contrast-agent 6.14.0 → 6.15.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (80) hide show
  1. checksums.yaml +4 -4
  2. data/ext/cs__scope/cs__scope.c +2 -1
  3. data/lib/contrast/agent/{assess.rb → assess/assess.rb} +1 -1
  4. data/lib/contrast/agent/{module_data.rb → assess/module_data.rb} +0 -0
  5. data/lib/contrast/agent/assess/policy/dynamic_source_factory.rb +3 -0
  6. data/lib/contrast/agent/assess/policy/policy_node.rb +3 -2
  7. data/lib/contrast/agent/assess/policy/propagation_method.rb +2 -2
  8. data/lib/contrast/agent/assess/policy/propagator/database_write.rb +0 -1
  9. data/lib/contrast/agent/assess/policy/source_method.rb +1 -1
  10. data/lib/contrast/agent/assess/policy/trigger_method.rb +36 -1
  11. data/lib/contrast/agent/{excluder.rb → excluder/excluder.rb} +0 -0
  12. data/lib/contrast/agent/{exclusion_matcher.rb → excluder/exclusion_matcher.rb} +0 -0
  13. data/lib/contrast/agent/{at_exit_hook.rb → hooks/at_exit_hook.rb} +0 -0
  14. data/lib/contrast/agent/{tracepoint_hook.rb → hooks/tracepoint_hook.rb} +0 -0
  15. data/lib/contrast/agent/inventory/database_config.rb +1 -0
  16. data/lib/contrast/agent/{inventory.rb → inventory/inventory.rb} +0 -0
  17. data/lib/contrast/agent/{middleware.rb → middleware/middleware.rb} +3 -3
  18. data/lib/contrast/agent/{static_analysis.rb → middleware/static_analysis.rb} +0 -0
  19. data/lib/contrast/agent/protect/input_analyzer/input_analyzer.rb +5 -5
  20. data/lib/contrast/agent/protect/input_analyzer/worth_watching_analyzer.rb +1 -1
  21. data/lib/contrast/agent/protect/policy/applies_command_injection_rule.rb +1 -1
  22. data/lib/contrast/agent/protect/policy/applies_deserialization_rule.rb +1 -1
  23. data/lib/contrast/agent/protect/policy/applies_no_sqli_rule.rb +1 -1
  24. data/lib/contrast/agent/protect/policy/applies_path_traversal_rule.rb +1 -1
  25. data/lib/contrast/agent/protect/policy/applies_sqli_rule.rb +1 -1
  26. data/lib/contrast/agent/protect/policy/applies_xxe_rule.rb +1 -1
  27. data/lib/contrast/agent/protect/rule/base.rb +121 -134
  28. data/lib/contrast/agent/protect/rule/{bot_blocker.rb → bot_blocker/bot_blocker.rb} +2 -2
  29. data/lib/contrast/agent/protect/rule/{cmd_injection.rb → cmdi/cmd_injection.rb} +1 -1
  30. data/lib/contrast/agent/protect/rule/cmdi/cmdi_backdoors.rb +3 -3
  31. data/lib/contrast/agent/protect/rule/cmdi/cmdi_base_rule.rb +1 -1
  32. data/lib/contrast/agent/protect/rule/cmdi/cmdi_chained_command.rb +2 -2
  33. data/lib/contrast/agent/protect/rule/cmdi/cmdi_dangerous_path.rb +2 -2
  34. data/lib/contrast/agent/protect/rule/cmdi/cmdi_input_classification.rb +1 -1
  35. data/lib/contrast/agent/protect/rule/{deserialization.rb → deserialization/deserialization.rb} +2 -2
  36. data/lib/contrast/agent/protect/rule/{no_sqli.rb → no_sqli/no_sqli.rb} +3 -3
  37. data/lib/contrast/agent/protect/rule/no_sqli/no_sqli_input_classification.rb +1 -1
  38. data/lib/contrast/agent/protect/rule/{path_traversal.rb → path_traversal/path_traversal.rb} +2 -2
  39. data/lib/contrast/agent/protect/rule/path_traversal/path_traversal_semantic_security_bypass.rb +3 -3
  40. data/lib/contrast/agent/protect/rule/{sql_sample_builder.rb → sqli/sql_sample_builder.rb} +0 -1
  41. data/lib/contrast/agent/protect/rule/{sqli.rb → sqli/sqli.rb} +2 -2
  42. data/lib/contrast/agent/protect/rule/sqli/sqli_base_rule.rb +1 -1
  43. data/lib/contrast/agent/protect/rule/{unsafe_file_upload.rb → unsafe_file_upload/unsafe_file_upload.rb} +2 -2
  44. data/lib/contrast/agent/protect/rule/unsafe_file_upload/unsafe_file_upload_input_classification.rb +1 -1
  45. data/lib/contrast/agent/protect/rule/utils/builders.rb +111 -0
  46. data/lib/contrast/agent/protect/rule/utils/filters.rb +110 -0
  47. data/lib/contrast/agent/protect/rule/{xss.rb → xss/xss.rb} +2 -2
  48. data/lib/contrast/agent/protect/rule/{xxe.rb → xxe/xxe.rb} +2 -2
  49. data/lib/contrast/agent/protect/rule.rb +8 -9
  50. data/lib/contrast/agent/{disable_reaction.rb → reactions/disable_reaction.rb} +0 -0
  51. data/lib/contrast/agent/reporting/reporter.rb +1 -1
  52. data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample.rb +3 -3
  53. data/lib/contrast/agent/reporting/reporting_utilities/response_handler_utils.rb +1 -1
  54. data/lib/contrast/agent/reporting/reporting_workers/application_server_worker.rb +1 -1
  55. data/lib/contrast/agent/reporting/reporting_workers/reporter_heartbeat.rb +1 -1
  56. data/lib/contrast/agent/reporting/reporting_workers/server_settings_worker.rb +1 -1
  57. data/lib/contrast/agent/{request.rb → request/request.rb} +0 -0
  58. data/lib/contrast/agent/{request_context.rb → request/request_context.rb} +3 -3
  59. data/lib/contrast/agent/{request_context_extend.rb → request/request_context_extend.rb} +0 -0
  60. data/lib/contrast/agent/{request_handler.rb → request/request_handler.rb} +0 -0
  61. data/lib/contrast/agent/{response.rb → response/response.rb} +0 -0
  62. data/lib/contrast/agent/{scope.rb → scope/scope.rb} +0 -0
  63. data/lib/contrast/agent/telemetry/base.rb +2 -2
  64. data/lib/contrast/agent/{telemetry.rb → telemetry/telemetry.rb} +0 -0
  65. data/lib/contrast/agent/{thread.rb → thread/thread.rb} +0 -0
  66. data/lib/contrast/agent/{thread_watcher.rb → thread/thread_watcher.rb} +0 -0
  67. data/lib/contrast/agent/{worker_thread.rb → thread/worker_thread.rb} +0 -0
  68. data/lib/contrast/agent/version.rb +1 -1
  69. data/lib/contrast/agent.rb +11 -11
  70. data/lib/contrast/components/agent.rb +1 -1
  71. data/lib/contrast/components/assess.rb +1 -0
  72. data/lib/contrast/{agent → components}/rule_set.rb +0 -0
  73. data/lib/contrast/components/scope.rb +1 -1
  74. data/lib/contrast/components/settings.rb +1 -1
  75. data/lib/contrast/extension/assess/exec_trigger.rb +1 -1
  76. data/lib/contrast/extension/assess/string.rb +4 -3
  77. data/lib/contrast.rb +1 -1
  78. data/ruby-agent.gemspec +4 -2
  79. metadata +53 -58
  80. data/lib/contrast/agent/protect/rule/base_service.rb +0 -175
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: contrast-agent
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.14.0
4
+ version: 6.15.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - galen.palmer@contrastsecurity.com
@@ -13,7 +13,7 @@ authors:
13
13
  autorequire:
14
14
  bindir: exe
15
15
  cert_chain: []
16
- date: 2023-01-26 00:00:00.000000000 Z
16
+ date: 2023-02-16 00:00:00.000000000 Z
17
17
  dependencies:
18
18
  - !ruby/object:Gem::Dependency
19
19
  name: bundler
@@ -609,6 +609,20 @@ dependencies:
609
609
  - - ">="
610
610
  - !ruby/object:Gem::Version
611
611
  version: '0'
612
+ - !ruby/object:Gem::Dependency
613
+ name: ffi
614
+ requirement: !ruby/object:Gem::Requirement
615
+ requirements:
616
+ - - "~>"
617
+ - !ruby/object:Gem::Version
618
+ version: '1.0'
619
+ type: :runtime
620
+ prerelease: false
621
+ version_requirements: !ruby/object:Gem::Requirement
622
+ requirements:
623
+ - - "~>"
624
+ - !ruby/object:Gem::Version
625
+ version: '1.0'
612
626
  - !ruby/object:Gem::Dependency
613
627
  name: ougai
614
628
  requirement: !ruby/object:Gem::Requirement
@@ -647,36 +661,16 @@ dependencies:
647
661
  name: contrast-agent-lib
648
662
  requirement: !ruby/object:Gem::Requirement
649
663
  requirements:
650
- - - "~>"
651
- - !ruby/object:Gem::Version
652
- version: 0.1.0
653
- - - ">="
654
- - !ruby/object:Gem::Version
655
- version: 0.1.3
656
- type: :runtime
657
- prerelease: false
658
- version_requirements: !ruby/object:Gem::Requirement
659
- requirements:
660
- - - "~>"
661
- - !ruby/object:Gem::Version
662
- version: 0.1.0
663
- - - ">="
664
- - !ruby/object:Gem::Version
665
- version: 0.1.3
666
- - !ruby/object:Gem::Dependency
667
- name: ffi
668
- requirement: !ruby/object:Gem::Requirement
669
- requirements:
670
- - - "~>"
664
+ - - '='
671
665
  - !ruby/object:Gem::Version
672
- version: '1.0'
666
+ version: 1.1.0
673
667
  type: :runtime
674
668
  prerelease: false
675
669
  version_requirements: !ruby/object:Gem::Requirement
676
670
  requirements:
677
- - - "~>"
671
+ - - '='
678
672
  - !ruby/object:Gem::Version
679
- version: '1.0'
673
+ version: 1.1.0
680
674
  description: This gem instantiates a Rack middleware for rack-based web applications
681
675
  in order to provide Interactive Application Security Testing and Protection.
682
676
  email:
@@ -900,11 +894,12 @@ files:
900
894
  - lib/contrast-agent.rb
901
895
  - lib/contrast.rb
902
896
  - lib/contrast/agent.rb
903
- - lib/contrast/agent/assess.rb
897
+ - lib/contrast/agent/assess/assess.rb
904
898
  - lib/contrast/agent/assess/contrast_object.rb
905
899
  - lib/contrast/agent/assess/events/event_data.rb
906
900
  - lib/contrast/agent/assess/finalizers/freeze.rb
907
901
  - lib/contrast/agent/assess/finalizers/hash.rb
902
+ - lib/contrast/agent/assess/module_data.rb
908
903
  - lib/contrast/agent/assess/policy/dynamic_source_factory.rb
909
904
  - lib/contrast/agent/assess/policy/patcher.rb
910
905
  - lib/contrast/agent/assess/policy/policy.rb
@@ -971,22 +966,22 @@ files:
971
966
  - lib/contrast/agent/assess/rule/response/x_xss_protection_header_rule.rb
972
967
  - lib/contrast/agent/assess/tag.rb
973
968
  - lib/contrast/agent/assess/tracker.rb
974
- - lib/contrast/agent/at_exit_hook.rb
975
969
  - lib/contrast/agent/deadzone/policy/deadzone_node.rb
976
970
  - lib/contrast/agent/deadzone/policy/policy.rb
977
- - lib/contrast/agent/disable_reaction.rb
978
- - lib/contrast/agent/excluder.rb
979
- - lib/contrast/agent/exclusion_matcher.rb
980
- - lib/contrast/agent/inventory.rb
971
+ - lib/contrast/agent/excluder/excluder.rb
972
+ - lib/contrast/agent/excluder/exclusion_matcher.rb
973
+ - lib/contrast/agent/hooks/at_exit_hook.rb
974
+ - lib/contrast/agent/hooks/tracepoint_hook.rb
981
975
  - lib/contrast/agent/inventory/database_config.rb
982
976
  - lib/contrast/agent/inventory/dependencies.rb
983
977
  - lib/contrast/agent/inventory/dependency_analysis.rb
984
978
  - lib/contrast/agent/inventory/dependency_usage_analysis.rb
979
+ - lib/contrast/agent/inventory/inventory.rb
985
980
  - lib/contrast/agent/inventory/policy/datastores.rb
986
981
  - lib/contrast/agent/inventory/policy/policy.rb
987
982
  - lib/contrast/agent/inventory/policy/trigger_node.rb
988
- - lib/contrast/agent/middleware.rb
989
- - lib/contrast/agent/module_data.rb
983
+ - lib/contrast/agent/middleware/middleware.rb
984
+ - lib/contrast/agent/middleware/static_analysis.rb
990
985
  - lib/contrast/agent/patching/policy/after_load_patch.rb
991
986
  - lib/contrast/agent/patching/policy/after_load_patcher.rb
992
987
  - lib/contrast/agent/patching/policy/method_policy.rb
@@ -1012,38 +1007,40 @@ files:
1012
1007
  - lib/contrast/agent/protect/policy/trigger_node.rb
1013
1008
  - lib/contrast/agent/protect/rule.rb
1014
1009
  - lib/contrast/agent/protect/rule/base.rb
1015
- - lib/contrast/agent/protect/rule/base_service.rb
1016
- - lib/contrast/agent/protect/rule/bot_blocker.rb
1010
+ - lib/contrast/agent/protect/rule/bot_blocker/bot_blocker.rb
1017
1011
  - lib/contrast/agent/protect/rule/bot_blocker/bot_blocker_input_classification.rb
1018
- - lib/contrast/agent/protect/rule/cmd_injection.rb
1012
+ - lib/contrast/agent/protect/rule/cmdi/cmd_injection.rb
1019
1013
  - lib/contrast/agent/protect/rule/cmdi/cmdi_backdoors.rb
1020
1014
  - lib/contrast/agent/protect/rule/cmdi/cmdi_base_rule.rb
1021
1015
  - lib/contrast/agent/protect/rule/cmdi/cmdi_chained_command.rb
1022
1016
  - lib/contrast/agent/protect/rule/cmdi/cmdi_dangerous_path.rb
1023
1017
  - lib/contrast/agent/protect/rule/cmdi/cmdi_input_classification.rb
1024
1018
  - lib/contrast/agent/protect/rule/default_scanner.rb
1025
- - lib/contrast/agent/protect/rule/deserialization.rb
1026
- - lib/contrast/agent/protect/rule/no_sqli.rb
1019
+ - lib/contrast/agent/protect/rule/deserialization/deserialization.rb
1027
1020
  - lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb
1021
+ - lib/contrast/agent/protect/rule/no_sqli/no_sqli.rb
1028
1022
  - lib/contrast/agent/protect/rule/no_sqli/no_sqli_input_classification.rb
1029
- - lib/contrast/agent/protect/rule/path_traversal.rb
1023
+ - lib/contrast/agent/protect/rule/path_traversal/path_traversal.rb
1030
1024
  - lib/contrast/agent/protect/rule/path_traversal/path_traversal_input_classification.rb
1031
1025
  - lib/contrast/agent/protect/rule/path_traversal/path_traversal_semantic_security_bypass.rb
1032
- - lib/contrast/agent/protect/rule/sql_sample_builder.rb
1033
- - lib/contrast/agent/protect/rule/sqli.rb
1034
1026
  - lib/contrast/agent/protect/rule/sqli/default_sql_scanner.rb
1035
1027
  - lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
1036
1028
  - lib/contrast/agent/protect/rule/sqli/postgres_sql_scanner.rb
1029
+ - lib/contrast/agent/protect/rule/sqli/sql_sample_builder.rb
1030
+ - lib/contrast/agent/protect/rule/sqli/sqli.rb
1037
1031
  - lib/contrast/agent/protect/rule/sqli/sqli_base_rule.rb
1038
1032
  - lib/contrast/agent/protect/rule/sqli/sqli_input_classification.rb
1039
1033
  - lib/contrast/agent/protect/rule/sqli/sqli_semantic/sqli_dangerous_functions.rb
1040
1034
  - lib/contrast/agent/protect/rule/sqli/sqlite_sql_scanner.rb
1041
- - lib/contrast/agent/protect/rule/unsafe_file_upload.rb
1035
+ - lib/contrast/agent/protect/rule/unsafe_file_upload/unsafe_file_upload.rb
1042
1036
  - lib/contrast/agent/protect/rule/unsafe_file_upload/unsafe_file_upload_input_classification.rb
1043
- - lib/contrast/agent/protect/rule/xss.rb
1037
+ - lib/contrast/agent/protect/rule/utils/builders.rb
1038
+ - lib/contrast/agent/protect/rule/utils/filters.rb
1044
1039
  - lib/contrast/agent/protect/rule/xss/reflected_xss_input_classification.rb
1045
- - lib/contrast/agent/protect/rule/xxe.rb
1040
+ - lib/contrast/agent/protect/rule/xss/xss.rb
1046
1041
  - lib/contrast/agent/protect/rule/xxe/entity_wrapper.rb
1042
+ - lib/contrast/agent/protect/rule/xxe/xxe.rb
1043
+ - lib/contrast/agent/reactions/disable_reaction.rb
1047
1044
  - lib/contrast/agent/reporting/attack_result/attack_result.rb
1048
1045
  - lib/contrast/agent/reporting/attack_result/rasp_rule_sample.rb
1049
1046
  - lib/contrast/agent/reporting/attack_result/response_type.rb
@@ -1163,15 +1160,12 @@ files:
1163
1160
  - lib/contrast/agent/reporting/settings/validator.rb
1164
1161
  - lib/contrast/agent/reporting/settings/virtual_patch.rb
1165
1162
  - lib/contrast/agent/reporting/settings/virtual_patch_condition.rb
1166
- - lib/contrast/agent/request.rb
1167
- - lib/contrast/agent/request_context.rb
1168
- - lib/contrast/agent/request_context_extend.rb
1169
- - lib/contrast/agent/request_handler.rb
1170
- - lib/contrast/agent/response.rb
1171
- - lib/contrast/agent/rule_set.rb
1172
- - lib/contrast/agent/scope.rb
1173
- - lib/contrast/agent/static_analysis.rb
1174
- - lib/contrast/agent/telemetry.rb
1163
+ - lib/contrast/agent/request/request.rb
1164
+ - lib/contrast/agent/request/request_context.rb
1165
+ - lib/contrast/agent/request/request_context_extend.rb
1166
+ - lib/contrast/agent/request/request_handler.rb
1167
+ - lib/contrast/agent/response/response.rb
1168
+ - lib/contrast/agent/scope/scope.rb
1175
1169
  - lib/contrast/agent/telemetry/base.rb
1176
1170
  - lib/contrast/agent/telemetry/client.rb
1177
1171
  - lib/contrast/agent/telemetry/event.rb
@@ -1185,11 +1179,11 @@ files:
1185
1179
  - lib/contrast/agent/telemetry/identifier.rb
1186
1180
  - lib/contrast/agent/telemetry/metric_event.rb
1187
1181
  - lib/contrast/agent/telemetry/startup_metrics_event.rb
1188
- - lib/contrast/agent/thread.rb
1189
- - lib/contrast/agent/thread_watcher.rb
1190
- - lib/contrast/agent/tracepoint_hook.rb
1182
+ - lib/contrast/agent/telemetry/telemetry.rb
1183
+ - lib/contrast/agent/thread/thread.rb
1184
+ - lib/contrast/agent/thread/thread_watcher.rb
1185
+ - lib/contrast/agent/thread/worker_thread.rb
1191
1186
  - lib/contrast/agent/version.rb
1192
- - lib/contrast/agent/worker_thread.rb
1193
1187
  - lib/contrast/agent_lib/api/command_injection.rb
1194
1188
  - lib/contrast/agent_lib/api/init.rb
1195
1189
  - lib/contrast/agent_lib/api/input_tracing.rb
@@ -1215,6 +1209,7 @@ files:
1215
1209
  - lib/contrast/components/polling.rb
1216
1210
  - lib/contrast/components/protect.rb
1217
1211
  - lib/contrast/components/ruby_component.rb
1212
+ - lib/contrast/components/rule_set.rb
1218
1213
  - lib/contrast/components/sampling.rb
1219
1214
  - lib/contrast/components/scope.rb
1220
1215
  - lib/contrast/components/security_logger.rb
@@ -1,175 +0,0 @@
1
- # Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
- # frozen_string_literal: true
3
-
4
- require 'contrast/agent/protect/rule/base'
5
- require 'contrast/components/logger'
6
-
7
- module Contrast
8
- module Agent
9
- module Protect
10
- module Rule
11
- # Encapsulate common code for protect rules that do their input analysis on agent-lib rather in ruby code
12
- class BaseService < Contrast::Agent::Protect::Rule::Base
13
- include Contrast::Components::Logger::InstanceMethods
14
-
15
- def rule_name
16
- 'base-service'
17
- end
18
-
19
- def block_message
20
- 'Contrast Security Protect Rule Triggered. Response blocked.'
21
- end
22
-
23
- def prefilter context
24
- return unless prefilter?(context)
25
-
26
- ia_results = gather_ia_results(context)
27
-
28
- ia_results.each do |ia_result|
29
- result = build_attack_result(context)
30
- build_attack_without_match(context, ia_result, result)
31
- append_to_activity(context, result)
32
-
33
- cef_logging(result, :successful_attack)
34
- raise(Contrast::SecurityException.new(self, block_message)) if blocked?
35
- end
36
- end
37
-
38
- # @param context [Contrast::Agent::RequestContext]
39
- # @return [Boolean]
40
- def infilter? context
41
- return false unless enabled?
42
- return false unless (results = gather_ia_results(context)) && results.any?
43
- return false if protect_excluded_by_url?(rule_name, context.request.path)
44
- return false if protect_excluded_by_input?(results, context.request.path)
45
-
46
- true
47
- end
48
-
49
- # Base method for prefilter check. Extend if rule needs more
50
- # specific conditioning.
51
- #
52
- # @param context [Contrast::Agent::RequestContext]
53
- # @return [Boolean]
54
- def prefilter? context
55
- return false unless context
56
- return false unless enabled?
57
- return false unless (results = gather_ia_results(context)) && results.any?
58
- return false if protect_excluded_by_url?(rule_name, context.request.path)
59
- return false if protect_excluded_by_input?(results, context.request.path)
60
-
61
- true
62
- end
63
-
64
- # Override for rules that need the response
65
- # Currently postfilter can be applied to streamed responses, if any logic within postfilter changes to modify
66
- # the response streamed responses will break
67
- # @param context [Contrast::Agent::RequestContext]
68
- # @raise [Contrast::SecurityException]
69
- def postfilter context
70
- return unless enabled? && POSTFILTER_MODES.include?(mode)
71
- return false if protect_excluded_by_url?(rule_name, context.request.path)
72
- return if protect_excluded_by_input?(gather_ia_results(context), context.request.path)
73
-
74
- return if mode == :NO_ACTION || mode == :PERMIT
75
-
76
- result = find_postfilter_attacker(context, nil)
77
- return unless result&.samples&.any?
78
-
79
- cef_logging(result)
80
- append_to_activity(context, result)
81
- return unless result.response == :BLOCKED
82
-
83
- raise(Contrast::SecurityException.new(self, "#{ rule_name } triggered in postfilter. Response blocked."))
84
- end
85
-
86
- protected
87
-
88
- # Used to build and report semantic rules.
89
- #
90
- # @param context [Contrast::Agent::RequestContext] current request contest
91
- # @param potential_attack_string [String]
92
- def build_violation context, potential_attack_string
93
- result = build_attack_result(context)
94
- update_successful_attack_response(context, nil, result, potential_attack_string)
95
- return unless result
96
-
97
- append_sample(context, nil, result, potential_attack_string)
98
- cef_logging(result, :successful_attack)
99
- result
100
- end
101
-
102
- # Check to if result is blocked. Used for raise check.
103
- #
104
- # @param result [Contrast::Agent::Reporting::AttackResult]
105
- def blocked_violation? result
106
- return false unless result
107
-
108
- result.response == Contrast::Agent::Reporting::ResponseType::BLOCKED
109
- end
110
-
111
- # @param context [Contrast::Agent::RequestContext]
112
- # @return [Array<Contrast::Agent::Reporting::InputAnalysis>]
113
- def gather_ia_results context
114
- return Contrast::Utils::ObjectShare::EMPTY_ARRAY unless context&.agent_input_analysis&.results
115
-
116
- context.agent_input_analysis.results.select do |ia_result|
117
- ia_result.rule_id == rule_name && ia_result.score_level != Contrast::Agent::Reporting::ScoreLevel::IGNORE
118
- end
119
- end
120
-
121
- def build_attack_result _context
122
- result = Contrast::Agent::Reporting::AttackResult.new
123
- result.rule_id = rule_name
124
- result
125
- end
126
-
127
- # @param context [Contrast::Agent::RequestContext]
128
- # @param potential_attack_string [String, nil]
129
- # @param **kwargs
130
- # @return [Contrast::Agent::Reporting]
131
- def find_attacker context, potential_attack_string, **kwargs
132
- ia_results = gather_ia_results(context)
133
- find_attacker_with_results(context, potential_attack_string, ia_results, **kwargs)
134
- end
135
-
136
- # Allows for the InputAnalysis from Agent Library to be extracted early
137
- # @param context [Contrast::Agent::RequestContext]
138
- # @param potential_attack_string [String, nil]
139
- # @param ia_results [Array<Contrast::Agent::Reporting::InputAnalysis>]
140
- # @param **kwargs
141
- # @return [Contrast::Agent::Reporting, nil]
142
- def find_attacker_with_results context, potential_attack_string, ia_results, **kwargs
143
- logger.trace('Checking vectors for attacks', rule: rule_name, input: potential_attack_string)
144
-
145
- result = nil
146
- ia_results.each do |ia_result|
147
- if potential_attack_string
148
- idx = potential_attack_string.index(ia_result.value)
149
- next unless idx
150
-
151
- result = build_attack_with_match(context, ia_result, result, potential_attack_string, **kwargs)
152
- else
153
- result = build_attack_without_match(context, ia_result, result, **kwargs)
154
- end
155
- end
156
- result
157
- end
158
-
159
- private
160
-
161
- # @param context [Contrast::Agent::RequestContext]
162
- # @param potential_attack_string [String, nil]
163
- # @return [Contrast::Agent::Reporting, nil]
164
- def find_postfilter_attacker context, potential_attack_string, **kwargs
165
- ia_results = gather_ia_results(context)
166
- ia_results.select! do |ia_result|
167
- ia_result.score_level == Contrast::Agent::Reporting::ScoreLevel::DEFINITEATTACK
168
- end
169
- find_attacker_with_results(context, potential_attack_string, ia_results, **kwargs)
170
- end
171
- end
172
- end
173
- end
174
- end
175
- end