODED
+            POTENTIAL_SANITIZED
+            POTENTIAL_VALIDATED
+            NO_CONTROL_CHARS
+            CUSTOM
+
+            CUSTOM_ENCODED
+            CUSTOM_ENCODED_CMD_INJECTION
+            CUSTOM_ENCODED_EXPRESSION_LANGUAGE_INJECTION
+            CUSTOM_ENCODED_HEADER_INJECTION
+            CUSTOM_ENCODED_HQL_INJECTION
+            CUSTOM_ENCODED_LDAP_INJECTION
+            CUSTOM_ENCODED_LOG_INJECTION
+            CUSTOM_ENCODED_NOSQL_INJECTION
+            CUSTOM_ENCODED_PATH_TRAVERSAL
+            CUSTOM_ENCODED_REDOS
+            CUSTOM_ENCODED_REFLECTED_XSS
+            CUSTOM_ENCODED_REFLECTION_INJECTION
+            CUSTOM_ENCODED_SMTP_INJECTION
+            CUSTOM_ENCODED_SQL_INJECTION
+            CUSTOM_ENCODED_SSRF
+            CUSTOM_ENCODED_STORED_XSS
+            CUSTOM_ENCODED_TRUST_BOUNDARY_VIOLATION
+            CUSTOM_ENCODED_UNSAFE_CODE_EXECUTION
+            CUSTOM_ENCODED_UNSAFE_READLINE
+            CUSTOM_ENCODED_UNSAFE_XML_DECODE
+            CUSTOM_ENCODED_UNTRUSTED_DESERIALIZATION
+            CUSTOM_ENCODED_UNVALIDATED_FORWARD
+            CUSTOM_ENCODED_UNVALIDATED_REDIRECT
+            CUSTOM_ENCODED_XPATH_INJECTION
+            CUSTOM_ENCODED_XXE
+            CUSTOM_SECURITY_CONTROL_APPLIED
+
+            CUSTOM_VALIDATED
+            CUSTOM_VALIDATED_CMD_INJECTION
+            CUSTOM_VALIDATED_EXPRESSION_LANGUAGE_INJECTION
+            CUSTOM_VALIDATED_HEADER_INJECTION
+            CUSTOM_VALIDATED_HQL_INJECTION
+            CUSTOM_VALIDATED_LDAP_INJECTION
+            CUSTOM_VALIDATED_LOG_INJECTION
+            CUSTOM_VALIDATED_NOSQL_INJECTION
+            CUSTOM_VALIDATED_PATH_TRAVERSAL
+            CUSTOM_VALIDATED_REDOS
+            CUSTOM_VALIDATED_REFLECTED_XSS
+            CUSTOM_VALIDATED_REFLECTION_INJECTION
+            CUSTOM_VALIDATED_SMTP_INJECTION
+            CUSTOM_VALIDATED_SQL_INJECTION
+            CUSTOM_VALIDATED_SSRF
+            CUSTOM_VALIDATED_STORED_XSS
+            CUSTOM_VALIDATED_TRUST_BOUNDARY_VIOLATION
+            CUSTOM_VALIDATED_UNSAFE_CODE_EXECUTION
+            CUSTOM_VALIDATED_UNSAFE_READLINE
+            CUSTOM_VALIDATED_UNSAFE_XML_DECODE
+            CUSTOM_VALIDATED_UNTRUSTED_DESERIALIZATION
+            CUSTOM_VALIDATED_UNVALIDATED_FORWARD
+            CUSTOM_VALIDATED_UNVALIDATED_REDIRECT
+            CUSTOM_VALIDATED_XPATH_INJECTION
+            CUSTOM_VALIDATED_XXE
+
+            DATABASE_WRITE
+          ].cs__freeze
+
+          VALID_SOURCE_TAGS = %w[
+            NO_NEWLINES
+            UNTRUSTED
+            CROSS_SITE
+            LIMITED_CHARS
+          ].cs__freeze
+
+          # The keys used to read from policy.json to create the individual
+          # policy nodes. These are common across node types
+          JSON_SOURCE = 'source'
+          JSON_TARGET = 'target'
+          JSON_TAGS = 'tags'
+          JSON_DATAFLOW = 'dataflow'
+        end
+      end
+    end
+  end
+end