RubyGems - contrast-agent - Versions diffs - 3.8.4 - Mend

contrast-agent 3.8.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (500) hide show

checksums.yaml +7 -0
data/.clang-format +5 -0
data/.dockerignore +10 -0
data/.gitignore +58 -0
data/.gitmodules +6 -0
data/.rspec +6 -0
data/.simplecov +4 -0
data/Gemfile +7 -0
data/LICENSE.txt +12 -0
data/Rakefile +15 -0
data/exe/contrast_service +29 -0
data/ext/build_funchook.rb +48 -0
data/ext/cs__assess_active_record_named/cs__active_record_named.c +47 -0
data/ext/cs__assess_active_record_named/cs__active_record_named.h +10 -0
data/ext/cs__assess_active_record_named/extconf.rb +2 -0
data/ext/cs__assess_array/cs__assess_array.c +38 -0
data/ext/cs__assess_array/cs__assess_array.h +9 -0
data/ext/cs__assess_array/extconf.rb +2 -0
data/ext/cs__assess_basic_object/cs__assess_basic_object.c +50 -0
data/ext/cs__assess_basic_object/cs__assess_basic_object.h +17 -0
data/ext/cs__assess_basic_object/extconf.rb +2 -0
data/ext/cs__assess_fiber_track/cs__assess_fiber_track.c +86 -0
data/ext/cs__assess_fiber_track/cs__assess_fiber_track.h +34 -0
data/ext/cs__assess_fiber_track/extconf.rb +2 -0
data/ext/cs__assess_hash/cs__assess_hash.c +64 -0
data/ext/cs__assess_hash/cs__assess_hash.h +24 -0
data/ext/cs__assess_hash/extconf.rb +2 -0
data/ext/cs__assess_kernel/cs__assess_kernel.c +36 -0
data/ext/cs__assess_kernel/cs__assess_kernel.h +10 -0
data/ext/cs__assess_kernel/extconf.rb +2 -0
data/ext/cs__assess_marshal_module/cs__assess_marshal_module.c +47 -0
data/ext/cs__assess_marshal_module/cs__assess_marshal_module.h +18 -0
data/ext/cs__assess_marshal_module/extconf.rb +2 -0
data/ext/cs__assess_module/cs__assess_module.c +78 -0
data/ext/cs__assess_module/cs__assess_module.h +25 -0
data/ext/cs__assess_module/extconf.rb +2 -0
data/ext/cs__assess_regexp/cs__assess_regexp.c +48 -0
data/ext/cs__assess_regexp/cs__assess_regexp.h +22 -0
data/ext/cs__assess_regexp/extconf.rb +2 -0
data/ext/cs__assess_regexp_track/cs__assess_regexp_track.c +63 -0
data/ext/cs__assess_regexp_track/cs__assess_regexp_track.h +29 -0
data/ext/cs__assess_regexp_track/extconf.rb +2 -0
data/ext/cs__assess_string/cs__assess_string.c +38 -0
data/ext/cs__assess_string/cs__assess_string.h +19 -0
data/ext/cs__assess_string/extconf.rb +2 -0
data/ext/cs__assess_string_interpolation26/cs__assess_string_interpolation26.c +31 -0
data/ext/cs__assess_string_interpolation26/cs__assess_string_interpolation26.h +13 -0
data/ext/cs__assess_string_interpolation26/extconf.rb +2 -0
data/ext/cs__common/cs__common.c +60 -0
data/ext/cs__common/cs__common.h +28 -0
data/ext/cs__common/extconf.rb +20 -0
data/ext/cs__contrast_patch/cs__contrast_patch.c +445 -0
data/ext/cs__contrast_patch/cs__contrast_patch.h +196 -0
data/ext/cs__contrast_patch/extconf.rb +2 -0
data/ext/cs__protect_kernel/cs__protect_kernel.c +37 -0
data/ext/cs__protect_kernel/cs__protect_kernel.h +11 -0
data/ext/cs__protect_kernel/extconf.rb +2 -0
data/ext/cs__scope/cs__scope.c +96 -0
data/ext/cs__scope/cs__scope.h +33 -0
data/ext/cs__scope/extconf.rb +2 -0
data/ext/extconf_common.rb +49 -0
data/funchook/LICENSE +360 -0
data/funchook/Makefile +29 -0
data/funchook/Makefile.in +29 -0
data/funchook/README.md +121 -0
data/funchook/appveyor.yml +42 -0
data/funchook/autogen.sh +3 -0
data/funchook/autom4te.cache/output.0 +4976 -0
data/funchook/autom4te.cache/requests +78 -0
data/funchook/autom4te.cache/traces.0 +364 -0
data/funchook/config.guess +1530 -0
data/funchook/config.log +490 -0
data/funchook/config.status +1016 -0
data/funchook/config.sub +1773 -0
data/funchook/configure +4976 -0
data/funchook/configure.ac +59 -0
data/funchook/distorm/COPYING +26 -0
data/funchook/distorm/MANIFEST +25 -0
data/funchook/distorm/MANIFEST.in +4 -0
data/funchook/distorm/README.md +12 -0
data/funchook/distorm/disOps/disOps.py +795 -0
data/funchook/distorm/disOps/x86db.py +404 -0
data/funchook/distorm/disOps/x86header.py +247 -0
data/funchook/distorm/disOps/x86sets.py +1664 -0
data/funchook/distorm/examples/cs/TestdiStorm/Program.cs +79 -0
data/funchook/distorm/examples/cs/TestdiStorm/Properties/AssemblyInfo.cs +36 -0
data/funchook/distorm/examples/cs/TestdiStorm/TestdiStorm.csproj +69 -0
data/funchook/distorm/examples/cs/distorm-net.sln +26 -0
data/funchook/distorm/examples/cs/distorm-net/CodeInfo.cs +23 -0
data/funchook/distorm/examples/cs/distorm-net/DecodedInst.cs +15 -0
data/funchook/distorm/examples/cs/distorm-net/DecodedResult.cs +14 -0
data/funchook/distorm/examples/cs/distorm-net/DecomposedInst.cs +36 -0
data/funchook/distorm/examples/cs/distorm-net/DecomposedResult.cs +14 -0
data/funchook/distorm/examples/cs/distorm-net/Opcodes.cs +1268 -0
data/funchook/distorm/examples/cs/distorm-net/Opcodes.tt +37 -0
data/funchook/distorm/examples/cs/distorm-net/Operand.cs +25 -0
data/funchook/distorm/examples/cs/distorm-net/Properties/AssemblyInfo.cs +36 -0
data/funchook/distorm/examples/cs/distorm-net/diStorm3.cs +411 -0
data/funchook/distorm/examples/cs/distorm-net/distorm-net.csproj +80 -0
data/funchook/distorm/examples/cs/readme +3 -0
data/funchook/distorm/examples/ddk/README +48 -0
data/funchook/distorm/examples/ddk/distorm.ini +11 -0
data/funchook/distorm/examples/ddk/dummy.c +15 -0
data/funchook/distorm/examples/ddk/main.c +91 -0
data/funchook/distorm/examples/ddk/makefile +1 -0
data/funchook/distorm/examples/ddk/sources +10 -0
data/funchook/distorm/examples/java/Makefile +23 -0
data/funchook/distorm/examples/java/distorm/src/Main.java +43 -0
data/funchook/distorm/examples/java/distorm/src/diStorm3/CodeInfo.java +27 -0
data/funchook/distorm/examples/java/distorm/src/diStorm3/DecodedInst.java +32 -0
data/funchook/distorm/examples/java/distorm/src/diStorm3/DecodedResult.java +11 -0
data/funchook/distorm/examples/java/distorm/src/diStorm3/DecomposedInst.java +89 -0
data/funchook/distorm/examples/java/distorm/src/diStorm3/DecomposedResult.java +11 -0
data/funchook/distorm/examples/java/distorm/src/diStorm3/OpcodeEnum.java +131 -0
data/funchook/distorm/examples/java/distorm/src/diStorm3/Opcodes.java +1123 -0
data/funchook/distorm/examples/java/distorm/src/diStorm3/Operand.java +24 -0
data/funchook/distorm/examples/java/distorm/src/diStorm3/distorm3.java +41 -0
data/funchook/distorm/examples/java/jdistorm.c +405 -0
data/funchook/distorm/examples/java/jdistorm.h +40 -0
data/funchook/distorm/examples/java/jdistorm.sln +20 -0
data/funchook/distorm/examples/java/jdistorm.vcproj +208 -0
data/funchook/distorm/examples/linux/Makefile +15 -0
data/funchook/distorm/examples/linux/main.c +181 -0
data/funchook/distorm/examples/tests/Makefile +15 -0
data/funchook/distorm/examples/tests/main.cpp +42 -0
data/funchook/distorm/examples/tests/main.py +66 -0
data/funchook/distorm/examples/tests/test_distorm3.py +1672 -0
data/funchook/distorm/examples/tests/tests.sln +20 -0
data/funchook/distorm/examples/tests/tests.vcxproj +82 -0
data/funchook/distorm/examples/tests/tests.vcxproj.filters +22 -0
data/funchook/distorm/examples/win32/disasm.sln +25 -0
data/funchook/distorm/examples/win32/disasm.vcxproj +201 -0
data/funchook/distorm/examples/win32/disasm.vcxproj.filters +14 -0
data/funchook/distorm/examples/win32/main.cpp +163 -0
data/funchook/distorm/include/distorm.h +482 -0
data/funchook/distorm/include/mnemonics.h +301 -0
data/funchook/distorm/make/linux/Makefile +28 -0
data/funchook/distorm/make/mac/Makefile +24 -0
data/funchook/distorm/make/win32/cdistorm.vcxproj +239 -0
data/funchook/distorm/make/win32/cdistorm.vcxproj.filters +80 -0
data/funchook/distorm/make/win32/distorm.sln +25 -0
data/funchook/distorm/make/win32/resource.h +14 -0
data/funchook/distorm/make/win32/resource.rc +99 -0
data/funchook/distorm/python/distorm3/__init__.py +957 -0
data/funchook/distorm/python/distorm3/sample.py +51 -0
data/funchook/distorm/setup.cfg +10 -0
data/funchook/distorm/setup.py +266 -0
data/funchook/distorm/src/config.h +169 -0
data/funchook/distorm/src/decoder.c +641 -0
data/funchook/distorm/src/decoder.h +33 -0
data/funchook/distorm/src/distorm.c +413 -0
data/funchook/distorm/src/instructions.c +597 -0
data/funchook/distorm/src/instructions.h +463 -0
data/funchook/distorm/src/insts.c +7939 -0
data/funchook/distorm/src/insts.h +64 -0
data/funchook/distorm/src/mnemonics.c +284 -0
data/funchook/distorm/src/operands.c +1290 -0
data/funchook/distorm/src/operands.h +28 -0
data/funchook/distorm/src/prefix.c +368 -0
data/funchook/distorm/src/prefix.h +64 -0
data/funchook/distorm/src/textdefs.c +172 -0
data/funchook/distorm/src/textdefs.h +57 -0
data/funchook/distorm/src/wstring.c +47 -0
data/funchook/distorm/src/wstring.h +35 -0
data/funchook/distorm/src/x86defs.h +82 -0
data/funchook/include/funchook.h +123 -0
data/funchook/install-sh +527 -0
data/funchook/src/Makefile +70 -0
data/funchook/src/Makefile.in +70 -0
data/funchook/src/__strerror.h +109 -0
data/funchook/src/config.h +101 -0
data/funchook/src/config.h.in +100 -0
data/funchook/src/decoder.o +0 -0
data/funchook/src/distorm.o +0 -0
data/funchook/src/funchook.c +440 -0
data/funchook/src/funchook.o +0 -0
data/funchook/src/funchook_internal.h +155 -0
data/funchook/src/funchook_io.c +182 -0
data/funchook/src/funchook_io.h +64 -0
data/funchook/src/funchook_io.o +0 -0
data/funchook/src/funchook_syscall.S +134 -0
data/funchook/src/funchook_syscall.o +0 -0
data/funchook/src/funchook_unix.c +480 -0
data/funchook/src/funchook_unix.o +0 -0
data/funchook/src/funchook_windows.c +397 -0
data/funchook/src/funchook_x86.c +622 -0
data/funchook/src/funchook_x86.o +0 -0
data/funchook/src/instructions.o +0 -0
data/funchook/src/insts.o +0 -0
data/funchook/src/libfunchook.so +0 -0
data/funchook/src/mnemonics.o +0 -0
data/funchook/src/operands.o +0 -0
data/funchook/src/os_func.c +115 -0
data/funchook/src/os_func.h +75 -0
data/funchook/src/os_func.o +0 -0
data/funchook/src/os_func_unix.c +94 -0
data/funchook/src/os_func_unix.o +0 -0
data/funchook/src/os_func_windows.c +32 -0
data/funchook/src/prefix.o +0 -0
data/funchook/src/printf_base.c +1688 -0
data/funchook/src/printf_base.h +46 -0
data/funchook/src/printf_base.o +0 -0
data/funchook/src/textdefs.o +0 -0
data/funchook/src/wstring.o +0 -0
data/funchook/test/Makefile +43 -0
data/funchook/test/Makefile.in +43 -0
data/funchook/test/funchook_test +0 -0
data/funchook/test/libfunchook_test.c +25 -0
data/funchook/test/libfunchook_test.so +0 -0
data/funchook/test/libfunchook_test2.c +18 -0
data/funchook/test/suffix.list +600 -0
data/funchook/test/test_main.c +430 -0
data/funchook/test/test_main.o +0 -0
data/funchook/test/x86_64_test.S +10 -0
data/funchook/test/x86_64_test.o +0 -0
data/funchook/test/x86_test.S +339 -0
data/funchook/win32/config.h +1 -0
data/funchook/win32/funchook.sln +52 -0
data/funchook/win32/funchook.vcxproj +188 -0
data/funchook/win32/funchook.vcxproj.filters +84 -0
data/funchook/win32/funchook_test.vcxproj +170 -0
data/funchook/win32/funchook_test.vcxproj.filters +22 -0
data/funchook/win32/funchook_test_dll.vcxproj +184 -0
data/funchook/win32/funchook_test_dll.vcxproj.filters +30 -0
data/funchook/win32/funchook_test_exe.def +3 -0
data/lib/contrast-agent.rb +8 -0
data/lib/contrast.rb +57 -0
data/lib/contrast/agent.rb +80 -0
data/lib/contrast/agent/assess.rb +45 -0
data/lib/contrast/agent/assess/adjusted_span.rb +25 -0
data/lib/contrast/agent/assess/class_reverter.rb +82 -0
data/lib/contrast/agent/assess/contrast_event.rb +398 -0
data/lib/contrast/agent/assess/frozen_properties.rb +41 -0
data/lib/contrast/agent/assess/insulator.rb +53 -0
data/lib/contrast/agent/assess/policy/dynamic_source_factory.rb +78 -0
data/lib/contrast/agent/assess/policy/patcher.rb +85 -0
data/lib/contrast/agent/assess/policy/policy.rb +116 -0
data/lib/contrast/agent/assess/policy/policy_node.rb +289 -0
data/lib/contrast/agent/assess/policy/policy_scanner.rb +44 -0
data/lib/contrast/agent/assess/policy/preshift.rb +94 -0
data/lib/contrast/agent/assess/policy/propagation_method.rb +260 -0
data/lib/contrast/agent/assess/policy/propagation_node.rb +127 -0
data/lib/contrast/agent/assess/policy/propagator.rb +35 -0
data/lib/contrast/agent/assess/policy/propagator/append.rb +54 -0
data/lib/contrast/agent/assess/policy/propagator/base.rb +37 -0
data/lib/contrast/agent/assess/policy/propagator/center.rb +73 -0
data/lib/contrast/agent/assess/policy/propagator/custom.rb +36 -0
data/lib/contrast/agent/assess/policy/propagator/database_write.rb +62 -0
data/lib/contrast/agent/assess/policy/propagator/insert.rb +55 -0
data/lib/contrast/agent/assess/policy/propagator/keep.rb +26 -0
data/lib/contrast/agent/assess/policy/propagator/next.rb +42 -0
data/lib/contrast/agent/assess/policy/propagator/prepend.rb +50 -0
data/lib/contrast/agent/assess/policy/propagator/remove.rb +76 -0
data/lib/contrast/agent/assess/policy/propagator/replace.rb +27 -0
data/lib/contrast/agent/assess/policy/propagator/reverse.rb +38 -0
data/lib/contrast/agent/assess/policy/propagator/select.rb +86 -0
data/lib/contrast/agent/assess/policy/propagator/splat.rb +60 -0
data/lib/contrast/agent/assess/policy/propagator/split.rb +49 -0
data/lib/contrast/agent/assess/policy/propagator/substitution.rb +169 -0
data/lib/contrast/agent/assess/policy/propagator/trim.rb +81 -0
data/lib/contrast/agent/assess/policy/rewriter_patch.rb +79 -0
data/lib/contrast/agent/assess/policy/source_method.rb +209 -0
data/lib/contrast/agent/assess/policy/source_node.rb +62 -0
data/lib/contrast/agent/assess/policy/trigger_method.rb +209 -0
data/lib/contrast/agent/assess/policy/trigger_node.rb +198 -0
data/lib/contrast/agent/assess/policy/trigger_validation/ssrf_validator.rb +77 -0
data/lib/contrast/agent/assess/policy/trigger_validation/trigger_validation.rb +31 -0
data/lib/contrast/agent/assess/policy/trigger_validation/xss_validator.rb +40 -0
data/lib/contrast/agent/assess/properties.rb +392 -0
data/lib/contrast/agent/assess/rule.rb +18 -0
data/lib/contrast/agent/assess/rule/base.rb +72 -0
data/lib/contrast/agent/assess/rule/csrf.rb +66 -0
data/lib/contrast/agent/assess/rule/csrf/csrf_action.rb +28 -0
data/lib/contrast/agent/assess/rule/csrf/csrf_applicator.rb +69 -0
data/lib/contrast/agent/assess/rule/csrf/csrf_watcher.rb +132 -0
data/lib/contrast/agent/assess/rule/provider.rb +21 -0
data/lib/contrast/agent/assess/rule/provider/hardcoded_key.rb +62 -0
data/lib/contrast/agent/assess/rule/provider/hardcoded_password.rb +73 -0
data/lib/contrast/agent/assess/rule/provider/hardcoded_value_rule.rb +121 -0
data/lib/contrast/agent/assess/rule/redos.rb +68 -0
data/lib/contrast/agent/assess/rule/response_scanning_rule.rb +47 -0
data/lib/contrast/agent/assess/rule/response_watcher.rb +36 -0
data/lib/contrast/agent/assess/rule/watcher.rb +36 -0
data/lib/contrast/agent/assess/tag.rb +151 -0
data/lib/contrast/agent/at_exit_hook.rb +33 -0
data/lib/contrast/agent/class_reopener.rb +195 -0
data/lib/contrast/agent/deadzone/policy/deadzone_node.rb +26 -0
data/lib/contrast/agent/deadzone/policy/policy.rb +57 -0
data/lib/contrast/agent/disable_reaction.rb +24 -0
data/lib/contrast/agent/exclusion_matcher.rb +190 -0
data/lib/contrast/agent/feature_state.rb +379 -0
data/lib/contrast/agent/inventory/policy/policy.rb +32 -0
data/lib/contrast/agent/inventory/policy/trigger_node.rb +22 -0
data/lib/contrast/agent/logger_manager.rb +116 -0
data/lib/contrast/agent/middleware.rb +352 -0
data/lib/contrast/agent/module_data.rb +16 -0
data/lib/contrast/agent/patching/policy/after_load_patch.rb +37 -0
data/lib/contrast/agent/patching/policy/after_load_patcher.rb +58 -0
data/lib/contrast/agent/patching/policy/method_policy.rb +94 -0
data/lib/contrast/agent/patching/policy/module_policy.rb +116 -0
data/lib/contrast/agent/patching/policy/patch.rb +312 -0
data/lib/contrast/agent/patching/policy/patch_status.rb +192 -0
data/lib/contrast/agent/patching/policy/patcher.rb +310 -0
data/lib/contrast/agent/patching/policy/policy.rb +138 -0
data/lib/contrast/agent/patching/policy/policy_node.rb +80 -0
data/lib/contrast/agent/patching/policy/policy_unpatcher.rb +28 -0
data/lib/contrast/agent/patching/policy/trigger_node.rb +81 -0
data/lib/contrast/agent/protect/policy/policy.rb +37 -0
data/lib/contrast/agent/protect/policy/trigger_node.rb +23 -0
data/lib/contrast/agent/protect/rule.rb +58 -0
data/lib/contrast/agent/protect/rule/base.rb +300 -0
data/lib/contrast/agent/protect/rule/base_service.rb +88 -0
data/lib/contrast/agent/protect/rule/cmd_injection.rb +156 -0
data/lib/contrast/agent/protect/rule/csrf.rb +118 -0
data/lib/contrast/agent/protect/rule/csrf/csrf_evaluator.rb +103 -0
data/lib/contrast/agent/protect/rule/csrf/csrf_token_injector.rb +85 -0
data/lib/contrast/agent/protect/rule/default_scanner.rb +300 -0
data/lib/contrast/agent/protect/rule/deserialization.rb +193 -0
data/lib/contrast/agent/protect/rule/http_method_tampering.rb +80 -0
data/lib/contrast/agent/protect/rule/no_sqli.rb +101 -0
data/lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb +40 -0
data/lib/contrast/agent/protect/rule/path_traversal.rb +143 -0
data/lib/contrast/agent/protect/rule/sqli.rb +101 -0
data/lib/contrast/agent/protect/rule/sqli/default_sql_scanner.rb +16 -0
data/lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb +38 -0
data/lib/contrast/agent/protect/rule/sqli/postgres_sql_scanner.rb +22 -0
data/lib/contrast/agent/protect/rule/sqli/sqlite_sql_scanner.rb +19 -0
data/lib/contrast/agent/protect/rule/unsafe_file_upload.rb +20 -0
data/lib/contrast/agent/protect/rule/xss.rb +24 -0
data/lib/contrast/agent/protect/rule/xxe.rb +120 -0
data/lib/contrast/agent/protect/rule/xxe/entity_wrapper.rb +82 -0
data/lib/contrast/agent/railtie.rb +30 -0
data/lib/contrast/agent/reaction_processor.rb +47 -0
data/lib/contrast/agent/request.rb +493 -0
data/lib/contrast/agent/request_context.rb +225 -0
data/lib/contrast/agent/require_state.rb +61 -0
data/lib/contrast/agent/response.rb +215 -0
data/lib/contrast/agent/rewriter.rb +244 -0
data/lib/contrast/agent/scope.rb +28 -0
data/lib/contrast/agent/service_heartbeat.rb +37 -0
data/lib/contrast/agent/settings_state.rb +148 -0
data/lib/contrast/agent/socket_client.rb +125 -0
data/lib/contrast/agent/thread.rb +26 -0
data/lib/contrast/agent/tracepoint_hook.rb +51 -0
data/lib/contrast/agent/version.rb +8 -0
data/lib/contrast/api.rb +17 -0
data/lib/contrast/api/.gitkeep +0 -0
data/lib/contrast/api/connection_status.rb +49 -0
data/lib/contrast/api/socket.rb +43 -0
data/lib/contrast/api/speedracer.rb +206 -0
data/lib/contrast/api/tcp_socket.rb +31 -0
data/lib/contrast/api/unix_socket.rb +25 -0
data/lib/contrast/common_agent_configuration.rb +86 -0
data/lib/contrast/components/agent.rb +85 -0
data/lib/contrast/components/app_context.rb +188 -0
data/lib/contrast/components/assess.rb +67 -0
data/lib/contrast/components/config.rb +135 -0
data/lib/contrast/components/contrast_service.rb +113 -0
data/lib/contrast/components/heap_dump.rb +34 -0
data/lib/contrast/components/interface.rb +178 -0
data/lib/contrast/components/inventory.rb +23 -0
data/lib/contrast/components/logger.rb +92 -0
data/lib/contrast/components/protect.rb +38 -0
data/lib/contrast/components/sampling.rb +41 -0
data/lib/contrast/components/scope.rb +106 -0
data/lib/contrast/components/settings.rb +140 -0
data/lib/contrast/config.rb +33 -0
data/lib/contrast/config/agent_configuration.rb +24 -0
data/lib/contrast/config/application_configuration.rb +27 -0
data/lib/contrast/config/assess_configuration.rb +22 -0
data/lib/contrast/config/assess_rules_configuration.rb +18 -0
data/lib/contrast/config/base_configuration.rb +105 -0
data/lib/contrast/config/default_value.rb +16 -0
data/lib/contrast/config/exception_configuration.rb +21 -0
data/lib/contrast/config/heap_dump_configuration.rb +23 -0
data/lib/contrast/config/inventory_configuration.rb +20 -0
data/lib/contrast/config/logger_configuration.rb +20 -0
data/lib/contrast/config/protect_configuration.rb +20 -0
data/lib/contrast/config/protect_rule_configuration.rb +37 -0
data/lib/contrast/config/protect_rules_configuration.rb +30 -0
data/lib/contrast/config/root_configuration.rb +26 -0
data/lib/contrast/config/ruby_configuration.rb +39 -0
data/lib/contrast/config/sampling_configuration.rb +22 -0
data/lib/contrast/config/server_configuration.rb +23 -0
data/lib/contrast/config/service_configuration.rb +22 -0
data/lib/contrast/configuration.rb +214 -0
data/lib/contrast/core_extensions/assess.rb +51 -0
data/lib/contrast/core_extensions/assess/array.rb +58 -0
data/lib/contrast/core_extensions/assess/assess_extension.rb +145 -0
data/lib/contrast/core_extensions/assess/basic_object.rb +15 -0
data/lib/contrast/core_extensions/assess/erb.rb +42 -0
data/lib/contrast/core_extensions/assess/exec_trigger.rb +48 -0
data/lib/contrast/core_extensions/assess/fiber.rb +125 -0
data/lib/contrast/core_extensions/assess/hash.rb +22 -0
data/lib/contrast/core_extensions/assess/kernel.rb +95 -0
data/lib/contrast/core_extensions/assess/module.rb +14 -0
data/lib/contrast/core_extensions/assess/regexp.rb +206 -0
data/lib/contrast/core_extensions/assess/string.rb +75 -0
data/lib/contrast/core_extensions/assess/tilt_template_trigger.rb +73 -0
data/lib/contrast/core_extensions/delegator.rb +14 -0
data/lib/contrast/core_extensions/eval_trigger.rb +52 -0
data/lib/contrast/core_extensions/inventory.rb +22 -0
data/lib/contrast/core_extensions/inventory/datastores.rb +37 -0
data/lib/contrast/core_extensions/module.rb +42 -0
data/lib/contrast/core_extensions/object.rb +27 -0
data/lib/contrast/core_extensions/protect.rb +20 -0
data/lib/contrast/core_extensions/protect/applies_command_injection_rule.rb +70 -0
data/lib/contrast/core_extensions/protect/applies_deserialization_rule.rb +58 -0
data/lib/contrast/core_extensions/protect/applies_no_sqli_rule.rb +81 -0
data/lib/contrast/core_extensions/protect/applies_path_traversal_rule.rb +119 -0
data/lib/contrast/core_extensions/protect/applies_sqli_rule.rb +63 -0
data/lib/contrast/core_extensions/protect/applies_xxe_rule.rb +141 -0
data/lib/contrast/core_extensions/protect/kernel.rb +30 -0
data/lib/contrast/core_extensions/protect/psych.rb +7 -0
data/lib/contrast/core_extensions/thread.rb +31 -0
data/lib/contrast/internal_exception.rb +8 -0
data/lib/contrast/rails_extensions/assess/action_controller_inheritance.rb +48 -0
data/lib/contrast/rails_extensions/assess/active_record.rb +32 -0
data/lib/contrast/rails_extensions/assess/active_record_named.rb +61 -0
data/lib/contrast/rails_extensions/assess/configuration.rb +26 -0
data/lib/contrast/rails_extensions/buffer.rb +30 -0
data/lib/contrast/rails_extensions/rack.rb +45 -0
data/lib/contrast/security_exception.rb +14 -0
data/lib/contrast/sinatra_extensions/assess/cookie.rb +26 -0
data/lib/contrast/sinatra_extensions/inventory/sinatra_base.rb +59 -0
data/lib/contrast/tasks/service.rb +95 -0
data/lib/contrast/utils/assess/sampling_util.rb +96 -0
data/lib/contrast/utils/assess/tracking_util.rb +39 -0
data/lib/contrast/utils/boolean_util.rb +33 -0
data/lib/contrast/utils/cache.rb +69 -0
data/lib/contrast/utils/class_util.rb +58 -0
data/lib/contrast/utils/comment_range.rb +19 -0
data/lib/contrast/utils/data_store_util.rb +23 -0
data/lib/contrast/utils/duck_utils.rb +58 -0
data/lib/contrast/utils/env_configuration_item.rb +52 -0
data/lib/contrast/utils/environment_util.rb +152 -0
data/lib/contrast/utils/freeze_util.rb +36 -0
data/lib/contrast/utils/gemfile_reader.rb +191 -0
data/lib/contrast/utils/hash_digest.rb +148 -0
data/lib/contrast/utils/heap_dump_util.rb +113 -0
data/lib/contrast/utils/invalid_configuration_util.rb +88 -0
data/lib/contrast/utils/inventory_util.rb +126 -0
data/lib/contrast/utils/io_util.rb +61 -0
data/lib/contrast/utils/object_share.rb +117 -0
data/lib/contrast/utils/operating_environment.rb +38 -0
data/lib/contrast/utils/os.rb +49 -0
data/lib/contrast/utils/path_util.rb +151 -0
data/lib/contrast/utils/performs_logging.rb +152 -0
data/lib/contrast/utils/preflight_util.rb +13 -0
data/lib/contrast/utils/prevent_serialization.rb +52 -0
data/lib/contrast/utils/rack_assess_session_cookie.rb +104 -0
data/lib/contrast/utils/rails_assess_configuration.rb +95 -0
data/lib/contrast/utils/random_util.rb +22 -0
data/lib/contrast/utils/resource_loader.rb +23 -0
data/lib/contrast/utils/ruby_ast_rewriter.rb +74 -0
data/lib/contrast/utils/scope_util.rb +99 -0
data/lib/contrast/utils/service_response_util.rb +116 -0
data/lib/contrast/utils/service_sender_util.rb +98 -0
data/lib/contrast/utils/sha256_builder.rb +69 -0
data/lib/contrast/utils/sinatra_helper.rb +49 -0
data/lib/contrast/utils/stack_trace_utils.rb +209 -0
data/lib/contrast/utils/string_utils.rb +72 -0
data/lib/contrast/utils/tag_util.rb +139 -0
data/lib/contrast/utils/thread_tracker.rb +54 -0
data/lib/contrast/utils/timer.rb +78 -0
data/resources/assess/policy.json +1673 -0
data/resources/csrf/inject.js +44 -0
data/resources/deadzone/policy.json +55 -0
data/resources/factory-bot-spec/spec_helper.rb +30 -0
data/resources/inventory/policy.json +110 -0
data/resources/protect/policy.json +417 -0
data/resources/rubocops/kernel/catch_cop.rb +37 -0
data/resources/rubocops/kernel/require_cop.rb +37 -0
data/resources/rubocops/kernel/require_relative_cop.rb +33 -0
data/resources/rubocops/module/autoload_cop.rb +37 -0
data/resources/rubocops/module/const_defined_cop.rb +37 -0
data/resources/rubocops/module/const_get_cop.rb +37 -0
data/resources/rubocops/module/const_set_cop.rb +37 -0
data/resources/rubocops/module/constants_cop.rb +37 -0
data/resources/rubocops/module/name_cop.rb +37 -0
data/resources/rubocops/object/class_cop.rb +37 -0
data/resources/rubocops/object/freeze_cop.rb +37 -0
data/resources/rubocops/object/frozen_cop.rb +37 -0
data/resources/rubocops/object/is_a_cop.rb +37 -0
data/resources/rubocops/object/method_cop.rb +37 -0
data/resources/rubocops/object/respond_to_cop.rb +37 -0
data/resources/rubocops/object/singleton_class_cop.rb +37 -0
data/resources/rubocops/regexp/spelling_cop.rb +44 -0
data/resources/rubocops/thread/new_cop.rb +39 -0
data/resources/ruby-spec/ancestors_spec.rb +70 -0
data/resources/ruby-spec/modulo_spec.rb +831 -0
data/resources/ruby-spec/parameters_spec.rb +261 -0
data/resources/ruby-spec/ruby_spec_spec_helper.rb +35 -0
data/resources/test_marker.txt +1 -0
data/ruby-agent.gemspec +129 -0
data/service_executables/.gitkeep +0 -0
data/service_executables/VERSION +1 -0
data/service_executables/linux/contrast-service +0 -0
data/service_executables/mac/contrast-service +0 -0
metadata +945 -0

data/lib/contrast/agent/railtie.rb ADDED

@@ -0,0 +1,30 @@
+# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+cs__scoped_require 'contrast/utils/operating_environment'
+module Contrast
+  module Agent
+    # A Railtie to allow for the automatic hooking of the Agent into a Rails
+    # application.
+    class Railtie < Rails::Railtie
+      initializer 'Contrast Ruby Agent Initializer' do |app|
+        if defined?(Rails) && defined?(Rails.logger)
+          Rails.logger.debug('In railtie ::')
+          Rails.logger.debug(app.middleware.inspect)
+        end
+        if Contrast::Utils::OperatingEnvironment.unsupported?
+          Rails.logger.debug('Detected a non-webserver context, skipping Contrast middleware insertion.')
+        else
+          # Keep our middleware at the outermost layer of the onion
+          app.middleware.insert_before 0, Contrast::Agent::Middleware
+        end
+      end
+      rake_tasks do
+        load 'contrast/tasks/service.rb'
+      end
+    end
+  end
+end

data/lib/contrast/agent/reaction_processor.rb ADDED

@@ -0,0 +1,47 @@
+# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+cs__scoped_require 'contrast/agent/disable_reaction'
+cs__scoped_require 'contrast/components/interface'
+module Contrast
+  module Agent
+    # Because communication between the Agent/Service and TeamServer can only
+    # be initiated by outbound connections from the Agent/Service, we must
+    # provide a mechanism for the TeamServer to direct the Agent to take a
+    # specific action. This action is referred to as a Reaction. This class is
+    # how we handle those Reaction messages.
+    class ReactionProcessor
+      include Contrast::Components::Interface
+      access_component :logging
+      # Process the given Reactions from the application settings based on what
+      # TeamServer has indicated. Each Reaction will result in a log message
+      # and, optionally, an action.
+      #
+      # @param application_settings [Contrast::Api::Settings::ApplicationSettings]
+      #   those settings which the Service has relayed from TeamServer.
+      def self.process application_settings
+        return nil unless application_settings&.reactions&.any?
+        application_settings.reactions.each do |reaction|
+          logger.debug(nil, "Received the following reaction: #{ reaction.operation }")
+          # the enums are all uppercase, we need to downcase them before attempting to log
+          level = reaction.log_level.nil? ? :error : reaction.log_level.downcase
+          logger.with_level(nil, reaction.message, level) if reaction.message
+          case reaction.operation
+          when :DISABLE
+            Contrast::Agent::DisableReaction.run reaction, level
+          when :NOOP # rubocop:disable Lint/EmptyWhen
+            # NOOP
+          else
+            logger.warn(nil, "ReactionProcessor received a reaction with an unknown operation: #{ reaction.operation }")
+          end
+        end
+      end
+    end
+  end
+end

data/lib/contrast/agent/request.rb ADDED

@@ -0,0 +1,493 @@
+# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+cs__scoped_require 'resolv'
+cs__scoped_require 'timeout'
+cs__scoped_require 'contrast/utils/object_share'
+cs__scoped_require 'contrast/utils/string_utils'
+cs__scoped_require 'contrast/utils/comment_range'
+cs__scoped_require 'contrast/utils/hash_digest'
+cs__scoped_require 'contrast/components/interface'
+module Contrast
+  module Agent
+    # This class is the Contrast representation of the Rack::Request object. It
+    # provides access to the original Rack::Request object as well as extracts
+    # data in a format that the Agent expects, caching those transformations in
+    # order to avoid repeatedly creating Strings & thrashing GC.
+    class Request
+      include Contrast::Components::Interface
+      access_component :logging, :scope
+      extend Forwardable
+      INNER_REST_TOKEN = %r{/[\d]+/}.cs__freeze
+      LAST_REST_TOKEN = %r{/[\d]+$}.cs__freeze
+      INNER_NUMBER_MARKER = '/{n}/'
+      LAST_NUMBER_MARKER = '/{n}'
+      OMITTED_BODY = '{{body-omitted-by-contrast}}'
+      attr_reader :rack_request
+      def_delegators :@rack_request,
+                     :env,
+                     :query_string,
+                     :user_agent,
+                     :path,
+                     :base_url
+      # receiver is memoized because it is the address/host/port of the server, once we
+      # resolve this for the first time, it shouldn't change
+      def self.receiver
+        @_receiver ||= build_receiver
+      end
+      def initialize rack_request
+        @rack_request = rack_request
+      end
+      ACCEPT = 'ACCEPT'
+      def accept_headers
+        accepts = Array(normalized_request_headers[ACCEPT])
+        accepts.any? ? accepts : nil
+      end
+      STATIC_SUFFIXES = /\.(?:js|css|jpeg|jpg|gif|png|ico|woff|svg|pdf|eot|ttf|jar)$/i.cs__freeze
+      WILDCARD = '*/*'
+      # Utility method for checking if a request is for a static resource.
+      # @return [Boolean] true, if the request is for a well-known static
+      #  type, like the following, and false otherwise: .js, .css, .jpg,
+      # .gif, .png, .ico
+      def static_request?
+        return true if trimmed_uri&.match?(STATIC_SUFFIXES)
+        accepts = accept_headers
+        if accepts
+          return false if accepts[0].to_s.start_with?(WILDCARD)
+          return true if media_content_type?(accepts[0])
+        end
+        false
+      end
+      MEDIA_TYPE_MARKERS = %w[image/ text/css text/javascript].cs__freeze
+      def media_content_type? str
+        str = str.to_s
+        str.start_with?(*MEDIA_TYPE_MARKERS)
+      end
+      def trimmed_uri
+        @_trimmed_uri ||= begin
+          raise ArgumentError, 'url was nil when attempting to trim' unless uri
+          trimmed = uri.split(Contrast::Utils::ObjectShare::SEMICOLON).first # remove ;jsessionid
+          trimmed.split(Contrast::Utils::ObjectShare::QUESTION_MARK).first # remove ?query_string=
+        end
+      end
+      # Returns a normalized form of the URI. In "normal" URIs
+      # this will return an unchanged String, but in REST-y
+      # URIs this will normalize the digit path tokens, e.g.:
+      #
+      # /accounts/5/view
+      # ...becomes:
+      # /accounts/{n}/view
+      #
+      # Should also handle the ;jsessionid.
+      def normalized_uri
+        @_normalized_uri ||= begin
+          uri = trimmed_uri
+          uri = uri.gsub(INNER_REST_TOKEN, INNER_NUMBER_MARKER) # replace interior tokens
+          uri.gsub(LAST_REST_TOKEN, LAST_NUMBER_MARKER) # replace last token
+        end
+      end
+      UNKNOWN_REQUEST_METHOD = 'UNKNOWN'
+      def request_method
+        rack_request.get_header(Rack::REQUEST_METHOD)
+      rescue StandardError => e
+        logger.warn("Unable to extract request method: #{ e }")
+        UNKNOWN_REQUEST_METHOD
+      end
+      def document_type_from_header
+        case content_type
+        when /xml/i
+          :XML
+        when /json/i
+          :JSON
+        when /html/i
+          :NORMAL
+        end
+      end
+      def document_type
+        @_document_type ||= begin
+          type = document_type_from_header
+          if type
+            type
+          elsif request_body_str.start_with?('<?xml')
+            :XML
+          elsif request_body_str.match?(/\s*[{\[]/)
+            :JSON
+          else
+            :NORMAL
+          end
+        end
+      end
+      def request_headers
+        @_request_headers ||= begin
+          with_contrast_scope do
+            headers = header_pairs(env).each_with_object({}) do |pair, h|
+              h[pair[0]] = pair[1]
+            end
+            headers
+          end
+        end
+      end
+      # Header keys upcased and any underscores replaced with dashes
+      def normalized_request_headers
+        @_normalized_request_headers ||= begin
+          hash = {}
+          request_headers.each_pair do |header_name, header_value|
+            hash[Contrast::Utils::StringUtils.normalized_key(header_name)] = header_value
+          end
+          hash
+        end
+      end
+      def header_value key
+        normalized_request_headers[Contrast::Utils::StringUtils.normalized_key(key)]
+      end
+      # Return a flattened hash of params with realized paths for keys, in
+      # addition to a separate, valueless, entry for each nest key.
+      # See RUBY-621 for more details.
+      # { key : { nested_key : ['x','y','z' ] } }
+      # becomes
+      # {
+      #   key[nested_key][0] : 'x'
+      #   key[nested_key][1] : 'y'
+      #   key[nested_key][2] : 'z'
+      #   key :                ''
+      #   nested_key :         ''
+      # }
+      def normalize_params val, prefix: nil
+        # In non-recursive invocations, val should always be a Hash
+        # (rather than breaking this out into two methods)
+        case val
+        when Tempfile
+          { prefix => Contrast::Utils::StringUtils.force_utf8(val.path) }
+        when Hash
+          res = val.each_with_object({}) do |(k, v), hash|
+            k = Contrast::Utils::StringUtils.force_utf8(k)
+            nested_prefix = prefix.nil? ? k : "#{ prefix }[#{ k }]"
+            hash[k] = Contrast::Utils::ObjectShare::EMPTY_STRING
+            hash.merge! normalize_params(v, prefix: nested_prefix)
+          end
+          res[prefix] = Contrast::Utils::ObjectShare::EMPTY_STRING if prefix
+          res
+        when Enumerable
+          res = val.each_with_index.each_with_object({}) do |(v, i), hash|
+            hash.merge! normalize_params(v, prefix: "#{ prefix }[#{ i }]")
+          end
+          res[prefix] = Contrast::Utils::ObjectShare::EMPTY_STRING if prefix
+          res
+        else
+          { prefix => Contrast::Utils::StringUtils.force_utf8(val) }
+        end
+      end
+      def request_body
+        # Memoize a flag indicating whether we've tried to read the body or not
+        # (can't use body because it might be nil)
+        @_request_body_read ||= begin
+          body = @rack_request.body
+          if defined?(Rack::Multipart)
+            if defined?(Rack::Multipart::UploadedFile) && body.is_a?(Rack::Multipart::UploadedFile)
+              logger.debug("not parsing uploaded file body :: #{ body.original_filename }::#{ body.content_type }")
+              @_request_body = nil
+            else
+              logger.debug("parsing body from request :: #{ body.cs__class.cs__name }")
+              @_request_body = Contrast::Utils::StringUtils.force_utf8(read_body(body), logger)
+            end
+          else
+            logger.debug('Rack before 1.3.x does not support Rack::Multipart')
+            @_request_body = Contrast::Utils::StringUtils.force_utf8(read_body(body), logger)
+          end
+          true
+        end
+        # Return memoized body (which might be nil)
+        @_request_body
+      end
+      def request_body_str
+        request_body.to_s || Contrast::Utils::ObjectShare::EMPTY_STRING
+      end
+      # This will become to_protobuf
+      # Expectation is that all data from a previous phase will be populated
+      # before the subsequent one begins
+      def dtm
+        @_dtm ||= begin
+          with_contrast_scope do
+            http_request = Contrast::Api::Dtm::HttpRequest.new
+            http_request.uuid = Contrast::Utils::StringUtils.force_utf8(__id__)
+            http_request.timestamp_ms = Contrast::Utils::Timer.now_ms.to_i
+            append_receiver(http_request)
+            append_connection(http_request)
+            append_params(http_request)
+            append_headers(http_request)
+            append_body(http_request)
+            http_request
+          end
+        end
+      end
+      def append_receiver http_request
+        r = cs__class.receiver
+        r.port = port.to_i if port
+        http_request.receiver = r unless r.nil?
+      end
+      def append_connection http_request
+        http_request.sender = Contrast::Api::Dtm::Address.new
+        http_request.sender.ip = Contrast::Utils::StringUtils.force_utf8(ip)
+        http_request.protocol = Contrast::Utils::StringUtils.force_utf8(scheme)
+        http_request.version = '1.1' # currently not in rack request; hard-coding
+        http_request.method = Contrast::Utils::StringUtils.force_utf8(request_method)
+        http_request.raw = Contrast::Utils::StringUtils.force_utf8(@rack_request.path_info)
+        http_request.parsed_connection = true
+        http_request.uri = Contrast::Utils::StringUtils.force_utf8(path)
+        http_request.normalized_uri = Contrast::Utils::StringUtils.force_utf8(normalized_uri)
+        http_context = if http_request.uri == Contrast::Utils::ObjectShare::SLASH
+                         Contrast::Utils::ObjectShare::SLASH
+                       else
+                         http_request.uri.split(Contrast::Utils::ObjectShare::SLASH).first
+                       end
+        http_request.context = Contrast::Utils::StringUtils.force_utf8(http_context)
+        http_request.path = Contrast::Utils::StringUtils.force_utf8(http_request.uri)
+        http_request.query_string = Contrast::Utils::StringUtils.force_utf8(query_string)
+      end
+      def append_params http_request
+        parameters.each do |k, v|
+          next unless k && v
+          next if v.is_a?(Hash)
+          key = Contrast::Utils::StringUtils.force_utf8(k)
+          val = Contrast::Utils::StringUtils.force_utf8(v)
+          params = http_request.normalized_request_params
+          params[key] = Contrast::Api::Dtm::Pair.new unless params[key].is_a?(Contrast::Api::Dtm::Pair)
+          params[key].key = key
+          params[key].values << val
+        end
+      end
+      def append_headers http_request
+        request_headers.each do |k, v|
+          next unless k && v
+          next if v.is_a?(Hash)
+          key = Contrast::Utils::StringUtils.force_utf8(k)
+          val = Contrast::Utils::StringUtils.force_utf8(v)
+          http_request.request_headers[key] = val
+        end
+        http_request.parsed_request_headers = true
+        normalized_request_headers.each do |k, v|
+          next unless k && v
+          next if v.is_a?(Hash)
+          key = Contrast::Utils::StringUtils.force_utf8(k)
+          val = Contrast::Utils::StringUtils.force_utf8(v)
+          http_request.normalized_request_headers[key] ||= Contrast::Api::Dtm::Pair.new
+          http_request.normalized_request_headers[key].key = key
+          http_request.normalized_request_headers[key].values << val
+        end
+        request_cookies.each do |k, v|
+          next unless k && v
+          next if v.is_a?(Hash)
+          key = Contrast::Utils::StringUtils.force_utf8(k)
+          val = Contrast::Utils::StringUtils.force_utf8(v)
+          http_request.normalized_cookies[key] ||= Contrast::Api::Dtm::Pair.new
+          http_request.normalized_cookies[key].key = key
+          http_request.normalized_cookies[key].values << val
+        end
+      end
+      def append_body http_request
+        http_request.document_type = Contrast::Utils::StringUtils.force_utf8(document_type)
+        http_request.request_body = if omit_body?
+                                      OMITTED_BODY
+                                    else
+                                      Contrast::Utils::StringUtils.force_utf8(request_body)
+                                    end
+        return if file_names.empty?
+        file_names.each do |name, filename|
+          pair = Contrast::Api::Dtm::SimplePair.new
+          pair.key = Contrast::Utils::StringUtils.force_utf8(name)
+          pair.value = Contrast::Utils::StringUtils.force_utf8(filename)
+          http_request.multipart_headers << pair
+        end
+      end
+      def omit_body?
+        return true if Contrast::Agent::FeatureState.instance.omit_body?
+        return false if document_type == :XML
+        return false if document_type == :JSON
+        content_type&.include?('multipart/form-data')
+      end
+      def self.build_receiver
+        address = Contrast::Api::Dtm::Address.new
+        address.host = 'localhost'
+        address.ip = '127.0.0.1'
+        begin
+          Timeout.timeout(1) do
+            address.host = Contrast::Utils::StringUtils.force_utf8(Socket.gethostname)
+            address.ip = Contrast::Utils::StringUtils.force_utf8(Resolv.getaddress(address.host))
+          end
+        rescue Timeout::Error
+          logger.warn(nil, "Timeout resolving host or ip in #{ address }")
+        rescue StandardError => e
+          logger.warn(e, "Error resolving address for #{ address }")
+        end
+        address
+      end
+      # Memoized Rack Request Values
+      def ip
+        @_ip ||= @rack_request.ip
+      end
+      def scheme
+        @_scheme ||= @rack_request.scheme
+      end
+      def port
+        @_port ||= @rack_request.port
+      end
+      def uri
+        @_uri ||= @rack_request.path
+      end
+      def url
+        @_url ||= @rack_request.url
+      end
+      def content_type
+        @_content_type ||= @rack_request.content_type
+      end
+      def path
+        @_path ||= @rack_request.path
+      end
+      def request_cookies
+        @_request_cookies ||= @rack_request.cookies
+      end
+      def parameters
+        @_parameters ||= with_contrast_scope { normalize_params(@rack_request.params) }
+      end
+      def base_url
+        @_base_url ||= @rack_request.base_url
+      end
+      # End of Rack Request memoized values
+      def file_names
+        @_file_names ||= begin
+                           names = {}
+                           parsed_data = Rack::Multipart.parse_multipart(@rack_request.env)
+                           traverse_parsed_multipart(parsed_data, names)
+                         rescue StandardError => _e
+                           logger.warn('Unable to parse multipart request!')
+                           {}
+                         end
+      end
+      def hash_id
+        @_hash_id ||= Contrast::Utils::HashDigest.generate_request_hash(self)
+      end
+      # we just need to map length to a repeatable value
+      # unlike Java, we hash with strings, so we'll use single character
+      # strings for our purposes.
+      CHARS = %w[a b c d e f g].cs__freeze
+      def normalized_length_header chr
+        chr = chr.to_s
+        tmp = CHARS[Math.log10(chr.length).to_i] if chr
+        tmp ||= CHARS[6]
+        tmp
+      end
+      private
+      HTTP_PREFIX = /^[Hh][Tt][Tt][Pp][_-]/i.cs__freeze
+      def header_pairs env
+        selected = env.select do |k, _v|
+          k.to_s.start_with?(Contrast::Utils::ObjectShare::HTTP_SCORE)
+        end
+        selected.map do |k, v|
+          name = k.to_s.sub(HTTP_PREFIX, Contrast::Utils::ObjectShare::EMPTY_STRING)
+          [name, v]
+        end
+      end
+      def read_body body
+        return body if body.is_a?(String)
+        begin
+          can_rewind = Contrast::Utils::DuckUtils.quacks_to?(body, :rewind)
+          # if we are after a middleware that failed to rewind
+          body.rewind if can_rewind
+          body.read
+        rescue StandardError => e
+          logger.error("Error in attempt to read body :: #{ e.message }")
+          logger.debug(e.backtrace.join(Contrast::Utils::ObjectShare::NEW_LINE))
+          body.to_s
+        ensure
+          # be a good citizen and rewind
+          body.rewind if can_rewind
+        end
+      end
+      def traverse_parsed_multipart multipart_data, current_names
+        return current_names unless multipart_data
+        multipart_data.each_value do |data_value|
+          next unless data_value.is_a?(Hash)
+          tempfile = data_value[:tempfile]
+          if tempfile.nil?
+            traverse_parsed_multipart(data_value, current_names)
+          else
+            name = data_value[:name].to_s
+            file_name = data_value[:filename].to_s
+            current_names[name] = file_name
+          end
+        end
+        current_names
+      end
+    end
+  end
+end