contrast-agent 6.6.3 → 6.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +3 -0
- data/.gitmodules +0 -3
- data/ext/cs__scope/cs__scope.c +1 -1
- data/lib/contrast/agent/assess/contrast_event.rb +2 -24
- data/lib/contrast/agent/assess/events/source_event.rb +7 -61
- data/lib/contrast/agent/assess/finalizers/hash.rb +11 -0
- data/lib/contrast/agent/assess/policy/dynamic_source_factory.rb +0 -55
- data/lib/contrast/agent/assess/policy/policy_node.rb +3 -3
- data/lib/contrast/agent/assess/policy/policy_node_utils.rb +0 -1
- data/lib/contrast/agent/assess/policy/propagation_node.rb +4 -4
- data/lib/contrast/agent/assess/policy/source_method.rb +24 -1
- data/lib/contrast/agent/assess/policy/trigger/reflected_xss.rb +7 -5
- data/lib/contrast/agent/assess/policy/trigger/xpath.rb +6 -1
- data/lib/contrast/agent/assess/policy/trigger_method.rb +38 -119
- data/lib/contrast/agent/assess/policy/trigger_node.rb +3 -3
- data/lib/contrast/agent/assess/property/evented.rb +2 -12
- data/lib/contrast/agent/assess/rule/provider/hardcoded_value_rule.rb +42 -82
- data/lib/contrast/agent/assess/rule/response/base_rule.rb +11 -27
- data/lib/contrast/agent/assess/rule/response/body_rule.rb +1 -3
- data/lib/contrast/agent/assess/rule/response/cache_control_header_rule.rb +77 -62
- data/lib/contrast/agent/assess/rule/response/csp_header_insecure_rule.rb +1 -1
- data/lib/contrast/agent/assess/rule/response/framework/rails_support.rb +6 -1
- data/lib/contrast/agent/assess/rule/response/header_rule.rb +5 -5
- data/lib/contrast/agent/assess/rule/response/hsts_header_rule.rb +1 -1
- data/lib/contrast/agent/assess/rule/response/x_xss_protection_header_rule.rb +1 -1
- data/lib/contrast/agent/assess/tracker.rb +1 -7
- data/lib/contrast/agent/at_exit_hook.rb +1 -7
- data/lib/contrast/agent/excluder.rb +206 -0
- data/lib/contrast/agent/exclusion_matcher.rb +6 -0
- data/lib/contrast/agent/inventory/database_config.rb +18 -23
- data/lib/contrast/agent/middleware.rb +0 -1
- data/lib/contrast/agent/protect/policy/applies_command_injection_rule.rb +4 -0
- data/lib/contrast/agent/protect/policy/applies_sqli_rule.rb +1 -0
- data/lib/contrast/agent/protect/rule/base.rb +64 -24
- data/lib/contrast/agent/protect/rule/base_service.rb +1 -0
- data/lib/contrast/agent/protect/rule/cmd_injection.rb +18 -104
- data/lib/contrast/agent/protect/rule/cmdi/cmdi_backdoors.rb +129 -0
- data/lib/contrast/agent/protect/rule/cmdi/cmdi_base_rule.rb +169 -0
- data/lib/contrast/agent/protect/rule/deserialization.rb +7 -5
- data/lib/contrast/agent/protect/rule/path_traversal.rb +9 -7
- data/lib/contrast/agent/protect/rule/sql_sample_builder.rb +16 -14
- data/lib/contrast/agent/protect/rule/sqli/sqli_base_rule.rb +51 -0
- data/lib/contrast/agent/protect/rule/sqli/sqli_semantic/sqli_dangerous_functions.rb +67 -0
- data/lib/contrast/agent/protect/rule/sqli.rb +6 -31
- data/lib/contrast/agent/protect/rule/xxe.rb +11 -6
- data/lib/contrast/agent/protect/rule.rb +3 -1
- data/lib/contrast/agent/reporting/attack_result/attack_result.rb +8 -0
- data/lib/contrast/agent/reporting/attack_result/rasp_rule_sample.rb +91 -36
- data/lib/contrast/agent/reporting/attack_result/user_input.rb +11 -0
- data/lib/contrast/agent/reporting/details/bot_blocker_details.rb +29 -0
- data/lib/contrast/agent/reporting/details/cmd_injection_details.rb +30 -0
- data/lib/contrast/agent/reporting/details/details.rb +18 -0
- data/lib/contrast/agent/reporting/details/http_method_tempering_details.rb +27 -0
- data/lib/contrast/agent/reporting/details/ip_denylist_details.rb +27 -0
- data/lib/contrast/agent/reporting/details/no_sqli_details.rb +36 -0
- data/lib/contrast/agent/reporting/details/path_traversal_details.rb +24 -0
- data/lib/contrast/agent/reporting/details/path_traversal_semantic_analysis_details.rb +32 -0
- data/lib/contrast/agent/reporting/details/protect_rule_details.rb +17 -0
- data/lib/contrast/agent/reporting/details/sqli_dangerous_functions.rb +22 -0
- data/lib/contrast/agent/reporting/details/sqli_details.rb +36 -0
- data/lib/contrast/agent/reporting/details/untrusted_deserialization_details.rb +27 -0
- data/lib/contrast/agent/reporting/details/virtual_patch_details.rb +24 -0
- data/lib/contrast/agent/reporting/details/xss_details.rb +33 -0
- data/lib/contrast/agent/reporting/details/xss_match.rb +30 -0
- data/lib/contrast/agent/reporting/details/xxe_details.rb +36 -0
- data/lib/contrast/agent/reporting/details/xxe_match.rb +25 -0
- data/lib/contrast/agent/reporting/details/xxe_wrapper.rb +25 -0
- data/lib/contrast/agent/reporting/input_analysis/input_analysis_result.rb +1 -1
- data/lib/contrast/agent/reporting/masker/masker.rb +78 -65
- data/lib/contrast/agent/reporting/masker/masker_utils.rb +1 -30
- data/lib/contrast/agent/reporting/reporter.rb +1 -2
- data/lib/contrast/agent/reporting/reporting_events/agent_startup.rb +2 -2
- data/lib/contrast/agent/reporting/reporting_events/application_activity.rb +81 -15
- data/lib/contrast/agent/reporting/reporting_events/application_defend_activity.rb +13 -25
- data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_activity.rb +17 -22
- data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample.rb +46 -125
- data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample_activity.rb +5 -16
- data/lib/contrast/agent/reporting/reporting_events/application_defend_attacker_activity.rb +10 -18
- data/lib/contrast/agent/reporting/reporting_events/application_inventory_activity.rb +6 -14
- data/lib/contrast/agent/reporting/reporting_events/application_startup.rb +1 -1
- data/lib/contrast/agent/reporting/reporting_events/architecture_component.rb +7 -21
- data/lib/contrast/agent/reporting/reporting_events/finding.rb +19 -49
- data/lib/contrast/agent/reporting/reporting_events/finding_event.rb +12 -9
- data/lib/contrast/agent/reporting/reporting_events/finding_event_signature.rb +1 -1
- data/lib/contrast/agent/reporting/reporting_events/finding_event_source.rb +23 -21
- data/lib/contrast/agent/reporting/reporting_events/finding_event_stack.rb +5 -18
- data/lib/contrast/agent/reporting/reporting_events/finding_event_taint_range.rb +1 -0
- data/lib/contrast/{api/decorators/trace_taint_range_tags.rb → agent/reporting/reporting_events/finding_event_taint_range_tags.rb} +7 -6
- data/lib/contrast/agent/reporting/reporting_events/finding_request.rb +45 -10
- data/lib/contrast/agent/reporting/reporting_events/library_usage_observation.rb +1 -1
- data/lib/contrast/agent/reporting/reporting_events/observed_route.rb +2 -2
- data/lib/contrast/agent/reporting/reporting_events/preflight_message.rb +10 -14
- data/lib/contrast/agent/reporting/reporting_events/reporting_event.rb +11 -0
- data/lib/contrast/agent/reporting/reporting_events/route_coverage.rb +3 -1
- data/lib/contrast/agent/reporting/reporting_events/route_discovery.rb +11 -23
- data/lib/contrast/agent/reporting/reporting_events/route_discovery_observation.rb +8 -26
- data/lib/contrast/agent/reporting/reporting_utilities/audit.rb +1 -1
- data/lib/contrast/agent/reporting/reporting_utilities/build_preflight.rb +4 -7
- data/lib/contrast/agent/reporting/reporting_utilities/headers.rb +1 -1
- data/lib/contrast/agent/reporting/reporting_utilities/reporter_client.rb +2 -1
- data/lib/contrast/agent/reporting/reporting_utilities/reporter_client_utils.rb +3 -3
- data/lib/contrast/agent/request.rb +4 -2
- data/lib/contrast/agent/request_context.rb +12 -15
- data/lib/contrast/agent/request_context_extend.rb +67 -69
- data/lib/contrast/agent/request_handler.rb +1 -11
- data/lib/contrast/agent/response.rb +0 -18
- data/lib/contrast/agent/service_heartbeat.rb +1 -1
- data/lib/contrast/agent/telemetry/events/event.rb +1 -1
- data/lib/contrast/agent/telemetry/events/metric_event.rb +1 -1
- data/lib/contrast/agent/telemetry/events/startup_metrics_event.rb +3 -3
- data/lib/contrast/agent/version.rb +1 -1
- data/lib/contrast/api/communication/messaging_queue.rb +2 -3
- data/lib/contrast/api/communication/socket_client.rb +4 -4
- data/lib/contrast/api/communication/speedracer.rb +4 -8
- data/lib/contrast/api/decorators/agent_startup.rb +5 -6
- data/lib/contrast/api/decorators/application_settings.rb +2 -1
- data/lib/contrast/api/decorators/application_startup.rb +6 -6
- data/lib/contrast/api/decorators/message.rb +0 -4
- data/lib/contrast/api/decorators/rasp_rule_sample.rb +0 -6
- data/lib/contrast/api/decorators.rb +0 -6
- data/lib/contrast/api/dtm.pb.rb +0 -489
- data/lib/contrast/components/agent.rb +16 -12
- data/lib/contrast/components/api.rb +10 -10
- data/lib/contrast/components/app_context.rb +9 -9
- data/lib/contrast/components/app_context_extend.rb +1 -1
- data/lib/contrast/components/assess.rb +92 -38
- data/lib/contrast/components/assess_rules.rb +36 -0
- data/lib/contrast/components/config.rb +54 -12
- data/lib/contrast/components/contrast_service.rb +8 -8
- data/lib/contrast/components/heap_dump.rb +1 -1
- data/lib/contrast/components/protect.rb +5 -5
- data/lib/contrast/components/ruby_component.rb +81 -0
- data/lib/contrast/components/sampling.rb +1 -1
- data/lib/contrast/components/security_logger.rb +23 -0
- data/lib/contrast/components/service.rb +55 -0
- data/lib/contrast/components/settings.rb +12 -4
- data/lib/contrast/config/base_configuration.rb +1 -1
- data/lib/contrast/config/protect_rules_configuration.rb +17 -3
- data/lib/contrast/config/server_configuration.rb +1 -1
- data/lib/contrast/config.rb +0 -6
- data/lib/contrast/configuration.rb +81 -17
- data/lib/contrast/extension/assess/exec_trigger.rb +3 -1
- data/lib/contrast/extension/assess/marshal.rb +3 -2
- data/lib/contrast/extension/assess/string.rb +0 -1
- data/lib/contrast/extension/extension.rb +1 -1
- data/lib/contrast/framework/base_support.rb +0 -5
- data/lib/contrast/framework/grape/support.rb +1 -23
- data/lib/contrast/framework/manager.rb +0 -10
- data/lib/contrast/framework/rails/patch/action_controller_live_buffer.rb +1 -6
- data/lib/contrast/framework/rails/support.rb +5 -58
- data/lib/contrast/framework/sinatra/support.rb +2 -21
- data/lib/contrast/logger/cef_log.rb +21 -3
- data/lib/contrast/logger/log.rb +1 -11
- data/lib/contrast/tasks/config.rb +4 -2
- data/lib/contrast/utils/assess/event_limit_utils.rb +28 -12
- data/lib/contrast/utils/assess/trigger_method_utils.rb +10 -18
- data/lib/contrast/utils/findings.rb +6 -5
- data/lib/contrast/utils/hash_digest.rb +9 -24
- data/lib/contrast/utils/hash_digest_extend.rb +6 -6
- data/lib/contrast/utils/invalid_configuration_util.rb +21 -58
- data/lib/contrast/utils/log_utils.rb +47 -17
- data/lib/contrast/utils/net_http_base.rb +7 -8
- data/lib/contrast/utils/patching/policy/patch_utils.rb +3 -2
- data/lib/contrast/utils/stack_trace_utils.rb +0 -25
- data/lib/contrast/utils/string_utils.rb +9 -0
- data/lib/contrast/utils/telemetry_client.rb +13 -7
- data/lib/contrast.rb +5 -10
- metadata +39 -28
- data/lib/contrast/agent/reporting/reporting_events/trace_event_source.rb +0 -30
- data/lib/contrast/agent/reporting/reporting_utilities/dtm_message.rb +0 -43
- data/lib/contrast/api/decorators/activity.rb +0 -33
- data/lib/contrast/api/decorators/architecture_component.rb +0 -36
- data/lib/contrast/api/decorators/finding.rb +0 -29
- data/lib/contrast/api/decorators/route_coverage.rb +0 -91
- data/lib/contrast/api/decorators/trace_event.rb +0 -120
- data/lib/contrast/api/decorators/trace_event_object.rb +0 -63
- data/lib/contrast/api/decorators/trace_event_signature.rb +0 -69
- data/lib/contrast/api/decorators/trace_taint_range.rb +0 -52
- data/lib/contrast/config/assess_configuration.rb +0 -93
- data/lib/contrast/config/assess_rules_configuration.rb +0 -32
- data/lib/contrast/config/root_configuration.rb +0 -90
- data/lib/contrast/config/ruby_configuration.rb +0 -81
- data/lib/contrast/config/service_configuration.rb +0 -49
- data/lib/contrast/utils/preflight_util.rb +0 -13
@@ -3,7 +3,9 @@
|
|
3
3
|
|
4
4
|
require 'socket'
|
5
5
|
require 'contrast/agent/version'
|
6
|
+
require 'contrast/utils/object_share'
|
6
7
|
require 'contrast/logger/aliased_logging'
|
8
|
+
require 'fileutils'
|
7
9
|
|
8
10
|
module Contrast
|
9
11
|
module Utils
|
@@ -17,6 +19,17 @@ module Contrast
|
|
17
19
|
PROGNAME = 'Contrast Agent'
|
18
20
|
DATE_TIME_FORMAT = '%Y-%m-%dT%H:%M:%S.%L%z'
|
19
21
|
|
22
|
+
# StringIO is a valid path because it logs directly to a string buffer
|
23
|
+
def write_permission? path
|
24
|
+
return false if path.nil?
|
25
|
+
return true if path.is_a?(StringIO)
|
26
|
+
return File.writable?(path) if File.exist?(path)
|
27
|
+
|
28
|
+
dir_name = File.dirname(File.absolute_path(path))
|
29
|
+
FileUtils.mkdir_p(dir_name) unless Dir.exist?(dir_name)
|
30
|
+
File.writable?(dir_name)
|
31
|
+
end
|
32
|
+
|
20
33
|
private
|
21
34
|
|
22
35
|
def build path: STDOUT_STR, level_const: DEFAULT_LEVEL, progname: PROGNAME
|
@@ -47,26 +60,26 @@ module Contrast
|
|
47
60
|
# TeamServer.
|
48
61
|
# @return [String] the path to which to log or STDOUT / STDERR if one of those values provided.
|
49
62
|
def find_valid_path log_file
|
50
|
-
config = ::Contrast::CONFIG.
|
63
|
+
config = ::Contrast::CONFIG.agent.logger
|
51
64
|
config_path = config&.path&.length.to_i.positive? ? config.path : nil
|
52
65
|
valid_path(config_path || log_file)
|
53
66
|
end
|
54
67
|
|
55
|
-
def valid_path path
|
68
|
+
def valid_path path, default_name: DEFAULT_NAME
|
56
69
|
path = path.nil? ? Contrast::Utils::ObjectShare::EMPTY_STRING : path
|
57
70
|
return path if path == STDOUT_STR
|
58
71
|
return path if path == STDERR_STR
|
59
72
|
|
60
|
-
path =
|
73
|
+
path = default_name if path.empty?
|
61
74
|
if write_permission?(path)
|
62
75
|
path
|
63
|
-
elsif write_permission?(
|
76
|
+
elsif write_permission?(default_name)
|
64
77
|
# Log once when the path is invalid. We'll change to this path, so no
|
65
78
|
# need to log again.
|
66
|
-
if previous_path !=
|
67
|
-
$stdout.puts("[!] Unable to write to '#{ path }'. Writing to default log '#{
|
79
|
+
if previous_path != default_name
|
80
|
+
$stdout.puts("[!] Unable to write to '#{ path }'. Writing to default log '#{ default_name }' instead.")
|
68
81
|
end
|
69
|
-
|
82
|
+
default_name
|
70
83
|
else
|
71
84
|
# Log once when the path is invalid. We'll change to this path, so no
|
72
85
|
# need to log again.
|
@@ -81,7 +94,7 @@ module Contrast
|
|
81
94
|
# TeamServer.
|
82
95
|
# @return [::Ougai::Logging::Severity] the level at which to log
|
83
96
|
def find_valid_level log_level
|
84
|
-
config = ::Contrast::CONFIG.
|
97
|
+
config = ::Contrast::CONFIG.agent.logger
|
85
98
|
config_level = config&.level&.length&.positive? ? config.level : nil
|
86
99
|
|
87
100
|
valid_level(config_level || log_level)
|
@@ -166,6 +179,18 @@ module Contrast
|
|
166
179
|
end
|
167
180
|
end
|
168
181
|
|
182
|
+
def valid_level level
|
183
|
+
level ||= DEFAULT_LEVEL
|
184
|
+
level = level.upcase
|
185
|
+
if VALID_LEVELS.include?(level)
|
186
|
+
Object.cs__const_get("::Logger::Severity::#{ level }")
|
187
|
+
else
|
188
|
+
DEFAULT_LEVEL
|
189
|
+
end
|
190
|
+
rescue StandardError
|
191
|
+
DEFAULT_LEVEL
|
192
|
+
end
|
193
|
+
|
169
194
|
# This method will extract the metadata information from context and other places
|
170
195
|
#
|
171
196
|
# initial structure of the data:
|
@@ -175,13 +200,10 @@ module Contrast
|
|
175
200
|
# initially here we will use case to add it
|
176
201
|
def extract_metadata rule_id = nil, outcome = nil
|
177
202
|
message = []
|
178
|
-
|
203
|
+
request = context&.activity&.request
|
204
|
+
sender_info = { ip: request&.ip || Contrast::Utils::ObjectShare::EMPTY_STRING, port: request&.port || 0 }
|
179
205
|
rule_id ? message << "pri=#{ rule_id } " : 'asd'
|
180
|
-
request_method =
|
181
|
-
context.request.rack_request.env['REQUEST_METHOD']
|
182
|
-
else
|
183
|
-
DEFAULT_METADATA
|
184
|
-
end
|
206
|
+
request_method = assign_request_method(context)
|
185
207
|
app_name = ::Contrast::APP_CONTEXT.name # rubocop:disable Security/Module/Name
|
186
208
|
attach_request_and_sender_info(message, sender_info)
|
187
209
|
message << "request=#{ context.request.url } "
|
@@ -198,10 +220,10 @@ module Contrast
|
|
198
220
|
src = if needed_header
|
199
221
|
needed_header
|
200
222
|
else
|
201
|
-
sender_info
|
223
|
+
sender_info[:ip].length > 1 ? sender_info[:ip] : DEFAULT_METADATA
|
202
224
|
end
|
203
225
|
message << "src=#{ src }"
|
204
|
-
message << "port=#{ sender_info
|
226
|
+
message << "port=#{ sender_info[:port] }"
|
205
227
|
end
|
206
228
|
|
207
229
|
def extract_ip_address
|
@@ -216,9 +238,17 @@ module Contrast
|
|
216
238
|
end
|
217
239
|
|
218
240
|
def extract_sender_ip
|
219
|
-
request_headers = context.activity.
|
241
|
+
request_headers = context.activity.request.headers&.transform_keys(&:to_s)
|
220
242
|
request_headers['X-Forwarded-For']
|
221
243
|
end
|
244
|
+
|
245
|
+
def assign_request_method context
|
246
|
+
if context.request.rack_request.env['REQUEST_METHOD'].length.positive?
|
247
|
+
context.request.rack_request.env['REQUEST_METHOD']
|
248
|
+
else
|
249
|
+
DEFAULT_METADATA
|
250
|
+
end
|
251
|
+
end
|
222
252
|
end
|
223
253
|
end
|
224
254
|
end
|
@@ -26,10 +26,10 @@ module Contrast
|
|
26
26
|
return unless url
|
27
27
|
|
28
28
|
addr = URI(url)
|
29
|
-
# the proxy is enabled only if there is provided url even if the enable is set to true
|
30
29
|
return if addr.host.nil? || addr.port.nil?
|
31
|
-
return if addr.scheme != 'https' && !addr.host.to_s.include?('localhost')
|
30
|
+
return if addr.scheme != 'https' && !addr.host.to_s.include?('localhost')
|
32
31
|
|
32
|
+
# the proxy is enabled only if there is provided url even if the enable is set to true
|
33
33
|
proxy_addr = URI(Contrast::API.proxy_url) if proxy_enabled?
|
34
34
|
net_http_client = initialize_client(addr, proxy_addr, use_proxy, use_custom_cert)
|
35
35
|
return if net_http_client.nil?
|
@@ -38,7 +38,7 @@ module Contrast
|
|
38
38
|
return unless net_http_client.started?
|
39
39
|
|
40
40
|
logger.debug("Starting #{ service_name } connection test")
|
41
|
-
return unless connection_verified?(net_http_client)
|
41
|
+
return unless connection_verified?(net_http_client, url)
|
42
42
|
|
43
43
|
logger.debug('Client verified', service: service_name, url: url)
|
44
44
|
net_http_client
|
@@ -49,18 +49,17 @@ module Contrast
|
|
49
49
|
|
50
50
|
# Validates connection with assigned domain.
|
51
51
|
# If connection is running, SSL certificate of the endpoint is valid, Ip address is resolvable
|
52
|
-
# and response is received without peer's reset or refuse of connection,
|
53
|
-
# then validation returns true. Error handling is in place so that the work of the agent will continue as
|
54
|
-
# normal without Telemetry.
|
52
|
+
# and response is received without peer's reset or refuse of connection, then validation returns true.
|
55
53
|
#
|
56
54
|
# @param client [Net::HTTP]
|
55
|
+
# @param url [String]
|
57
56
|
# @return [Boolean] true | false
|
58
|
-
def connection_verified? client
|
57
|
+
def connection_verified? client, url
|
59
58
|
return @_connection_verified unless @_connection_verified.nil?
|
60
59
|
return false if client.nil?
|
61
60
|
|
62
61
|
ipaddr = get_ipaddr(client)
|
63
|
-
response = client.request(Net::HTTP::Get.new(
|
62
|
+
response = client.request(Net::HTTP::Get.new(url))
|
64
63
|
verify_cert = client.address.to_s.include?('localhost') ||
|
65
64
|
OpenSSL::SSL.verify_certificate_identity(client.peer_cert, client.address)
|
66
65
|
resolved = resolved?(client.address, ipaddr)
|
@@ -117,7 +117,8 @@ module Contrast
|
|
117
117
|
return ret if current_context && !current_context.analyze_request?
|
118
118
|
|
119
119
|
trigger_node = method_policy.trigger_node
|
120
|
-
|
120
|
+
|
121
|
+
if trigger_node && !trigger_node.nil?
|
121
122
|
Contrast::Agent::Assess::Policy::TriggerMethod.apply_trigger_rule(trigger_node, object, ret, args)
|
122
123
|
end
|
123
124
|
if method_policy.source_node
|
@@ -135,7 +136,7 @@ module Contrast
|
|
135
136
|
rescue StandardError => e
|
136
137
|
logger.error('Unable to assess method call.', e)
|
137
138
|
rescue Exception => e # rubocop:disable Lint/RescueException
|
138
|
-
logger.error('Unable to assess method call.', e)
|
139
|
+
logger.error('Unable to assess method call due to exception.', e)
|
139
140
|
raise(e)
|
140
141
|
ensure
|
141
142
|
ret.rewind if Contrast::Utils::IOUtil.should_rewind?(ret)
|
@@ -50,31 +50,6 @@ module Contrast
|
|
50
50
|
build_protect_stack(Contrast::Agent::Reporting::ApplicationDefendAttackSampleStack)
|
51
51
|
end
|
52
52
|
|
53
|
-
# Translate a caller array to an array of TraceStacks for TeamServer to
|
54
|
-
# display, excluding any Contrast code found.
|
55
|
-
#
|
56
|
-
# @param stack [Array<String>] the output of Kernel.caller
|
57
|
-
# @return [Array<Contrast::Api::Dtm::TraceStack]
|
58
|
-
def build_assess_stack_array stack
|
59
|
-
converted = []
|
60
|
-
return converted unless stack
|
61
|
-
|
62
|
-
i = 0
|
63
|
-
while i < stack.length
|
64
|
-
caller_location = stack[i]
|
65
|
-
i += 1
|
66
|
-
next if caller_location.include?(AGENT_CLASS_MARKER)
|
67
|
-
|
68
|
-
# To play nice with the way that TeamServer is rendering these
|
69
|
-
# values, we only populate the file_name field with exactly what we
|
70
|
-
# want them to display
|
71
|
-
element = Contrast::Api::Dtm::TraceStack.new
|
72
|
-
element.file_name = caller_location
|
73
|
-
converted << element
|
74
|
-
end
|
75
|
-
converted
|
76
|
-
end
|
77
|
-
|
78
53
|
private
|
79
54
|
|
80
55
|
def reject_caller_entries stack
|
@@ -37,12 +37,21 @@ module Contrast
|
|
37
37
|
end
|
38
38
|
|
39
39
|
# Truncate a string to 255 characters max length
|
40
|
+
#
|
41
|
+
# @param str [String] the string tt truncate
|
42
|
+
# @param default [String] what to default to
|
43
|
+
# @return [String]
|
40
44
|
def truncate str, default = Contrast::Utils::ObjectShare::EMPTY_STRING
|
41
45
|
return default if str.nil?
|
42
46
|
|
43
47
|
str.to_s[0..255]
|
44
48
|
end
|
45
49
|
|
50
|
+
# Cast the given object, which should be a String, into a UTF-8 String for reporting. All given objects will be
|
51
|
+
# cast to their to_s form, except nil which will become the ObjectShare::EMPTY_STRING, and then cast.
|
52
|
+
#
|
53
|
+
# @param str [String, Object, nil]
|
54
|
+
# @return [String]
|
46
55
|
def force_utf8 str
|
47
56
|
return Contrast::Utils::ObjectShare::EMPTY_STRING unless str
|
48
57
|
|
@@ -34,18 +34,12 @@ module Contrast
|
|
34
34
|
def build_request event
|
35
35
|
return unless valid_event?(event)
|
36
36
|
|
37
|
-
string_body = if event.cs__is_a?(Contrast::Agent::Telemetry::TelemetryException::Event)
|
38
|
-
[event.to_controlled_hash]
|
39
|
-
else
|
40
|
-
[event.to_hash]
|
41
|
-
end
|
42
|
-
|
43
37
|
header = {
|
44
38
|
'User-Agent' => "<#{ Contrast::Utils::ObjectShare::RUBY }>-<#{ Contrast::Agent::VERSION }>",
|
45
39
|
'Content-Type' => 'application/json'
|
46
40
|
}
|
47
41
|
request = Net::HTTP::Post.new(build_path(event), header)
|
48
|
-
request.body =
|
42
|
+
request.body = get_event_json(event)
|
49
43
|
request
|
50
44
|
end
|
51
45
|
|
@@ -97,6 +91,18 @@ module Contrast
|
|
97
91
|
path = endpoint == EXCEPTIONS ? Contrast::Agent::Telemetry::TelemetryException::Event.path : event.path
|
98
92
|
"#{ Contrast::Agent::Telemetry::Base::URL }#{ endpoint }#{ path }"
|
99
93
|
end
|
94
|
+
|
95
|
+
# Helper Method to get json representation of Telemetry Event data, handles error on to_json
|
96
|
+
#
|
97
|
+
# @param event [Contrast::Agent::Telemetry::Event, Array<Contrast::Agent::Telemetry::TelemetryException::Event>]
|
98
|
+
# @return [String] - JSON
|
99
|
+
def get_event_json event
|
100
|
+
hsh = [event.to_controlled_hash]
|
101
|
+
hsh.to_json
|
102
|
+
rescue Exception => e # rubocop:disable Lint/RescueException
|
103
|
+
logger.error('Unable to convert TelemetryEvent to JSON string', e, hsh)
|
104
|
+
raise(e)
|
105
|
+
end
|
100
106
|
end
|
101
107
|
end
|
102
108
|
end
|
data/lib/contrast.rb
CHANGED
@@ -53,13 +53,9 @@ if RUBY_VERSION >= '3.0.0' && RUBY_VERSION < '3.1.0'
|
|
53
53
|
end
|
54
54
|
end
|
55
55
|
|
56
|
-
require 'contrast/components/agent'
|
57
|
-
require 'contrast/components/api'
|
58
|
-
require 'contrast/components/app_context'
|
59
56
|
require 'contrast/components/assess'
|
60
57
|
require 'contrast/components/config'
|
61
58
|
require 'contrast/components/contrast_service'
|
62
|
-
require 'contrast/components/inventory'
|
63
59
|
require 'contrast/components/logger'
|
64
60
|
require 'contrast/components/protect'
|
65
61
|
require 'contrast/components/sampling'
|
@@ -73,15 +69,15 @@ require 'protobuf' # TODO: RUBY-1438
|
|
73
69
|
module Contrast
|
74
70
|
CONFIG = Contrast::Components::Config::Interface.new
|
75
71
|
SCOPE = Contrast::Components::Scope::Interface.new
|
76
|
-
API = CONFIG.
|
72
|
+
API = CONFIG.api
|
77
73
|
SETTINGS = Contrast::Components::Settings::Interface.new
|
78
|
-
ASSESS =
|
74
|
+
ASSESS = CONFIG.assess
|
79
75
|
PROTECT = Contrast::Components::Protect::Interface.new
|
80
|
-
INVENTORY = CONFIG.
|
81
|
-
AGENT = CONFIG.
|
76
|
+
INVENTORY = CONFIG.inventory
|
77
|
+
AGENT = CONFIG.agent
|
82
78
|
LOGGER = AGENT.logger
|
83
79
|
CONTRAST_SERVICE = Contrast::Components::ContrastService::Interface.new
|
84
|
-
APP_CONTEXT = CONFIG.
|
80
|
+
APP_CONTEXT = CONFIG.application
|
85
81
|
end
|
86
82
|
|
87
83
|
module Contrast
|
@@ -95,7 +91,6 @@ require 'contrast/agent/version'
|
|
95
91
|
|
96
92
|
# shared utils
|
97
93
|
require 'contrast/utils/timer'
|
98
|
-
require 'contrast/utils/preflight_util'
|
99
94
|
|
100
95
|
require 'contrast/utils/assess/sampling_util'
|
101
96
|
require 'contrast/agent'
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: contrast-agent
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 6.
|
4
|
+
version: 6.7.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- galen.palmer@contrastsecurity.com
|
@@ -13,7 +13,7 @@ authors:
|
|
13
13
|
autorequire:
|
14
14
|
bindir: exe
|
15
15
|
cert_chain: []
|
16
|
-
date: 2022-
|
16
|
+
date: 2022-08-31 00:00:00.000000000 Z
|
17
17
|
dependencies:
|
18
18
|
- !ruby/object:Gem::Dependency
|
19
19
|
name: bundler
|
@@ -665,22 +665,22 @@ executables:
|
|
665
665
|
- contrast_service
|
666
666
|
extensions:
|
667
667
|
- ext/cs__common/extconf.rb
|
668
|
-
- ext/cs__tests/extconf.rb
|
669
|
-
- ext/cs__assess_module/extconf.rb
|
670
|
-
- ext/cs__assess_array/extconf.rb
|
671
668
|
- ext/cs__assess_hash/extconf.rb
|
672
669
|
- ext/cs__assess_basic_object/extconf.rb
|
673
|
-
- ext/cs__assess_regexp/extconf.rb
|
674
|
-
- ext/cs__os_information/extconf.rb
|
675
|
-
- ext/cs__assess_test/extconf.rb
|
676
670
|
- ext/cs__assess_string/extconf.rb
|
677
|
-
- ext/
|
671
|
+
- ext/cs__assess_regexp/extconf.rb
|
672
|
+
- ext/cs__assess_yield_track/extconf.rb
|
678
673
|
- ext/cs__assess_string_interpolation/extconf.rb
|
679
674
|
- ext/cs__scope/extconf.rb
|
675
|
+
- ext/cs__contrast_patch/extconf.rb
|
676
|
+
- ext/cs__assess_module/extconf.rb
|
677
|
+
- ext/cs__assess_kernel/extconf.rb
|
680
678
|
- ext/cs__assess_marshal_module/extconf.rb
|
679
|
+
- ext/cs__assess_test/extconf.rb
|
680
|
+
- ext/cs__os_information/extconf.rb
|
681
|
+
- ext/cs__assess_array/extconf.rb
|
682
|
+
- ext/cs__tests/extconf.rb
|
681
683
|
- ext/cs__assess_fiber_track/extconf.rb
|
682
|
-
- ext/cs__assess_yield_track/extconf.rb
|
683
|
-
- ext/cs__assess_kernel/extconf.rb
|
684
684
|
extra_rdoc_files: []
|
685
685
|
files:
|
686
686
|
- ".clang-format"
|
@@ -960,6 +960,7 @@ files:
|
|
960
960
|
- lib/contrast/agent/deadzone/policy/deadzone_node.rb
|
961
961
|
- lib/contrast/agent/deadzone/policy/policy.rb
|
962
962
|
- lib/contrast/agent/disable_reaction.rb
|
963
|
+
- lib/contrast/agent/excluder.rb
|
963
964
|
- lib/contrast/agent/exclusion_matcher.rb
|
964
965
|
- lib/contrast/agent/inventory.rb
|
965
966
|
- lib/contrast/agent/inventory/database_config.rb
|
@@ -997,6 +998,8 @@ files:
|
|
997
998
|
- lib/contrast/agent/protect/rule/base.rb
|
998
999
|
- lib/contrast/agent/protect/rule/base_service.rb
|
999
1000
|
- lib/contrast/agent/protect/rule/cmd_injection.rb
|
1001
|
+
- lib/contrast/agent/protect/rule/cmdi/cmdi_backdoors.rb
|
1002
|
+
- lib/contrast/agent/protect/rule/cmdi/cmdi_base_rule.rb
|
1000
1003
|
- lib/contrast/agent/protect/rule/cmdi/cmdi_input_classification.rb
|
1001
1004
|
- lib/contrast/agent/protect/rule/cmdi/cmdi_worth_watching.rb
|
1002
1005
|
- lib/contrast/agent/protect/rule/default_scanner.rb
|
@@ -1012,7 +1015,9 @@ files:
|
|
1012
1015
|
- lib/contrast/agent/protect/rule/sqli/default_sql_scanner.rb
|
1013
1016
|
- lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
|
1014
1017
|
- lib/contrast/agent/protect/rule/sqli/postgres_sql_scanner.rb
|
1018
|
+
- lib/contrast/agent/protect/rule/sqli/sqli_base_rule.rb
|
1015
1019
|
- lib/contrast/agent/protect/rule/sqli/sqli_input_classification.rb
|
1020
|
+
- lib/contrast/agent/protect/rule/sqli/sqli_semantic/sqli_dangerous_functions.rb
|
1016
1021
|
- lib/contrast/agent/protect/rule/sqli/sqli_worth_watching.rb
|
1017
1022
|
- lib/contrast/agent/protect/rule/sqli/sqlite_sql_scanner.rb
|
1018
1023
|
- lib/contrast/agent/protect/rule/unsafe_file_upload.rb
|
@@ -1026,6 +1031,24 @@ files:
|
|
1026
1031
|
- lib/contrast/agent/reporting/attack_result/rasp_rule_sample.rb
|
1027
1032
|
- lib/contrast/agent/reporting/attack_result/response_type.rb
|
1028
1033
|
- lib/contrast/agent/reporting/attack_result/user_input.rb
|
1034
|
+
- lib/contrast/agent/reporting/details/bot_blocker_details.rb
|
1035
|
+
- lib/contrast/agent/reporting/details/cmd_injection_details.rb
|
1036
|
+
- lib/contrast/agent/reporting/details/details.rb
|
1037
|
+
- lib/contrast/agent/reporting/details/http_method_tempering_details.rb
|
1038
|
+
- lib/contrast/agent/reporting/details/ip_denylist_details.rb
|
1039
|
+
- lib/contrast/agent/reporting/details/no_sqli_details.rb
|
1040
|
+
- lib/contrast/agent/reporting/details/path_traversal_details.rb
|
1041
|
+
- lib/contrast/agent/reporting/details/path_traversal_semantic_analysis_details.rb
|
1042
|
+
- lib/contrast/agent/reporting/details/protect_rule_details.rb
|
1043
|
+
- lib/contrast/agent/reporting/details/sqli_dangerous_functions.rb
|
1044
|
+
- lib/contrast/agent/reporting/details/sqli_details.rb
|
1045
|
+
- lib/contrast/agent/reporting/details/untrusted_deserialization_details.rb
|
1046
|
+
- lib/contrast/agent/reporting/details/virtual_patch_details.rb
|
1047
|
+
- lib/contrast/agent/reporting/details/xss_details.rb
|
1048
|
+
- lib/contrast/agent/reporting/details/xss_match.rb
|
1049
|
+
- lib/contrast/agent/reporting/details/xxe_details.rb
|
1050
|
+
- lib/contrast/agent/reporting/details/xxe_match.rb
|
1051
|
+
- lib/contrast/agent/reporting/details/xxe_wrapper.rb
|
1029
1052
|
- lib/contrast/agent/reporting/input_analysis/input_analysis.rb
|
1030
1053
|
- lib/contrast/agent/reporting/input_analysis/input_analysis_result.rb
|
1031
1054
|
- lib/contrast/agent/reporting/input_analysis/input_type.rb
|
@@ -1060,6 +1083,7 @@ files:
|
|
1060
1083
|
- lib/contrast/agent/reporting/reporting_events/finding_event_source.rb
|
1061
1084
|
- lib/contrast/agent/reporting/reporting_events/finding_event_stack.rb
|
1062
1085
|
- lib/contrast/agent/reporting/reporting_events/finding_event_taint_range.rb
|
1086
|
+
- lib/contrast/agent/reporting/reporting_events/finding_event_taint_range_tags.rb
|
1063
1087
|
- lib/contrast/agent/reporting/reporting_events/finding_request.rb
|
1064
1088
|
- lib/contrast/agent/reporting/reporting_events/library_discovery.rb
|
1065
1089
|
- lib/contrast/agent/reporting/reporting_events/library_usage_observation.rb
|
@@ -1074,10 +1098,8 @@ files:
|
|
1074
1098
|
- lib/contrast/agent/reporting/reporting_events/route_discovery_observation.rb
|
1075
1099
|
- lib/contrast/agent/reporting/reporting_events/server_activity.rb
|
1076
1100
|
- lib/contrast/agent/reporting/reporting_events/server_reporting_event.rb
|
1077
|
-
- lib/contrast/agent/reporting/reporting_events/trace_event_source.rb
|
1078
1101
|
- lib/contrast/agent/reporting/reporting_utilities/audit.rb
|
1079
1102
|
- lib/contrast/agent/reporting/reporting_utilities/build_preflight.rb
|
1080
|
-
- lib/contrast/agent/reporting/reporting_utilities/dtm_message.rb
|
1081
1103
|
- lib/contrast/agent/reporting/reporting_utilities/endpoints.rb
|
1082
1104
|
- lib/contrast/agent/reporting/reporting_utilities/headers.rb
|
1083
1105
|
- lib/contrast/agent/reporting/reporting_utilities/reporter_client.rb
|
@@ -1150,14 +1172,11 @@ files:
|
|
1150
1172
|
- lib/contrast/api/communication/tcp_socket.rb
|
1151
1173
|
- lib/contrast/api/communication/unix_socket.rb
|
1152
1174
|
- lib/contrast/api/decorators.rb
|
1153
|
-
- lib/contrast/api/decorators/activity.rb
|
1154
1175
|
- lib/contrast/api/decorators/address.rb
|
1155
1176
|
- lib/contrast/api/decorators/agent_startup.rb
|
1156
1177
|
- lib/contrast/api/decorators/application_settings.rb
|
1157
1178
|
- lib/contrast/api/decorators/application_startup.rb
|
1158
|
-
- lib/contrast/api/decorators/architecture_component.rb
|
1159
1179
|
- lib/contrast/api/decorators/bot_blocker.rb
|
1160
|
-
- lib/contrast/api/decorators/finding.rb
|
1161
1180
|
- lib/contrast/api/decorators/http_request.rb
|
1162
1181
|
- lib/contrast/api/decorators/input_analysis.rb
|
1163
1182
|
- lib/contrast/api/decorators/instrumentation_mode.rb
|
@@ -1165,13 +1184,7 @@ files:
|
|
1165
1184
|
- lib/contrast/api/decorators/message.rb
|
1166
1185
|
- lib/contrast/api/decorators/rasp_rule_sample.rb
|
1167
1186
|
- lib/contrast/api/decorators/response_type.rb
|
1168
|
-
- lib/contrast/api/decorators/route_coverage.rb
|
1169
1187
|
- lib/contrast/api/decorators/server_features.rb
|
1170
|
-
- lib/contrast/api/decorators/trace_event.rb
|
1171
|
-
- lib/contrast/api/decorators/trace_event_object.rb
|
1172
|
-
- lib/contrast/api/decorators/trace_event_signature.rb
|
1173
|
-
- lib/contrast/api/decorators/trace_taint_range.rb
|
1174
|
-
- lib/contrast/api/decorators/trace_taint_range_tags.rb
|
1175
1188
|
- lib/contrast/api/decorators/user_input.rb
|
1176
1189
|
- lib/contrast/api/decorators/virtual_patch.rb
|
1177
1190
|
- lib/contrast/api/dtm.pb.rb
|
@@ -1181,6 +1194,7 @@ files:
|
|
1181
1194
|
- lib/contrast/components/app_context.rb
|
1182
1195
|
- lib/contrast/components/app_context_extend.rb
|
1183
1196
|
- lib/contrast/components/assess.rb
|
1197
|
+
- lib/contrast/components/assess_rules.rb
|
1184
1198
|
- lib/contrast/components/base.rb
|
1185
1199
|
- lib/contrast/components/config.rb
|
1186
1200
|
- lib/contrast/components/contrast_service.rb
|
@@ -1188,13 +1202,14 @@ files:
|
|
1188
1202
|
- lib/contrast/components/inventory.rb
|
1189
1203
|
- lib/contrast/components/logger.rb
|
1190
1204
|
- lib/contrast/components/protect.rb
|
1205
|
+
- lib/contrast/components/ruby_component.rb
|
1191
1206
|
- lib/contrast/components/sampling.rb
|
1192
1207
|
- lib/contrast/components/scope.rb
|
1208
|
+
- lib/contrast/components/security_logger.rb
|
1209
|
+
- lib/contrast/components/service.rb
|
1193
1210
|
- lib/contrast/components/settings.rb
|
1194
1211
|
- lib/contrast/config.rb
|
1195
1212
|
- lib/contrast/config/api_proxy_configuration.rb
|
1196
|
-
- lib/contrast/config/assess_configuration.rb
|
1197
|
-
- lib/contrast/config/assess_rules_configuration.rb
|
1198
1213
|
- lib/contrast/config/base_configuration.rb
|
1199
1214
|
- lib/contrast/config/certification_configuration.rb
|
1200
1215
|
- lib/contrast/config/env_variables.rb
|
@@ -1202,10 +1217,7 @@ files:
|
|
1202
1217
|
- lib/contrast/config/protect_rule_configuration.rb
|
1203
1218
|
- lib/contrast/config/protect_rules_configuration.rb
|
1204
1219
|
- lib/contrast/config/request_audit_configuration.rb
|
1205
|
-
- lib/contrast/config/root_configuration.rb
|
1206
|
-
- lib/contrast/config/ruby_configuration.rb
|
1207
1220
|
- lib/contrast/config/server_configuration.rb
|
1208
|
-
- lib/contrast/config/service_configuration.rb
|
1209
1221
|
- lib/contrast/configuration.rb
|
1210
1222
|
- lib/contrast/extension/assess.rb
|
1211
1223
|
- lib/contrast/extension/assess/array.rb
|
@@ -1281,7 +1293,6 @@ files:
|
|
1281
1293
|
- lib/contrast/utils/os.rb
|
1282
1294
|
- lib/contrast/utils/patching/policy/patch_utils.rb
|
1283
1295
|
- lib/contrast/utils/patching/policy/patcher_utils.rb
|
1284
|
-
- lib/contrast/utils/preflight_util.rb
|
1285
1296
|
- lib/contrast/utils/request_utils.rb
|
1286
1297
|
- lib/contrast/utils/resource_loader.rb
|
1287
1298
|
- lib/contrast/utils/response_utils.rb
|
@@ -1,30 +0,0 @@
|
|
1
|
-
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
-
# frozen_string_literal: true
|
3
|
-
|
4
|
-
require 'json'
|
5
|
-
require 'contrast/components/logger'
|
6
|
-
require 'contrast/utils/object_share'
|
7
|
-
|
8
|
-
module Contrast
|
9
|
-
module Agent
|
10
|
-
module Reporting
|
11
|
-
# This is the new Trace Event Source class which will include all the needed information for the new reporting
|
12
|
-
# system to relay this information in the Route Observation messages.
|
13
|
-
class TraceEventSource
|
14
|
-
attr_accessor :name, :type
|
15
|
-
|
16
|
-
def initialize
|
17
|
-
@name = Contrast::Utils::ObjectShare::EMPTY_STRING
|
18
|
-
@type = Contrast::Utils::ObjectShare::EMPTY_STRING
|
19
|
-
end
|
20
|
-
|
21
|
-
def to_controlled_hash
|
22
|
-
{
|
23
|
-
name: @name,
|
24
|
-
type: @type
|
25
|
-
}
|
26
|
-
end
|
27
|
-
end
|
28
|
-
end
|
29
|
-
end
|
30
|
-
end
|
@@ -1,43 +0,0 @@
|
|
1
|
-
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
-
# frozen_string_literal: true
|
3
|
-
|
4
|
-
require 'contrast/agent/reporting/reporting_events/application_activity'
|
5
|
-
require 'contrast/api/dtm.pb'
|
6
|
-
|
7
|
-
module Contrast
|
8
|
-
module Agent
|
9
|
-
module Reporting
|
10
|
-
# Util module for checking DTM message type. It temporarily allows for the conversion from a DTM to an
|
11
|
-
# EventReport.
|
12
|
-
# TODO: RUBY-1438 -- remove
|
13
|
-
module DtmMessage
|
14
|
-
class << self
|
15
|
-
# @param dtm [Contrast::Api::Dtm::Finding,Object]
|
16
|
-
# @return [Boolean]
|
17
|
-
def finding? dtm
|
18
|
-
dtm.cs__is_a?(Contrast::Api::Dtm::Finding)
|
19
|
-
end
|
20
|
-
|
21
|
-
# @param dtm [Contrast::Api::Dtm::Finding,Object]
|
22
|
-
# @return [Boolean]
|
23
|
-
def activity? dtm
|
24
|
-
dtm.cs__is_a?(Contrast::Api::Dtm::Activity)
|
25
|
-
end
|
26
|
-
|
27
|
-
# Converts DTM message to Reporting Event for those messages that have conversion methods crated. We use this
|
28
|
-
# as we work to move away from requiring the Service.
|
29
|
-
#
|
30
|
-
# @param dtm [Contrast::Api::Dtm]
|
31
|
-
# @return event [Contrast::Agent::Reporting::ReportingEvent, nil]
|
32
|
-
def dtm_to_event dtm
|
33
|
-
# For the others, we convert them.
|
34
|
-
return Contrast::Agent::Reporting::Finding.convert(dtm) if finding?(dtm)
|
35
|
-
return Contrast::Agent::Reporting::ApplicationActivity.convert(dtm) if activity?(dtm)
|
36
|
-
|
37
|
-
nil
|
38
|
-
end
|
39
|
-
end
|
40
|
-
end
|
41
|
-
end
|
42
|
-
end
|
43
|
-
end
|
@@ -1,33 +0,0 @@
|
|
1
|
-
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
-
# frozen_string_literal: true
|
3
|
-
|
4
|
-
require 'contrast/utils/string_utils'
|
5
|
-
|
6
|
-
module Contrast
|
7
|
-
module Api
|
8
|
-
module Decorators
|
9
|
-
# Used to decorate the {Contrast::Api::Dtm::Activity} protobuf model
|
10
|
-
# to handle conversion between framework route classes and the dtm.
|
11
|
-
module Activity
|
12
|
-
def self.included klass
|
13
|
-
klass.extend(ClassMethods)
|
14
|
-
end
|
15
|
-
|
16
|
-
# Class methods for Activity
|
17
|
-
module ClassMethods
|
18
|
-
def source_or_string obj
|
19
|
-
if obj.cs__is_a?(Regexp)
|
20
|
-
obj.source
|
21
|
-
elsif obj.cs__respond_to?(:safe_string)
|
22
|
-
obj.safe_string
|
23
|
-
else
|
24
|
-
obj.to_s
|
25
|
-
end
|
26
|
-
end
|
27
|
-
end
|
28
|
-
end
|
29
|
-
end
|
30
|
-
end
|
31
|
-
end
|
32
|
-
|
33
|
-
Contrast::Api::Dtm::Activity.include(Contrast::Api::Decorators::Activity)
|