contrast-agent 6.5.0 → 6.6.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (35) hide show
  1. checksums.yaml +4 -4
  2. data/lib/contrast/agent/assess/policy/source_method.rb +10 -9
  3. data/lib/contrast/agent/inventory/database_config.rb +2 -1
  4. data/lib/contrast/agent/inventory/policy/datastores.rb +1 -1
  5. data/lib/contrast/agent/middleware.rb +6 -5
  6. data/lib/contrast/agent/protect/rule/base.rb +1 -1
  7. data/lib/contrast/agent/reporting/reporting_utilities/audit.rb +5 -5
  8. data/lib/contrast/agent/reporting/reporting_utilities/headers.rb +1 -1
  9. data/lib/contrast/agent/reporting/reporting_utilities/reporter_client.rb +1 -1
  10. data/lib/contrast/agent/reporting/reporting_utilities/response_handler_utils.rb +1 -1
  11. data/lib/contrast/agent/version.rb +1 -1
  12. data/lib/contrast/api/communication/response_processor.rb +1 -1
  13. data/lib/contrast/components/agent.rb +1 -1
  14. data/lib/contrast/components/api.rb +60 -23
  15. data/lib/contrast/components/logger.rb +0 -10
  16. data/lib/contrast/components/protect.rb +41 -1
  17. data/lib/contrast/components/sampling.rb +29 -0
  18. data/lib/contrast/config/assess_configuration.rb +5 -3
  19. data/lib/contrast/config/root_configuration.rb +9 -9
  20. data/lib/contrast/config.rb +0 -3
  21. data/lib/contrast/framework/rails/support.rb +3 -2
  22. data/lib/contrast/logger/application.rb +2 -1
  23. data/lib/contrast/logger/log.rb +0 -69
  24. data/lib/contrast/logger/time.rb +19 -12
  25. data/lib/contrast/utils/net_http_base.rb +2 -2
  26. data/lib/contrast.rb +2 -2
  27. data/resources/assess/policy.json +11 -0
  28. data/resources/deadzone/policy.json +139 -19
  29. data/service_executables/VERSION +1 -1
  30. data/service_executables/linux/contrast-service +0 -0
  31. data/service_executables/mac/contrast-service +0 -0
  32. metadata +12 -15
  33. data/lib/contrast/config/api_configuration.rb +0 -56
  34. data/lib/contrast/config/protect_configuration.rb +0 -33
  35. data/lib/contrast/config/sampling_configuration.rb +0 -35
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: bdb8bbd08206dafbb18eee844e1487701c419d27c1df8e4b58c4c226b1995d5c
4
- data.tar.gz: 57bbfe5e3dca05729f95f2994246e74d59f7eecc2f7fe434e265fa5c60cc3734
3
+ metadata.gz: 0ba6de8e82da25931f2fd6d90f515451c33521c02c0fd00e0120ea05701bdc23
4
+ data.tar.gz: 953297f4f0908bcdcf4791f91869dcf69312f44fe05e743e1e681ce9d3aa9b6f
5
5
  SHA512:
6
- metadata.gz: 5f6d80b48529b52719fb7aa4608e0cd42f8ec613e61138d7f7a977652054f9a24f05a78c0d79821749bc4cc1d86b0878009e93f65be47155e47c9e1ec084780d
7
- data.tar.gz: ad3d855319ebf15f1af37cac9507c2774af76a6151d7e9a4559c9de23891bcc41f0642729087165b19d20ee4891e327895f9e0d9c9c5d4e402e3a4b901b44484
6
+ metadata.gz: f7e96583d53e23400fd53fd24aed86c728e0d9b8d79a17179cc1bb96a50ad002e047805b10cea0eaa362802c494ff0b45463a16b53a008e9921723cd9e6e43f9
7
+ data.tar.gz: f3c7c2a5b575233f4f8d3e9058b281352133625ab42d50b3c6590c7178728ceda8c494953890a0d50e1413ad5f1e50c04595cc035d5f3ed247611f3a1401095e
@@ -38,19 +38,20 @@ module Contrast
38
38
  # @param ret [Object] the Return of the invoked method
39
39
  # @param args [Array<Object>] the Arguments with which the method was invoked
40
40
  def apply_source method_policy, object, ret, args
41
- return unless analyze?(method_policy, object, ret, args)
42
- return if event_limit?(method_policy)
43
- return unless (source_node = method_policy.source_node)
41
+ logger.trace_with_time('Elapsed time for Contrast::Agent::Assess::Policy::SourceMethod#apply_source') do
42
+ return unless analyze?(method_policy, object, ret, args)
43
+ return if event_limit?(method_policy)
44
+ return unless (source_node = method_policy.source_node)
44
45
 
45
- # used to hold the object and ret
46
- source_data = Contrast::Agent::Assess::Events::EventData.new(nil, nil, object, ret, nil)
46
+ # used to hold the object and ret
47
+ source_data = Contrast::Agent::Assess::Events::EventData.new(nil, nil, object, ret, nil)
47
48
 
48
- return unless (target = determine_target(source_node, source_data, args))
49
- return if target.cs__frozen? && !Contrast::Agent::Assess::Tracker.trackable?(target)
49
+ return unless (target = determine_target(source_node, source_data, args))
50
+ return if target.cs__frozen? && !Contrast::Agent::Assess::Tracker.trackable?(target)
50
51
 
51
- process_source(source_node, target, source_data, source_node.type, nil, *args)
52
+ process_source(source_node, target, source_data, source_node.type, nil, *args)
53
+ end
52
54
  end
53
- Contrast::Components::Logger.add_trace_log_timing_for(SourceMethod, :apply_source)
54
55
 
55
56
  private
56
57
 
@@ -66,7 +66,8 @@ module Contrast
66
66
  # TODO: RUBY-99999 - Remove when Rails 6.0 is not supported
67
67
  ActiveRecord::Base.connection_config
68
68
  end
69
- rescue StandardError
69
+ rescue StandardError => e
70
+ logger.error('Unable to detect db config connection', e)
70
71
  nil
71
72
  end
72
73
 
@@ -21,7 +21,7 @@ module Contrast
21
21
  DATA_STORE_MARKER = 'data_store'
22
22
 
23
23
  def report_data_store _method, _exception, properties, object, _args
24
- return unless ::Contrast::INVENTORY.enabled
24
+ return unless ::Contrast::INVENTORY.enable
25
25
 
26
26
  marker = properties[DATA_STORE_MARKER]
27
27
  return unless marker
@@ -61,13 +61,14 @@ module Contrast
61
61
  # @return [Array,Rack::Response] the Response of this and subsequent Middlewares to be passed back to the user up
62
62
  # the Rack framework.
63
63
  def call env
64
- return app.call(env) unless ::Contrast::AGENT.enabled?
64
+ logger.trace_with_time('Elapsed time for Contrast::Agent::Middleware#call') do
65
+ return app.call(env) unless ::Contrast::AGENT.enabled?
65
66
 
66
- Contrast::Agent.heapdump_util.start_thread!
67
- handle_first_request
68
- call_with_agent(env)
67
+ Contrast::Agent.heapdump_util.start_thread!
68
+ handle_first_request
69
+ call_with_agent(env)
70
+ end
69
71
  end
70
- ::Contrast::Components::Logger.add_trace_log_timing_for(::Contrast::Agent::Middleware, :call)
71
72
 
72
73
  private
73
74
 
@@ -38,7 +38,7 @@ module Contrast
38
38
  attr_reader :mode
39
39
 
40
40
  def initialize
41
- ::Contrast::PROTECT.rules[rule_name] = self
41
+ ::Contrast::PROTECT.defend_rules[rule_name] = self
42
42
  @mode = mode_from_settings
43
43
  end
44
44
 
@@ -26,12 +26,12 @@ module Contrast
26
26
  # event field of Contrast::Agent::Reporting::ReportingEvent
27
27
  # @param response_data [Net::HTTP::Response]
28
28
  def audit_event event, response_data = nil
29
- return unless ::Contrast::API.request_audit_requests? || ::Contrast::API.request_audit_responses?
29
+ return unless ::Contrast::API.request_audit_requests || ::Contrast::API.request_audit_responses
30
30
 
31
31
  file_name = event.cs__respond_to?(:file_name) ? event.file_name : event.cs__class.cs__name.to_s.downcase
32
32
  data = event.to_controlled_hash.to_json
33
33
  log_data(:request, file_name, data) if data
34
- return unless ::Contrast::API.request_audit_responses?
34
+ return unless ::Contrast::API.request_audit_responses
35
35
 
36
36
  data = response_data&.body || 'There is no available response'
37
37
  log_data(:response, file_name, data)
@@ -94,7 +94,7 @@ module Contrast
94
94
  # Retrieves the configuration value if the request audit is enabled
95
95
  # @return [Boolean]
96
96
  def enabled?
97
- ::Contrast::API.request_audit_enable?
97
+ ::Contrast::API.request_audit_enable
98
98
  end
99
99
 
100
100
  # The boolean values for the requests and the responses should be taken under
@@ -107,13 +107,13 @@ module Contrast
107
107
  # Retrieve the configuration value if the audit for requests is enabled
108
108
  # @return [Boolean]
109
109
  def enabled_for_requests?
110
- ::Contrast::API.request_audit_requests?
110
+ ::Contrast::API.request_audit_requests
111
111
  end
112
112
 
113
113
  # Retrieve the configuration value if the audit for responses is enabled
114
114
  # @return [Boolean]
115
115
  def enabled_for_responses?
116
- ::Contrast::API.request_audit_requests?
116
+ ::Contrast::API.request_audit_requests
117
117
  end
118
118
 
119
119
  # Retrieve the configuration value for the path of the audits
@@ -24,7 +24,7 @@ module Contrast
24
24
  @app_language = RUBY
25
25
  @app_path = Base64.strict_encode64(Contrast::APP_CONTEXT.path)
26
26
  @app_version = Contrast::APP_CONTEXT.app_version
27
- @authorization = Base64.strict_encode64("#{ Contrast::API.username }:#{ Contrast::API.service_key }")
27
+ @authorization = Base64.strict_encode64("#{ Contrast::API.user_name }:#{ Contrast::API.service_key }")
28
28
  @server_name = Base64.strict_encode64(Contrast::APP_CONTEXT.server_name)
29
29
  @server_path = Base64.strict_encode64(Contrast::APP_CONTEXT.server_path)
30
30
  @server_type = Base64.strict_encode64(Contrast::APP_CONTEXT.server_type)
@@ -59,7 +59,7 @@ module Contrast
59
59
 
60
60
  request = build_request(event)
61
61
  response = connection.request(request)
62
- audit&.audit_event(event, response) if ::Contrast::API.request_audit_enable?
62
+ audit&.audit_event(event, response) if ::Contrast::API.request_audit_enable
63
63
  process_settings_response(response)
64
64
  process_preflight_response(event, response, connection)
65
65
  response
@@ -185,7 +185,7 @@ module Contrast
185
185
  ::Contrast::SETTINGS.build_protect_rules if ::Contrast::PROTECT.enabled?
186
186
  ::Contrast::AGENT.reset_ruleset
187
187
  logger.info('Current rule settings:')
188
- ::Contrast::PROTECT.rules.each { |k, v| logger.info('Protect Rule mode set', rule: k, mode: v.mode) }
188
+ ::Contrast::PROTECT.defend_rules.each { |k, v| logger.info('Protect Rule mode set', rule: k, mode: v.mode) }
189
189
  logger.info('Disabled Assess Rules', rules: ::Contrast::ASSESS.disabled_rules)
190
190
  end
191
191
  end
@@ -3,6 +3,6 @@
3
3
 
4
4
  module Contrast
5
5
  module Agent
6
- VERSION = '6.5.0'
6
+ VERSION = '6.6.1'
7
7
  end
8
8
  end
@@ -80,7 +80,7 @@ module Contrast
80
80
 
81
81
  logger.info('Current rule settings:')
82
82
 
83
- ::Contrast::PROTECT.rules.each { |k, v| logger.info('Protect Rule mode set', rule: k, mode: v.mode) }
83
+ ::Contrast::PROTECT.defend_rules.each { |k, v| logger.info('Protect Rule mode set', rule: k, mode: v.mode) }
84
84
  logger.info('Disabled Assess Rules', rules: ::Contrast::ASSESS.disabled_rules)
85
85
  end
86
86
  end
@@ -125,7 +125,7 @@ module Contrast
125
125
  def retrieve_protect_ruleset
126
126
  return {} unless enabled? && ::Contrast::PROTECT.enabled?
127
127
 
128
- ::Contrast::PROTECT.rules
128
+ ::Contrast::PROTECT.defend_rules
129
129
  end
130
130
  end
131
131
  end
@@ -3,6 +3,9 @@
3
3
 
4
4
  require 'contrast/components/base'
5
5
  require 'contrast/components/config'
6
+ require 'contrast/config/api_proxy_configuration'
7
+ require 'contrast/config/request_audit_configuration'
8
+ require 'contrast/config/certification_configuration'
6
9
 
7
10
  module Contrast
8
11
  module Components
@@ -12,50 +15,86 @@ module Contrast
12
15
  # parent_configuration_spec.yaml.
13
16
  class Interface
14
17
  include Contrast::Components::ComponentBase
18
+ include Contrast::Config::BaseConfiguration
19
+
20
+ # @return [String]
21
+ attr_accessor :api_key
22
+ # @return [String]
23
+ attr_accessor :user_name
24
+ # @return [String]
25
+ attr_accessor :service_key
26
+ attr_writer :url
27
+
28
+ DEFAULT_URL = 'https://app.contrastsecurity.com/Contrast'
29
+
30
+ def initialize hsh = {}
31
+ return unless hsh
32
+
33
+ @api_key = hsh[:api_key]
34
+ @url = hsh[:url]
35
+ @user_name = hsh[:user_name]
36
+ @service_key = hsh[:service_key]
37
+ @_proxy = Contrast::Config::ApiProxyConfiguration.new(hsh[:proxy])
38
+ @_request_audit = Contrast::Config::RequestAuditConfiguration.new(hsh[:request_audit])
39
+ @_certificate = Contrast::Config::CertificationConfiguration.new(hsh[:certificate])
40
+ end
15
41
 
16
- def api_url
17
- @_api_url ||= begin
18
- tmp = ::Contrast::CONFIG.root.api.url
19
- tmp += '/Contrast' unless tmp.end_with?('/Contrast')
20
- tmp
21
- end
42
+ def url
43
+ @url.nil? ? DEFAULT_URL : @url
22
44
  end
23
45
 
24
- def api_key
25
- @_api_key ||= ::Contrast::CONFIG.root.api.api_key
46
+ # @return [Contrast::Config::ApiProxyConfiguration]
47
+ def proxy
48
+ return @_proxy unless @_proxy.nil?
49
+
50
+ @_proxy = Contrast::Config::ApiProxyConfiguration.new
26
51
  end
27
52
 
28
- def service_key
29
- @_service_key ||= ::Contrast::CONFIG.root.api.service_key
53
+ # @return [Contrast::Config::RequestAuditConfiguration]
54
+ def request_audit
55
+ return @_request_audit unless @_request_audit.nil?
56
+
57
+ @_request_audit = Contrast::Config::RequestAuditConfiguration.new
30
58
  end
31
59
 
32
- def username
33
- @_username ||= ::Contrast::CONFIG.root.api.user_name
60
+ # @return [Contrast::Config::CertificationConfiguration]
61
+ def certificate
62
+ return @_certificate unless @_certificate.nil?
63
+
64
+ @_certificate = Contrast::Config::CertificationConfiguration.new
34
65
  end
35
66
 
36
- def proxy_enabled?
37
- return @_proxy_enabled unless @_proxy_enabled.nil?
67
+ def api_url
68
+ @_api_url ||= begin
69
+ tmp = Contrast::CONFIG.root.api.url
70
+ tmp += '/Contrast' unless tmp.end_with?('/Contrast')
71
+ tmp
72
+ end
73
+ end
38
74
 
39
- @_proxy_enabled = true?(::Contrast::CONFIG.root.api.proxy.enable)
75
+ def proxy_enable
76
+ return @_proxy_enable unless @_proxy_enable.nil?
77
+
78
+ @_proxy_enable = true?(::Contrast::CONFIG.root.api.proxy.enable)
40
79
  end
41
80
 
42
81
  def proxy_url
43
- @_proxy_url ||= ::Contrast::CONFIG.root.api.proxy.url
82
+ proxy.url
44
83
  end
45
84
 
46
- def request_audit_enable?
85
+ def request_audit_enable
47
86
  return @_request_audit_enable unless @_request_audit_enable.nil?
48
87
 
49
88
  @_request_audit_enable = true?(::Contrast::CONFIG.root.api.request_audit.enable)
50
89
  end
51
90
 
52
- def request_audit_requests?
91
+ def request_audit_requests
53
92
  return @_request_audit_requests unless @_request_audit_requests.nil?
54
93
 
55
94
  @_request_audit_requests = true?(::Contrast::CONFIG.root.api.request_audit.requests)
56
95
  end
57
96
 
58
- def request_audit_responses?
97
+ def request_audit_responses
59
98
  return @_request_audit_responses unless @_request_audit_responses.nil?
60
99
 
61
100
  @_request_audit_responses = true?(::Contrast::CONFIG.root.api.request_audit.responses)
@@ -65,10 +104,8 @@ module Contrast
65
104
  @_request_audit_path ||= ::Contrast::CONFIG.root.api.request_audit.path.to_s
66
105
  end
67
106
 
68
- def certification_enabled?
69
- return @_certification_enabled unless @_certification_enabled.nil?
70
-
71
- @_certification_enabled = certification_truly_enabled?(::Contrast::CONFIG.root.api.certificate)
107
+ def certification_enable
108
+ @_certification_enable ||= certification_truly_enabled?(::Contrast::CONFIG.root.api.certificate)
72
109
  end
73
110
 
74
111
  def certification_ca_file
@@ -16,16 +16,6 @@ module Contrast
16
16
  def cef_logger
17
17
  @_cef_logger ||= Contrast::Logger::CEFLog.instance.tap(&:build_logger)
18
18
  end
19
-
20
- def add_trace_perf_logging_for sym, custom_message = nil
21
- logger.add_trace_perf_logging(self, sym, custom_message)
22
- end
23
- end
24
-
25
- class << self
26
- def add_trace_log_timing_for clazz, method_name, custom_message = nil
27
- Contrast::Logger::Log.instance.add_method_to_trace_timing(clazz, method_name, custom_message)
28
- end
29
19
  end
30
20
 
31
21
  # So This class here follows the update for the configuration
@@ -2,6 +2,8 @@
2
2
  # frozen_string_literal: true
3
3
 
4
4
  require 'contrast/components/base'
5
+ require 'contrast/config/exception_configuration'
6
+ require 'contrast/config/protect_rule_configuration'
5
7
 
6
8
  module Contrast
7
9
  module Components
@@ -10,6 +12,39 @@ module Contrast
10
12
  # its parent_configuration_spec.yaml. Specifically, this allows for querying the state of the Protect product.
11
13
  class Interface
12
14
  include Contrast::Components::ComponentBase
15
+ include Contrast::Config::BaseConfiguration
16
+
17
+ # @return [Boolean, nil]
18
+ attr_accessor :enable
19
+
20
+ def initialize hsh = {}
21
+ return unless hsh
22
+
23
+ @_exceptions = Contrast::Config::ExceptionConfiguration.new(hsh[:exceptions])
24
+ @_rules = Contrast::Config::ProtectRulesConfiguration.new(hsh[:rules])
25
+ @enable = hsh[:enable]
26
+ end
27
+
28
+ # @return [Contrast::Config::ExceptionConfiguration]
29
+ def exceptions
30
+ @_exceptions ||= Contrast::Config::ExceptionConfiguration.new
31
+ end
32
+
33
+ # Name is kept the same - rules to correspond to config,
34
+ # mapping. - root.protect.rules
35
+ #
36
+ # @return [Contrast::Config::ProtectRulesConfiguration]
37
+ def rules
38
+ @_rules ||= Contrast::Config::ProtectRulesConfiguration.new
39
+ end
40
+
41
+ def rules= new_rules
42
+ @_rules = new_rules
43
+ end
44
+
45
+ def exceptions= new_exceptions
46
+ @_exceptions = new_exceptions
47
+ end
13
48
 
14
49
  def enabled?
15
50
  # config overrides if forcibly set
@@ -23,7 +58,12 @@ module Contrast
23
58
  ::Contrast::CONFIG.root.protect.rules
24
59
  end
25
60
 
26
- def rules
61
+ # Returns Protect array of all initialized
62
+ # protect rules.
63
+ #
64
+ # @return defend_rules[Hash<Contrast::SETTINGS.protect_state.rules>]
65
+ #
66
+ def defend_rules
27
67
  ::Contrast::SETTINGS.protect_state.rules
28
68
  end
29
69
 
@@ -91,6 +91,35 @@ module Contrast
91
91
  include Constants
92
92
  include ClassMethods
93
93
  end
94
+
95
+ class Interface # :nodoc:
96
+ include InstanceMethods
97
+ include Contrast::Config::BaseConfiguration
98
+
99
+ # @return [Integer, nil]
100
+ attr_reader :baseline
101
+ # @return [Integer, nil]
102
+ attr_reader :request_frequency
103
+ # @return [Integer, nil]
104
+ attr_reader :response_frequency
105
+ # @return [Integer, nil]
106
+ attr_reader :window_ms
107
+
108
+ def initialize hsh = {}
109
+ return unless hsh
110
+
111
+ @enable = hsh[:enable]
112
+ @baseline = hsh[:baseline]
113
+ @request_frequency = hsh[:request_frequency]
114
+ @response_frequency = hsh[:response_frequency]
115
+ @window_ms = hsh[:window_ms]
116
+ end
117
+
118
+ # @return [Boolean, false]
119
+ def enable
120
+ !!@enable
121
+ end
122
+ end
94
123
  end
95
124
  end
96
125
  end
@@ -1,6 +1,8 @@
1
1
  # Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
2
  # frozen_string_literal: true
3
3
 
4
+ require 'contrast/components/sampling'
5
+
4
6
  module Contrast
5
7
  module Config
6
8
  # Common Configuration settings. Those in this section pertain to the
@@ -28,7 +30,7 @@ module Contrast
28
30
  @enable_scan_response = hsh[:enable_scan_response]
29
31
  @enable_dynamic_sources = hsh[:enable_dynamic_sources]
30
32
  @enable_original_object = hsh[:enable_original_object]
31
- @sampling = Contrast::Config::SamplingConfiguration.new(hsh[:sampling])
33
+ @sampling = Contrast::Components::Sampling::Interface.new(hsh[:sampling])
32
34
  @rules = Contrast::Config::AssessRulesConfiguration.new(hsh[:rules])
33
35
  @stacktraces = hsh[:stacktraces]
34
36
  @max_context_source_events = hsh[:max_context_source_events]
@@ -52,9 +54,9 @@ module Contrast
52
54
  @enable_original_object.nil? ? true : @enable_original_object
53
55
  end
54
56
 
55
- # @return [Contrast::Config::SamplingConfiguration]
57
+ # @return [Contrast::Components::Sampling::Interface]
56
58
  def sampling
57
- @sampling ||= Contrast::Config::SamplingConfiguration.new
59
+ @sampling ||= Contrast::Components::Sampling::Interface.new
58
60
  end
59
61
 
60
62
  # @return [Contrast::Config::AssessRulesConfiguration]
@@ -3,14 +3,14 @@
3
3
 
4
4
  require 'contrast/components/agent'
5
5
  require 'contrast/components/inventory'
6
-
6
+ require 'contrast/components/protect'
7
7
  module Contrast
8
8
  module Config
9
9
  # The base of the Common Configuration settings.
10
10
  class RootConfiguration
11
11
  include Contrast::Config::BaseConfiguration
12
12
 
13
- # @return [Contrast::Config::ApiConfiguration]
13
+ # @return [Contrast::Components::Api::Interface]
14
14
  attr_writer :api
15
15
  # @return [Contrast::Components::Agent::Interface]
16
16
  attr_writer :agent
@@ -22,7 +22,7 @@ module Contrast
22
22
  attr_writer :assess
23
23
  # @return [Contrast::Components::Inventory::Interface]
24
24
  attr_writer :inventory
25
- # @return [Contrast::Config::ProtectConfiguration]
25
+ # @return [Contrast::Components::Protect::Interface]
26
26
  attr_writer :protect
27
27
  # @return [Contrast::Config::ServiceConfiguration]
28
28
  attr_writer :service
@@ -33,20 +33,20 @@ module Contrast
33
33
  def initialize hsh = {}
34
34
  raise(ArgumentError, 'Expected a hash') unless hsh.is_a?(Hash)
35
35
 
36
- @api = Contrast::Config::ApiConfiguration.new(hsh[:api])
36
+ @api = Contrast::Components::Api::Interface.new(hsh[:api])
37
37
  @enable = hsh[:enable]
38
38
  @agent = Contrast::Components::Agent::Interface.new(hsh[:agent])
39
39
  @application = Contrast::Config::ApplicationConfiguration.new(hsh[:application])
40
40
  @server = Contrast::Config::ServerConfiguration.new(hsh[:server])
41
41
  @assess = Contrast::Config::AssessConfiguration.new(hsh[:assess])
42
42
  @inventory = Contrast::Components::Inventory::Interface.new(hsh[:inventory])
43
- @protect = Contrast::Config::ProtectConfiguration.new(hsh[:protect])
43
+ @protect = Contrast::Components::Protect::Interface.new(hsh[:protect])
44
44
  @service = Contrast::Config::ServiceConfiguration.new(hsh[:service])
45
45
  end
46
46
 
47
- # @return [Contrast::Config::ApiConfiguration]
47
+ # @return [Contrast::Components::Api::Interface]
48
48
  def api
49
- @api ||= Contrast::Config::ApiConfiguration.new
49
+ @api ||= Contrast::Components::Api::Interface.new
50
50
  end
51
51
 
52
52
  # @return [Contrast::Components::Agent::Interface]
@@ -74,9 +74,9 @@ module Contrast
74
74
  @inventory ||= Contrast::Components::Inventory::Interface.new
75
75
  end
76
76
 
77
- # @return [Contrast::Config::ProtectConfiguration]
77
+ # @return [Contrast::Components::Protect::Interface]
78
78
  def protect
79
- @protect ||= Contrast::Config::ProtectConfiguration.new
79
+ @protect ||= Contrast::Components::Protect::Interface.new
80
80
  end
81
81
 
82
82
  # @return [Contrast::Config::ServiceConfiguration]
@@ -16,12 +16,9 @@ require 'contrast/config/exception_configuration'
16
16
  require 'contrast/config/assess_rules_configuration'
17
17
  require 'contrast/config/protect_rule_configuration'
18
18
  require 'contrast/config/protect_rules_configuration'
19
- require 'contrast/config/sampling_configuration'
20
19
 
21
20
  require 'contrast/config/ruby_configuration'
22
- require 'contrast/config/api_configuration'
23
21
  require 'contrast/config/application_configuration'
24
22
  require 'contrast/config/server_configuration'
25
23
  require 'contrast/config/assess_configuration'
26
- require 'contrast/config/protect_configuration'
27
24
  require 'contrast/config/root_configuration'
@@ -59,7 +59,7 @@ module Contrast
59
59
  # ActionDispatch::Journey::Path::Pattern::MatchData, Hash, ActionDispatch::Journey::Route, Array<String>
60
60
  match, _params, route, path = get_full_route(request.rack_request)
61
61
  unless route
62
- logger.warn('Unable to determine the current route of this request')
62
+ logger.warn("Unable to determine the current route of this request: #{ request.rack_request }")
63
63
  return
64
64
  end
65
65
 
@@ -90,7 +90,7 @@ module Contrast
90
90
  # ActionDispatch::Journey::Path::Pattern::MatchData, Hash, ActionDispatch::Journey::Route, Array<String>
91
91
  match, _params, route, path = get_full_route(request.rack_request)
92
92
  unless route
93
- logger.warn('Unable to determine the current route of this request')
93
+ logger.warn("Unable to determine the current route of this request: #{ request.rack_request }")
94
94
  return
95
95
  end
96
96
 
@@ -182,6 +182,7 @@ module Contrast
182
182
  route_list += find_all_routes(route.app.app, [])
183
183
  end
184
184
  end
185
+ logger.debug("Routes Found: #{ route_list }")
185
186
  route_list
186
187
  end
187
188
 
@@ -12,7 +12,8 @@ module Contrast
12
12
  return unless info?
13
13
 
14
14
  info('Process environment information', p_id: Process.pid, pp_id: Process.ppid,
15
- agent_version: Contrast::Agent::VERSION)
15
+ agent_version: Contrast::Agent::VERSION,
16
+ ruby_version: RUBY_VERSION)
16
17
  ENV.each do |env_key, env_value|
17
18
  env_key = env_key.to_s
18
19
  next unless ENV_KEYS.include?(env_key) ||
@@ -13,72 +13,6 @@ require 'contrast/logger/time'
13
13
  require 'contrast/components/config'
14
14
  require 'contrast/utils/log_utils'
15
15
 
16
- module Contrast
17
- # This module allows us to dynamically weave timing into our code, so that only when the time is actually needed do
18
- # we pay the penalty for that timing block
19
- module TraceTiming
20
- def methods_to_time
21
- @_methods_to_time ||= []
22
- end
23
-
24
- # Store info about methods for later patching.
25
- METHOD_INFO = Struct.new(:clazz, :method_name, :custom_msg, :aliased)
26
-
27
- # Add a method to the list of methods to be trace timed if logger set to TRACE. Enables trace timing after if
28
- # logger set to TRACE.
29
- #
30
- # @param: clazz [Class] the class of the method to time.
31
- # @param: method [Symbol] the method to time.
32
- # @param: method [String] optional custom logging message.
33
- def add_method_to_trace_timing clazz, method, msg = nil
34
- methods_to_time.append(METHOD_INFO.new(clazz, method, msg, false))
35
- enable_trace_timing if logger.level == ::Ougai::Logging::TRACE
36
- end
37
-
38
- # Add a method to the list of methods to be trace timed if logger set to TRACE. Enables trace timing after if
39
- # logger set to TRACE.
40
- #
41
- # @param: meth_spec [METHOD_INFO] specs about the method to be timed.
42
- # @param: class_method [Boolean] whether this is or isn't a class/module method.
43
- def trace_time_class_method meth_spec, class_method # rubocop:disable Metrics/AbcSize
44
- untimed_func_symbol = "untimed_#{ meth_spec.method_name }".to_sym
45
- send_to = class_method ? meth_spec.clazz.cs__singleton_class : meth_spec.clazz
46
- meth_spec.clazz.class_eval do
47
- include(Contrast::Components::Logger::InstanceMethods)
48
- extend(Contrast::Components::Logger::InstanceMethods)
49
-
50
- send_to.send(:alias_method, untimed_func_symbol, meth_spec.method_name)
51
- meth_spec.aliased = true
52
-
53
- log_message = "Elapsed time for #{ meth_spec.method_name }."
54
- log_message = meth_spec.custom_message if meth_spec.custom_msg
55
-
56
- send_to.send(:define_method, meth_spec.method_name) do |*args, **kwargs, &block| # rubocop:disable Performance/Kernel/DefineMethod
57
- start = Process.clock_gettime(Process::CLOCK_MONOTONIC)
58
- rv = if kwargs.empty?
59
- send(untimed_func_symbol, *args, &block)
60
- else
61
- send(untimed_func_symbol, *args, **kwargs, &block)
62
- end
63
- delta = Process.clock_gettime(Process::CLOCK_MONOTONIC) - start
64
- logger.trace(log_message, elapsed: delta * 1000)
65
- rv
66
- end
67
- end
68
- end
69
-
70
- # Enable trace timing of methods specified in @_methods_to_time via aliasing.
71
- def enable_trace_timing
72
- methods_to_time.each do |meth_spec|
73
- next if meth_spec.aliased
74
-
75
- is_class_method = meth_spec.clazz.singleton_methods(false).include?(meth_spec.method_name)
76
- trace_time_class_method(meth_spec, is_class_method)
77
- end
78
- end
79
- end
80
- end
81
-
82
16
  module Contrast
83
17
  # Used as a wrapper around our logging. The module option specifically adds in a new method for error that raises the
84
18
  # logged exception, used in testing so that we can see if anything unexpected happens without it being swallowed
@@ -105,7 +39,6 @@ module Contrast
105
39
  # level based on updates to TeamServer.
106
40
  class Log
107
41
  include Singleton
108
- include ::Contrast::TraceTiming
109
42
  include Contrast::Utils::LogUtils
110
43
 
111
44
  attr_reader :previous_path, :previous_level
@@ -132,8 +65,6 @@ module Contrast
132
65
  @previous_path = current_path
133
66
  @previous_level = current_level_const
134
67
 
135
- enable_trace_timing if current_level_const == ::Ougai::Logging::TRACE
136
-
137
68
  progname = Contrast::CONFIG.root.agent.logger.progname
138
69
  @_logger = build(path: current_path, level_const: current_level_const, progname: progname)
139
70
  # If we're logging to a new path, then let's start it w/ our helpful
@@ -8,31 +8,38 @@ module Contrast
8
8
  module Time
9
9
  # Log the message at the given level.
10
10
  #
11
- # @param level [String] the name of the method to use. Should be one of
12
- # trace, debug, info, warn, error
11
+ # @param level [String] the name of the method to use. Should be one of trace, debug, info, warn, error
13
12
  # @param message [String] the message to log
14
13
  def with_level level, message
15
14
  send(level.to_sym, message)
16
15
  end
17
16
 
18
- # Log, at the debug level, the action with a message including the time
19
- # it took for the wrapped function to complete.
17
+ # Log, at the debug level, the action with a message including the time it took for the wrapped function to
18
+ # complete. If not logging to debug, simply yield the given block.
20
19
  #
21
- # @param msgs [Array<Object>] the arguments to pass to the logger.
22
- # msgs[0] will be modified to include the elapsed time.
20
+ # @param msgs [Array<Object>] the arguments to pass to the logger. msgs[0] will be modified to include the elapsed
21
+ # time.
23
22
  # @param block [Block, Proc] the block to execute
24
23
  def debug_with_time *msgs, &block
25
- log_with_time(:debug, *msgs, &block)
24
+ if debug?
25
+ log_with_time(:debug, *msgs, &block)
26
+ elsif block
27
+ yield
28
+ end
26
29
  end
27
30
 
28
- # Log, at the trace level, the action with a message including the time
29
- # it took for the wrapped function to complete.
31
+ # Log, at the trace level, the action with a message including the time it took for the wrapped function to
32
+ # complete. If not logging to debug, simply yield the given block.
30
33
  #
31
- # @param msgs [Array<Object>] the arguments to pass to the logger.
32
- # msgs[0] will be modified to include the elapsed time.
34
+ # @param msgs [Array<Object>] the arguments to pass to the logger. msgs[0] will be modified to include the elapsed
35
+ # time.
33
36
  # @param block [Block, Proc] the block to execute
34
37
  def trace_with_time *msgs, &block
35
- log_with_time(:trace, *msgs, &block)
38
+ if trace?
39
+ log_with_time(:trace, *msgs, &block)
40
+ elsif block
41
+ yield
42
+ end
36
43
  end
37
44
 
38
45
  private
@@ -131,7 +131,7 @@ module Contrast
131
131
  end
132
132
  return initialize_client if addr.host.to_s.include?('localhost') # TODO: RUBY-99999 allow http w/ localhost
133
133
 
134
- assign_cert(initialize_client) if use_custom_cert && Contrast::API.certification_enabled?
134
+ assign_cert(initialize_client) if use_custom_cert && Contrast::API.certification_enable
135
135
  initialize_client.use_ssl = true
136
136
  initialize_client.verify_mode = OpenSSL::SSL::VERIFY_PEER
137
137
  initialize_client.verify_depth = 5
@@ -150,7 +150,7 @@ module Contrast
150
150
  def proxy_enabled?
151
151
  return @_proxy_enabled unless @_proxy_enabled.nil?
152
152
 
153
- @_proxy_enabled = Contrast::API.proxy_enabled? && !Contrast::API.proxy_url.nil?
153
+ @_proxy_enabled = Contrast::API.proxy_enable && !Contrast::API.proxy_url.nil?
154
154
  end
155
155
 
156
156
  # Retrieve the IP address from the client.
data/lib/contrast.rb CHANGED
@@ -71,9 +71,9 @@ require 'contrast/agent/telemetry/events/exceptions/telemetry_exception_event'
71
71
  require 'protobuf' # TODO: RUBY-1438
72
72
 
73
73
  module Contrast
74
- API = Contrast::Components::Api::Interface.new
75
- SCOPE = Contrast::Components::Scope::Interface.new
76
74
  CONFIG = Contrast::Components::Config::Interface.new
75
+ SCOPE = Contrast::Components::Scope::Interface.new
76
+ API = CONFIG.root.api
77
77
  SETTINGS = Contrast::Components::Settings::Interface.new
78
78
  ASSESS = Contrast::Components::Assess::Interface.new
79
79
  PROTECT = Contrast::Components::Protect::Interface.new
@@ -1096,6 +1096,17 @@
1096
1096
  "tags":["SQL_ENCODED"],
1097
1097
  "untags":["SQL_DECODED"]
1098
1098
  },
1099
+ {
1100
+ "class_name":"ActiveRecord::ConnectionAdapters::Quoting",
1101
+ "instance_method": true,
1102
+ "method_visibility": "public",
1103
+ "method_name":"quote",
1104
+ "source": "P0",
1105
+ "target": "R",
1106
+ "action": "SPLAT",
1107
+ "tags":["SQL_ENCODED"],
1108
+ "untags":["SQL_DECODED"]
1109
+ },
1099
1110
  {
1100
1111
  "class_name":"IO",
1101
1112
  "method_name":"initialize",
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "deadzones":[
3
3
  {
4
- "class_name":"Rspec::Core::Example",
4
+ "class_name":"RSpec::Core::Example",
5
5
  "instance_method":true,
6
6
  "method_visibility": "private",
7
7
  "method_name":"finish"
@@ -49,19 +49,20 @@
49
49
  "class_name":"Rack::Session::Cookie",
50
50
  "instance_method":true,
51
51
  "method_visibility": "public",
52
- "method_name":"commit_session"
52
+ "method_name":"set_session"
53
53
  }, {
54
54
  "class_name":"Rack::Session::Abstract::Persisted",
55
55
  "instance_method":true,
56
56
  "method_visibility": "private",
57
57
  "method_name":"session_exists?",
58
- "code": "https://github.com/rack/rack/blob/master/lib/rack/session/abstract/id.rb#L334"
58
+ "code": "https://github.com/rack/rack-session/blob/main/lib/rack/session/abstract/id.rb#L339"
59
59
  }, {
60
60
  "class_name":"ActionDispatch::FileHandler",
61
61
  "instance_method":true,
62
62
  "method_visibility": "public",
63
63
  "method_name":"match?",
64
- "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/static.rb#L30"
64
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/static.rb#L30",
65
+ "note": "Removable once Rails 6.0 is no longer supported"
65
66
  }, {
66
67
  "class_name":"ActionDispatch::Http::MimeNegotiation",
67
68
  "instance_method":true,
@@ -109,97 +110,216 @@
109
110
  "instance_method":true,
110
111
  "method_visibility": "public",
111
112
  "method_name":"cookie_jar",
112
- "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L11"
113
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L11",
114
+ "note": "Removable once Rails 6.1 is no longer supported"
115
+ }, {
116
+ "class_name":"ActionDispatch::RequestCookieMethods",
117
+ "instance_method":true,
118
+ "method_visibility": "public",
119
+ "method_name":"cookie_jar",
120
+ "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L11"
113
121
  }, {
114
122
  "class_name":"ActionDispatch::Request",
115
123
  "instance_method":true,
116
124
  "method_visibility": "public",
117
125
  "method_name":"have_cookie_jar?",
118
- "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L24"
126
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L24",
127
+ "note": "Removable once Rails 6.1 is no longer supported"
128
+ }, {
129
+ "class_name":"ActionDispatch::RequestCookieMethods",
130
+ "instance_method":true,
131
+ "method_visibility": "public",
132
+ "method_name":"have_cookie_jar?",
133
+ "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L24"
119
134
  }, {
120
135
  "class_name":"ActionDispatch::Request",
121
136
  "instance_method":true,
122
137
  "method_visibility": "public",
123
138
  "method_name":"key_generator",
124
- "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L32"
139
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L32",
140
+ "note": "Removable once Rails 6.1 is no longer supported"
141
+ }, {
142
+ "class_name":"ActionDispatch::RequestCookieMethods",
143
+ "instance_method":true,
144
+ "method_visibility": "public",
145
+ "method_name":"key_generator",
146
+ "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L32"
125
147
  }, {
126
148
  "class_name":"ActionDispatch::Request",
127
149
  "instance_method":true,
128
150
  "method_visibility": "public",
129
151
  "method_name":"signed_cookie_salt",
130
- "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L36"
152
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L36",
153
+ "note": "Removable once Rails 6.1 is no longer supported"
154
+ }, {
155
+ "class_name":"ActionDispatch::RequestCookieMethods",
156
+ "instance_method":true,
157
+ "method_visibility": "public",
158
+ "method_name":"signed_cookie_salt",
159
+ "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L36"
131
160
  }, {
132
161
  "class_name":"ActionDispatch::Request",
133
162
  "instance_method":true,
134
163
  "method_visibility": "public",
135
164
  "method_name":"encrypted_cookie_salt",
136
- "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L40"
165
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L40",
166
+ "note": "Removable once Rails 6.1 is no longer supported"
167
+ }, {
168
+ "class_name":"ActionDispatch::RequestCookieMethods",
169
+ "instance_method":true,
170
+ "method_visibility": "public",
171
+ "method_name":"encrypted_cookie_salt",
172
+ "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L40"
137
173
  }, {
138
174
  "class_name":"ActionDispatch::Request",
139
175
  "instance_method":true,
140
176
  "method_visibility": "public",
141
177
  "method_name":"encrypted_signed_cookie_salt",
142
- "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L44"
178
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L44",
179
+ "note": "Removable once Rails 6.1 is no longer supported"
180
+ }, {
181
+ "class_name":"ActionDispatch::RequestCookieMethods",
182
+ "instance_method":true,
183
+ "method_visibility": "public",
184
+ "method_name":"encrypted_signed_cookie_salt",
185
+ "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L44"
143
186
  }, {
144
187
  "class_name":"ActionDispatch::Request",
145
188
  "instance_method":true,
146
189
  "method_visibility": "public",
147
190
  "method_name":"authenticated_encrypted_cookie_salt",
148
- "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L48"
191
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L48",
192
+ "note": "Removable once Rails 6.1 is no longer supported"
193
+ }, {
194
+ "class_name":"ActionDispatch::RequestCookieMethods",
195
+ "instance_method":true,
196
+ "method_visibility": "public",
197
+ "method_name":"authenticated_encrypted_cookie_salt",
198
+ "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L48"
149
199
  }, {
150
200
  "class_name":"ActionDispatch::Request",
151
201
  "instance_method":true,
152
202
  "method_visibility": "public",
153
203
  "method_name":"use_authenticated_cookie_encryption",
154
- "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L52"
204
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L52",
205
+ "note": "Removable once Rails 6.1 is no longer supported"
206
+ }, {
207
+ "new": true,
208
+ "class_name":"ActionDispatch::RequestCookieMethods",
209
+ "instance_method": true,
210
+ "method_visibility": "public",
211
+ "method_name": "use_authenticated_cookie_encryption",
212
+ "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L52"
155
213
  }, {
156
214
  "class_name":"ActionDispatch::Request",
157
215
  "instance_method":true,
158
216
  "method_visibility": "public",
159
217
  "method_name":"encrypted_cookie_cipher",
160
- "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L56"
218
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L56",
219
+ "note": "Removable once Rails 6.1 is no longer supported"
220
+ }, {
221
+ "class_name":"ActionDispatch::RequestCookieMethods",
222
+ "instance_method":true,
223
+ "method_visibility": "public",
224
+ "method_name":"encrypted_cookie_cipher",
225
+ "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L56"
161
226
  }, {
162
227
  "class_name":"ActionDispatch::Request",
163
228
  "instance_method":true,
164
229
  "method_visibility": "public",
165
230
  "method_name":"signed_cookie_digest",
166
- "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L60"
231
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L60",
232
+ "note": "Removable once Rails 6.1 is no longer supported"
233
+ }, {
234
+ "class_name":"ActionDispatch::RequestCookieMethods",
235
+ "instance_method":true,
236
+ "method_visibility": "public",
237
+ "method_name":"signed_cookie_digest",
238
+ "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L60"
167
239
  }, {
168
240
  "class_name":"ActionDispatch::Request",
169
241
  "instance_method":true,
170
242
  "method_visibility": "public",
171
243
  "method_name":"secret_key_base",
172
- "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L64"
244
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L64",
245
+ "note": "Removable once Rails 6.1 is no longer supported"
246
+ }, {
247
+ "class_name":"ActionDispatch::RequestCookieMethods",
248
+ "instance_method":true,
249
+ "method_visibility": "public",
250
+ "method_name":"secret_key_base",
251
+ "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L64"
173
252
  }, {
174
253
  "class_name":"ActionDispatch::Request",
175
254
  "instance_method":true,
176
255
  "method_visibility": "public",
177
256
  "method_name":"cookies_serializer",
178
- "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L68"
257
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L68",
258
+ "note": "Removable once Rails 6.1 is no longer supported"
259
+ }, {
260
+ "class_name":"ActionDispatch::RequestCookieMethods",
261
+ "instance_method":true,
262
+ "method_visibility": "public",
263
+ "method_name":"cookies_serializer",
264
+ "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L68"
179
265
  }, {
180
266
  "class_name":"ActionDispatch::Request",
181
267
  "instance_method":true,
182
268
  "method_visibility": "public",
183
269
  "method_name":"cookies_digest",
184
- "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L72"
270
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L72",
271
+ "note": "Removable once Rails 6.1 is no longer supported"
272
+ }, {
273
+ "class_name":"ActionDispatch::RequestCookieMethods",
274
+ "instance_method":true,
275
+ "method_visibility": "public",
276
+ "method_name":"cookies_digest",
277
+ "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L76"
278
+ }, {
279
+ "class_name":"ActionDispatch::RequestCookieMethods",
280
+ "instance_method":true,
281
+ "method_visibility": "public",
282
+ "method_name":"cookies_same_site_protection",
283
+ "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L72"
185
284
  }, {
186
285
  "class_name":"ActionDispatch::Request",
187
286
  "instance_method":true,
188
287
  "method_visibility": "public",
189
288
  "method_name":"cookies_rotations",
190
- "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L76"
289
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L76",
290
+ "note": "Removable once Rails 6.1 is no longer supported"
291
+ }, {
292
+ "class_name":"ActionDispatch::RequestCookieMethods",
293
+ "instance_method":true,
294
+ "method_visibility": "public",
295
+ "method_name":"cookies_rotations",
296
+ "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L80"
191
297
  }, {
192
298
  "class_name":"ActionDispatch::Request",
193
299
  "instance_method":true,
194
300
  "method_visibility": "public",
195
301
  "method_name":"use_cookies_with_metadata",
196
- "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L80"
302
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L80",
303
+ "note": "Removable once Rails 6.1 is no longer supported"
304
+ }, {
305
+ "class_name":"ActionDispatch::RequestCookieMethods",
306
+ "instance_method":true,
307
+ "method_visibility": "public",
308
+ "method_name":"use_cookies_with_metadata",
309
+ "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L84"
197
310
  }, {
198
311
  "class_name":"ActionDispatch::Request::Session",
199
312
  "instance_method":true,
200
313
  "method_visibility": "public",
201
314
  "method_name":"exists?",
202
315
  "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/request/session.rb#L201"
316
+ }, {
317
+ "class_name":"OmniAuth::Strategies::OAuth2",
318
+ "instance_method":true,
319
+ "method_visibility": "public",
320
+ "method_name":"request_phase",
321
+ "code": "https://github.com/omniauth/omniauth-oauth2/blob/v1.7.2/lib/omniauth/strategies/oauth2.rb#L58",
322
+ "note": "Prevent XSS False Positive from redirect as Omniauth handles security of URL & params"
203
323
  }
204
324
  ]
205
325
  }
@@ -1 +1 @@
1
- 2.28.20
1
+ 2.28.22
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: contrast-agent
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.5.0
4
+ version: 6.6.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - galen.palmer@contrastsecurity.com
@@ -13,7 +13,7 @@ authors:
13
13
  autorequire:
14
14
  bindir: exe
15
15
  cert_chain: []
16
- date: 2022-06-29 00:00:00.000000000 Z
16
+ date: 2022-07-13 00:00:00.000000000 Z
17
17
  dependencies:
18
18
  - !ruby/object:Gem::Dependency
19
19
  name: bundler
@@ -665,22 +665,22 @@ executables:
665
665
  - contrast_service
666
666
  extensions:
667
667
  - ext/cs__common/extconf.rb
668
+ - ext/cs__assess_fiber_track/extconf.rb
669
+ - ext/cs__assess_string/extconf.rb
670
+ - ext/cs__assess_module/extconf.rb
671
+ - ext/cs__assess_test/extconf.rb
672
+ - ext/cs__assess_kernel/extconf.rb
668
673
  - ext/cs__assess_yield_track/extconf.rb
674
+ - ext/cs__assess_hash/extconf.rb
669
675
  - ext/cs__os_information/extconf.rb
670
676
  - ext/cs__contrast_patch/extconf.rb
671
- - ext/cs__assess_array/extconf.rb
672
- - ext/cs__assess_test/extconf.rb
673
- - ext/cs__assess_string_interpolation/extconf.rb
674
- - ext/cs__assess_fiber_track/extconf.rb
675
677
  - ext/cs__assess_marshal_module/extconf.rb
676
- - ext/cs__assess_basic_object/extconf.rb
677
678
  - ext/cs__assess_regexp/extconf.rb
678
- - ext/cs__assess_string/extconf.rb
679
- - ext/cs__tests/extconf.rb
680
- - ext/cs__assess_module/extconf.rb
681
- - ext/cs__assess_hash/extconf.rb
682
- - ext/cs__assess_kernel/extconf.rb
679
+ - ext/cs__assess_array/extconf.rb
683
680
  - ext/cs__scope/extconf.rb
681
+ - ext/cs__assess_basic_object/extconf.rb
682
+ - ext/cs__tests/extconf.rb
683
+ - ext/cs__assess_string_interpolation/extconf.rb
684
684
  extra_rdoc_files: []
685
685
  files:
686
686
  - ".clang-format"
@@ -1192,7 +1192,6 @@ files:
1192
1192
  - lib/contrast/components/scope.rb
1193
1193
  - lib/contrast/components/settings.rb
1194
1194
  - lib/contrast/config.rb
1195
- - lib/contrast/config/api_configuration.rb
1196
1195
  - lib/contrast/config/api_proxy_configuration.rb
1197
1196
  - lib/contrast/config/application_configuration.rb
1198
1197
  - lib/contrast/config/assess_configuration.rb
@@ -1201,13 +1200,11 @@ files:
1201
1200
  - lib/contrast/config/certification_configuration.rb
1202
1201
  - lib/contrast/config/env_variables.rb
1203
1202
  - lib/contrast/config/exception_configuration.rb
1204
- - lib/contrast/config/protect_configuration.rb
1205
1203
  - lib/contrast/config/protect_rule_configuration.rb
1206
1204
  - lib/contrast/config/protect_rules_configuration.rb
1207
1205
  - lib/contrast/config/request_audit_configuration.rb
1208
1206
  - lib/contrast/config/root_configuration.rb
1209
1207
  - lib/contrast/config/ruby_configuration.rb
1210
- - lib/contrast/config/sampling_configuration.rb
1211
1208
  - lib/contrast/config/server_configuration.rb
1212
1209
  - lib/contrast/config/service_configuration.rb
1213
1210
  - lib/contrast/configuration.rb
@@ -1,56 +0,0 @@
1
- # Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
- # frozen_string_literal: true
3
-
4
- require 'contrast/config/api_proxy_configuration'
5
- require 'contrast/config/certification_configuration'
6
- require 'contrast/config/request_audit_configuration'
7
-
8
- module Contrast
9
- module Config
10
- # Api keys configuration
11
- class ApiConfiguration
12
- include Contrast::Config::BaseConfiguration
13
-
14
- # @return [String]
15
- attr_accessor :api_key
16
- # @return [String]
17
- attr_accessor :user_name
18
- # @return [String]
19
- attr_accessor :service_key
20
- attr_writer :url, :proxy, :request_audit, :certificate
21
-
22
- DEFAULT_URL = 'https://app.contrastsecurity.com/Contrast'
23
-
24
- def initialize hsh = {}
25
- return unless hsh
26
-
27
- @api_key = hsh[:api_key]
28
- @url = hsh[:url]
29
- @user_name = hsh[:user_name]
30
- @service_key = hsh[:service_key]
31
- @proxy = Contrast::Config::ApiProxyConfiguration.new(hsh[:proxy])
32
- @request_audit = Contrast::Config::RequestAuditConfiguration.new(hsh[:request_audit])
33
- @certificate = Contrast::Config::CertificationConfiguration.new(hsh[:certificate])
34
- end
35
-
36
- def url
37
- @url.nil? ? DEFAULT_URL : @url
38
- end
39
-
40
- # @return [Contrast::Config::ApiProxyConfiguration]
41
- def proxy
42
- @proxy ||= Contrast::Config::ApiProxyConfiguration.new
43
- end
44
-
45
- # @return [Contrast::Config::RequestAuditConfiguration]
46
- def request_audit
47
- @request_audit ||= Contrast::Config::RequestAuditConfiguration.new
48
- end
49
-
50
- # @return [Contrast::Config::CertificationConfiguration]
51
- def certificate
52
- @certificate ||= Contrast::Config::CertificationConfiguration.new
53
- end
54
- end
55
- end
56
- end
@@ -1,33 +0,0 @@
1
- # Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
- # frozen_string_literal: true
3
-
4
- module Contrast
5
- module Config
6
- # Common Configuration settings. Those in this section pertain to the protect functionality of the Agent.
7
- class ProtectConfiguration
8
- include Contrast::Config::BaseConfiguration
9
-
10
- # @return [Boolean, nil]
11
- attr_accessor :enable
12
- attr_writer :exceptions, :rules
13
-
14
- def initialize hsh = {}
15
- return unless hsh
16
-
17
- @exceptions = Contrast::Config::ExceptionConfiguration.new(hsh[:exceptions])
18
- @rules = Contrast::Config::ProtectRulesConfiguration.new(hsh[:rules])
19
- @enable = hsh[:enable]
20
- end
21
-
22
- # @return [Contrast::Config::ExceptionConfiguration]
23
- def exceptions
24
- @exceptions ||= Contrast::Config::ExceptionConfiguration.new
25
- end
26
-
27
- # @return [Contrast::Config::ProtectRulesConfiguration]
28
- def rules
29
- @rules ||= Contrast::Config::ProtectRulesConfiguration.new
30
- end
31
- end
32
- end
33
- end
@@ -1,35 +0,0 @@
1
- # Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
- # frozen_string_literal: true
3
-
4
- module Contrast
5
- module Config
6
- # Common Configuration settings. Those in this section pertain to the sampling functionality of the Agent.
7
- class SamplingConfiguration
8
- include Contrast::Config::BaseConfiguration
9
-
10
- # @return [Integer, nil]
11
- attr_reader :baseline
12
- # @return [Integer, nil]
13
- attr_reader :request_frequency
14
- # @return [Integer, nil]
15
- attr_reader :response_frequency
16
- # @return [Integer, nil]
17
- attr_reader :window_ms
18
-
19
- def initialize hsh = {}
20
- return unless hsh
21
-
22
- @enable = hsh[:enable]
23
- @baseline = hsh[:baseline]
24
- @request_frequency = hsh[:request_frequency]
25
- @response_frequency = hsh[:response_frequency]
26
- @window_ms = hsh[:window_ms]
27
- end
28
-
29
- # @return [Boolean, false]
30
- def enable
31
- !!@enable
32
- end
33
- end
34
- end
35
- end