contrast-agent 6.7.0 → 6.9.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +0 -2
- data/.simplecov +0 -1
- data/Rakefile +0 -1
- data/ext/cs__assess_array/cs__assess_array.c +41 -10
- data/ext/cs__assess_array/cs__assess_array.h +4 -1
- data/lib/contrast/agent/assess/policy/trigger_method.rb +3 -3
- data/lib/contrast/agent/assess/policy/trigger_validation/redos_validator.rb +1 -1
- data/lib/contrast/agent/assess/policy/trigger_validation/ssrf_validator.rb +1 -1
- data/lib/contrast/agent/assess/policy/trigger_validation/xss_validator.rb +1 -1
- data/lib/contrast/agent/assess/property/evented.rb +11 -11
- data/lib/contrast/agent/assess.rb +0 -1
- data/lib/contrast/agent/excluder.rb +53 -35
- data/lib/contrast/agent/exclusion_matcher.rb +21 -9
- data/lib/contrast/agent/middleware.rb +12 -6
- data/lib/contrast/agent/patching/policy/after_load_patcher.rb +6 -0
- data/lib/contrast/agent/protect/input_analyzer/input_analyzer.rb +146 -127
- data/lib/contrast/agent/protect/input_analyzer/worth_watching_analyzer.rb +116 -0
- data/lib/contrast/agent/protect/policy/applies_path_traversal_rule.rb +20 -0
- data/lib/contrast/agent/protect/policy/rule_applicator.rb +1 -1
- data/lib/contrast/agent/protect/rule/base.rb +47 -55
- data/lib/contrast/agent/protect/rule/base_service.rb +48 -24
- data/lib/contrast/agent/protect/rule/bot_blocker/bot_blocker_input_classification.rb +98 -0
- data/lib/contrast/agent/protect/rule/bot_blocker.rb +81 -0
- data/lib/contrast/agent/protect/rule/cmd_injection.rb +20 -2
- data/lib/contrast/agent/protect/rule/cmdi/cmdi_backdoors.rb +8 -5
- data/lib/contrast/agent/protect/rule/cmdi/cmdi_base_rule.rb +22 -22
- data/lib/contrast/agent/protect/rule/cmdi/cmdi_chained_command.rb +64 -0
- data/lib/contrast/agent/protect/rule/cmdi/cmdi_dangerous_path.rb +63 -0
- data/lib/contrast/agent/protect/rule/cmdi/cmdi_input_classification.rb +2 -58
- data/lib/contrast/agent/protect/rule/default_scanner.rb +1 -1
- data/lib/contrast/agent/protect/rule/deserialization.rb +3 -14
- data/lib/contrast/agent/protect/rule/http_method_tampering/http_method_tampering_input_classification.rb +2 -2
- data/lib/contrast/agent/protect/rule/http_method_tampering.rb +0 -11
- data/lib/contrast/agent/protect/rule/no_sqli/no_sqli_input_classification.rb +29 -34
- data/lib/contrast/agent/protect/rule/no_sqli.rb +25 -18
- data/lib/contrast/agent/protect/rule/path_traversal/path_traversal_input_classification.rb +61 -0
- data/lib/contrast/agent/protect/rule/path_traversal/path_traversal_semantic_security_bypass.rb +114 -0
- data/lib/contrast/agent/protect/rule/path_traversal.rb +40 -13
- data/lib/contrast/agent/protect/rule/sql_sample_builder.rb +33 -15
- data/lib/contrast/agent/protect/rule/sqli/sqli_base_rule.rb +0 -14
- data/lib/contrast/agent/protect/rule/sqli/sqli_input_classification.rb +2 -62
- data/lib/contrast/agent/protect/rule/sqli.rb +74 -3
- data/lib/contrast/agent/protect/rule/unsafe_file_upload/unsafe_file_upload_input_classification.rb +39 -63
- data/lib/contrast/agent/protect/rule/unsafe_file_upload.rb +6 -33
- data/lib/contrast/agent/protect/rule/xss/reflected_xss_input_classification.rb +58 -0
- data/lib/contrast/agent/protect/rule/xss.rb +15 -20
- data/lib/contrast/agent/protect/rule/xxe.rb +4 -24
- data/lib/contrast/agent/reporting/attack_result/rasp_rule_sample.rb +19 -40
- data/lib/contrast/agent/reporting/attack_result/response_type.rb +9 -9
- data/lib/contrast/agent/reporting/details/ip_denylist_details.rb +10 -2
- data/lib/contrast/agent/reporting/details/virtual_patch_details.rb +8 -2
- data/lib/contrast/agent/reporting/input_analysis/details/bot_blocker_details.rb +27 -0
- data/lib/contrast/agent/reporting/input_analysis/details/protect_rule_details.rb +15 -0
- data/lib/contrast/agent/reporting/input_analysis/input_analysis.rb +1 -2
- data/lib/contrast/agent/reporting/input_analysis/input_analysis_result.rb +16 -2
- data/lib/contrast/agent/reporting/masker/masker.rb +2 -0
- data/lib/contrast/agent/reporting/report.rb +1 -0
- data/lib/contrast/agent/reporting/reporter.rb +35 -14
- data/lib/contrast/agent/reporting/reporter_heartbeat.rb +3 -9
- data/lib/contrast/agent/reporting/reporting_events/application_activity.rb +16 -13
- data/lib/contrast/agent/reporting/reporting_events/application_defend_activity.rb +12 -7
- data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_activity.rb +3 -3
- data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample.rb +1 -2
- data/lib/contrast/agent/reporting/reporting_events/application_inventory_activity.rb +6 -1
- data/lib/contrast/agent/reporting/reporting_events/application_update.rb +0 -2
- data/lib/contrast/agent/reporting/reporting_events/architecture_component.rb +0 -1
- data/lib/contrast/agent/reporting/reporting_events/finding.rb +6 -6
- data/lib/contrast/agent/reporting/reporting_events/finding_event.rb +239 -93
- data/lib/contrast/agent/reporting/reporting_events/finding_event_signature.rb +10 -23
- data/lib/contrast/agent/reporting/reporting_events/finding_event_source.rb +10 -9
- data/lib/contrast/agent/reporting/reporting_events/finding_request.rb +0 -5
- data/lib/contrast/agent/reporting/reporting_events/library_discovery.rb +0 -1
- data/lib/contrast/agent/reporting/reporting_events/observed_route.rb +12 -0
- data/lib/contrast/agent/reporting/reporting_events/poll.rb +1 -11
- data/lib/contrast/agent/reporting/reporting_events/route_discovery.rb +0 -1
- data/lib/contrast/agent/reporting/reporting_events/route_discovery_observation.rb +0 -1
- data/lib/contrast/agent/reporting/reporting_events/server_reporting_event.rb +8 -0
- data/lib/contrast/agent/reporting/reporting_events/server_settings.rb +40 -0
- data/lib/contrast/agent/reporting/reporting_utilities/audit.rb +2 -2
- data/lib/contrast/agent/reporting/reporting_utilities/endpoints.rb +6 -0
- data/lib/contrast/agent/reporting/reporting_utilities/reporter_client.rb +43 -1
- data/lib/contrast/agent/reporting/reporting_utilities/reporter_client_utils.rb +8 -4
- data/lib/contrast/agent/reporting/reporting_utilities/response.rb +1 -1
- data/lib/contrast/agent/reporting/reporting_utilities/response_extractor.rb +58 -4
- data/lib/contrast/agent/reporting/reporting_utilities/response_handler.rb +4 -6
- data/lib/contrast/agent/reporting/reporting_utilities/response_handler_utils.rb +77 -16
- data/lib/contrast/agent/reporting/server_settings_worker.rb +44 -0
- data/lib/contrast/agent/reporting/settings/assess_server_feature.rb +14 -2
- data/lib/contrast/agent/reporting/settings/code_exclusion.rb +6 -1
- data/lib/contrast/agent/reporting/settings/exclusion_base.rb +18 -0
- data/lib/contrast/agent/reporting/settings/exclusions.rb +2 -1
- data/lib/contrast/agent/reporting/settings/helpers.rb +7 -0
- data/lib/contrast/agent/reporting/settings/input_exclusion.rb +9 -3
- data/lib/contrast/agent/reporting/settings/protect.rb +15 -15
- data/lib/contrast/agent/reporting/settings/protect_server_feature.rb +39 -2
- data/lib/contrast/agent/reporting/settings/rule_definition.rb +3 -0
- data/lib/contrast/agent/reporting/settings/security_logger.rb +77 -0
- data/lib/contrast/agent/reporting/settings/server_features.rb +9 -0
- data/lib/contrast/agent/reporting/settings/syslog.rb +34 -5
- data/lib/contrast/agent/request.rb +3 -14
- data/lib/contrast/agent/request_context.rb +6 -9
- data/lib/contrast/agent/request_context_extend.rb +9 -148
- data/lib/contrast/agent/request_handler.rb +5 -10
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_event.rb +1 -1
- data/lib/contrast/agent/thread_watcher.rb +37 -18
- data/lib/contrast/agent/version.rb +1 -1
- data/lib/contrast/agent.rb +6 -11
- data/lib/contrast/agent_lib/api/command_injection.rb +46 -0
- data/lib/contrast/agent_lib/api/init.rb +101 -0
- data/lib/contrast/agent_lib/api/input_tracing.rb +267 -0
- data/lib/contrast/agent_lib/api/method_tempering.rb +29 -0
- data/lib/contrast/agent_lib/api/panic.rb +87 -0
- data/lib/contrast/agent_lib/api/path_semantic_file_security_bypass.rb +40 -0
- data/lib/contrast/agent_lib/interface.rb +260 -0
- data/lib/contrast/agent_lib/interface_base.rb +118 -0
- data/lib/contrast/agent_lib/return_types/eval_result.rb +44 -0
- data/lib/contrast/agent_lib/test.rb +29 -0
- data/lib/contrast/api/communication/connection_status.rb +20 -5
- data/lib/contrast/components/agent.rb +34 -14
- data/lib/contrast/components/api.rb +23 -0
- data/lib/contrast/components/app_context.rb +23 -5
- data/lib/contrast/components/app_context_extend.rb +0 -25
- data/lib/contrast/components/assess.rb +34 -4
- data/lib/contrast/components/assess_rules.rb +18 -0
- data/lib/contrast/components/base.rb +40 -0
- data/lib/contrast/components/config/sources.rb +95 -0
- data/lib/contrast/components/config.rb +19 -19
- data/lib/contrast/components/heap_dump.rb +10 -0
- data/lib/contrast/components/inventory.rb +15 -2
- data/lib/contrast/components/logger.rb +18 -0
- data/lib/contrast/components/polling.rb +36 -0
- data/lib/contrast/components/protect.rb +52 -2
- data/lib/contrast/components/ruby_component.rb +16 -1
- data/lib/contrast/components/sampling.rb +70 -13
- data/lib/contrast/components/security_logger.rb +13 -0
- data/lib/contrast/components/settings.rb +105 -90
- data/lib/contrast/config/certification_configuration.rb +14 -0
- data/lib/contrast/config/config.rb +46 -0
- data/lib/contrast/config/diagnostics.rb +114 -0
- data/lib/contrast/config/diagnostics_tools.rb +98 -0
- data/lib/contrast/config/effective_config.rb +65 -0
- data/lib/contrast/config/effective_config_value.rb +32 -0
- data/lib/contrast/config/exception_configuration.rb +12 -0
- data/lib/contrast/config/protect_rule_configuration.rb +8 -8
- data/lib/contrast/config/protect_rules_configuration.rb +23 -60
- data/lib/contrast/config/request_audit_configuration.rb +13 -0
- data/lib/contrast/config/server_configuration.rb +41 -2
- data/lib/contrast/configuration.rb +29 -12
- data/lib/contrast/extension/assess/array.rb +9 -0
- data/lib/contrast/extension/assess/erb.rb +1 -1
- data/lib/contrast/extension/delegator.rb +2 -0
- data/lib/contrast/framework/manager.rb +3 -1
- data/lib/contrast/framework/rails/railtie.rb +0 -1
- data/lib/contrast/framework/rails/support.rb +0 -1
- data/lib/contrast/tasks/config.rb +1 -8
- data/lib/contrast/utils/assess/event_limit_utils.rb +31 -9
- data/lib/contrast/utils/assess/trigger_method_utils.rb +5 -4
- data/lib/contrast/utils/duck_utils.rb +1 -0
- data/lib/contrast/utils/hash_digest.rb +2 -2
- data/lib/contrast/utils/input_classification_base.rb +155 -0
- data/lib/contrast/utils/os.rb +0 -20
- data/lib/contrast/utils/reporting/application_activity_batch_utils.rb +81 -0
- data/lib/contrast/utils/response_utils.rb +0 -16
- data/lib/contrast/utils/routes_sent.rb +60 -0
- data/lib/contrast/utils/stack_trace_utils.rb +3 -15
- data/lib/contrast/utils/string_utils.rb +10 -7
- data/lib/contrast/utils/telemetry_client.rb +1 -2
- data/lib/contrast/utils/timer.rb +16 -0
- data/lib/contrast.rb +5 -4
- data/resources/protect/policy.json +1 -2
- data/ruby-agent.gemspec +7 -6
- metadata +69 -130
- data/exe/contrast_service +0 -23
- data/lib/contrast/agent/assess/contrast_event.rb +0 -157
- data/lib/contrast/agent/assess/events/event_factory.rb +0 -34
- data/lib/contrast/agent/assess/events/source_event.rb +0 -46
- data/lib/contrast/agent/protect/rule/cmdi/cmdi_worth_watching.rb +0 -64
- data/lib/contrast/agent/protect/rule/sqli/sqli_worth_watching.rb +0 -118
- data/lib/contrast/agent/protect/rule/unsafe_file_upload/unsafe_file_upload_matcher.rb +0 -45
- data/lib/contrast/agent/reaction_processor.rb +0 -47
- data/lib/contrast/agent/reporting/reporting_events/server_activity.rb +0 -36
- data/lib/contrast/agent/service_heartbeat.rb +0 -35
- data/lib/contrast/api/communication/messaging_queue.rb +0 -128
- data/lib/contrast/api/communication/response_processor.rb +0 -90
- data/lib/contrast/api/communication/service_lifecycle.rb +0 -77
- data/lib/contrast/api/communication/socket.rb +0 -44
- data/lib/contrast/api/communication/socket_client.rb +0 -130
- data/lib/contrast/api/communication/speedracer.rb +0 -138
- data/lib/contrast/api/communication/tcp_socket.rb +0 -32
- data/lib/contrast/api/communication/unix_socket.rb +0 -28
- data/lib/contrast/api/communication.rb +0 -20
- data/lib/contrast/api/decorators/address.rb +0 -59
- data/lib/contrast/api/decorators/agent_startup.rb +0 -56
- data/lib/contrast/api/decorators/application_settings.rb +0 -43
- data/lib/contrast/api/decorators/application_startup.rb +0 -56
- data/lib/contrast/api/decorators/bot_blocker.rb +0 -37
- data/lib/contrast/api/decorators/http_request.rb +0 -137
- data/lib/contrast/api/decorators/input_analysis.rb +0 -18
- data/lib/contrast/api/decorators/instrumentation_mode.rb +0 -35
- data/lib/contrast/api/decorators/ip_denylist.rb +0 -37
- data/lib/contrast/api/decorators/message.rb +0 -67
- data/lib/contrast/api/decorators/rasp_rule_sample.rb +0 -52
- data/lib/contrast/api/decorators/response_type.rb +0 -17
- data/lib/contrast/api/decorators/server_features.rb +0 -25
- data/lib/contrast/api/decorators/user_input.rb +0 -51
- data/lib/contrast/api/decorators/virtual_patch.rb +0 -34
- data/lib/contrast/api/decorators.rb +0 -22
- data/lib/contrast/api/dtm.pb.rb +0 -363
- data/lib/contrast/api/settings.pb.rb +0 -500
- data/lib/contrast/api.rb +0 -16
- data/lib/contrast/components/contrast_service.rb +0 -88
- data/lib/contrast/components/service.rb +0 -55
- data/lib/contrast/tasks/service.rb +0 -84
- data/lib/contrast/utils/input_classification.rb +0 -73
- data/lib/protobuf/code_generator.rb +0 -129
- data/lib/protobuf/decoder.rb +0 -28
- data/lib/protobuf/deprecation.rb +0 -117
- data/lib/protobuf/descriptors/google/protobuf/compiler/plugin.pb.rb +0 -79
- data/lib/protobuf/descriptors/google/protobuf/descriptor.pb.rb +0 -360
- data/lib/protobuf/descriptors.rb +0 -3
- data/lib/protobuf/encoder.rb +0 -11
- data/lib/protobuf/enum.rb +0 -365
- data/lib/protobuf/exceptions.rb +0 -9
- data/lib/protobuf/field/base_field.rb +0 -380
- data/lib/protobuf/field/base_field_object_definitions.rb +0 -504
- data/lib/protobuf/field/bool_field.rb +0 -64
- data/lib/protobuf/field/bytes_field.rb +0 -67
- data/lib/protobuf/field/double_field.rb +0 -25
- data/lib/protobuf/field/enum_field.rb +0 -56
- data/lib/protobuf/field/field_array.rb +0 -102
- data/lib/protobuf/field/field_hash.rb +0 -122
- data/lib/protobuf/field/fixed32_field.rb +0 -25
- data/lib/protobuf/field/fixed64_field.rb +0 -28
- data/lib/protobuf/field/float_field.rb +0 -43
- data/lib/protobuf/field/int32_field.rb +0 -21
- data/lib/protobuf/field/int64_field.rb +0 -34
- data/lib/protobuf/field/integer_field.rb +0 -23
- data/lib/protobuf/field/message_field.rb +0 -51
- data/lib/protobuf/field/sfixed32_field.rb +0 -27
- data/lib/protobuf/field/sfixed64_field.rb +0 -28
- data/lib/protobuf/field/signed_integer_field.rb +0 -29
- data/lib/protobuf/field/sint32_field.rb +0 -21
- data/lib/protobuf/field/sint64_field.rb +0 -21
- data/lib/protobuf/field/string_field.rb +0 -51
- data/lib/protobuf/field/uint32_field.rb +0 -21
- data/lib/protobuf/field/uint64_field.rb +0 -21
- data/lib/protobuf/field/varint_field.rb +0 -77
- data/lib/protobuf/field.rb +0 -74
- data/lib/protobuf/generators/base.rb +0 -85
- data/lib/protobuf/generators/enum_generator.rb +0 -39
- data/lib/protobuf/generators/extension_generator.rb +0 -27
- data/lib/protobuf/generators/field_generator.rb +0 -193
- data/lib/protobuf/generators/file_generator.rb +0 -262
- data/lib/protobuf/generators/group_generator.rb +0 -122
- data/lib/protobuf/generators/message_generator.rb +0 -104
- data/lib/protobuf/generators/option_generator.rb +0 -17
- data/lib/protobuf/generators/printable.rb +0 -160
- data/lib/protobuf/generators/service_generator.rb +0 -50
- data/lib/protobuf/lifecycle.rb +0 -33
- data/lib/protobuf/logging.rb +0 -39
- data/lib/protobuf/message/fields.rb +0 -233
- data/lib/protobuf/message/serialization.rb +0 -85
- data/lib/protobuf/message.rb +0 -241
- data/lib/protobuf/optionable.rb +0 -72
- data/lib/protobuf/tasks/compile.rake +0 -80
- data/lib/protobuf/tasks.rb +0 -1
- data/lib/protobuf/varint.rb +0 -20
- data/lib/protobuf/varint_pure.rb +0 -31
- data/lib/protobuf/version.rb +0 -3
- data/lib/protobuf/wire_type.rb +0 -10
- data/lib/protobuf.rb +0 -91
- data/proto/dynamic_discovery.proto +0 -46
- data/proto/google/protobuf/compiler/plugin.proto +0 -183
- data/proto/google/protobuf/descriptor.proto +0 -911
- data/proto/rpc.proto +0 -71
- data/service_executables/.gitkeep +0 -0
- data/service_executables/VERSION +0 -1
- data/service_executables/linux/contrast-service +0 -0
- data/service_executables/mac/contrast-service +0 -0
@@ -13,7 +13,7 @@ require 'contrast/components/scope'
|
|
13
13
|
require 'contrast/components/inventory'
|
14
14
|
require 'contrast/components/protect'
|
15
15
|
require 'contrast/components/assess'
|
16
|
-
require 'contrast/components/
|
16
|
+
require 'contrast/components/config/sources'
|
17
17
|
require 'contrast/config/server_configuration'
|
18
18
|
|
19
19
|
module Contrast
|
@@ -44,30 +44,42 @@ module Contrast
|
|
44
44
|
attr_writer :inventory
|
45
45
|
# @return [Contrast::Components::Protect::Interface]
|
46
46
|
attr_writer :protect
|
47
|
-
# @return [Contrast::Components::Service::Interface]
|
48
|
-
attr_writer :service
|
49
47
|
# @return [Boolean, nil]
|
50
48
|
attr_accessor :enable
|
49
|
+
# @return [Hash]
|
50
|
+
attr_accessor :loaded_config
|
51
|
+
# @return [Contrast::Config::Sources]
|
52
|
+
attr_accessor :sources
|
53
|
+
# @return [String,nil]
|
54
|
+
attr_reader :config_file
|
51
55
|
|
52
56
|
DEFAULT_YAML_PATH = 'contrast_security.yaml'
|
53
57
|
MILLISECOND_MARKER = '_ms'
|
54
|
-
CONVERSION = {
|
58
|
+
CONVERSION = {}.cs__freeze
|
55
59
|
CONFIG_BASE_PATHS = ['', 'config/', '/etc/contrast/ruby/', '/etc/contrast/', '/etc/'].cs__freeze
|
56
60
|
KEYS_TO_REDACT = %i[api_key url service_key user_name].cs__freeze
|
57
61
|
REDACTED = '**REDACTED**'
|
58
62
|
|
59
|
-
def initialize cli_options = nil, default_name = DEFAULT_YAML_PATH
|
63
|
+
def initialize cli_options = nil, default_name = DEFAULT_YAML_PATH # rubocop:disable Metrics/AbcSize
|
60
64
|
@default_name = default_name
|
61
65
|
|
62
66
|
# Load config_kv from file
|
63
67
|
config_kv = deep_symbolize_all_keys(load_config)
|
68
|
+
config_sources = assign_source_to(config_kv, Contrast::Components::Config::Sources::YAML)
|
64
69
|
|
65
70
|
# Overlay CLI options - they take precedence over config file
|
66
71
|
cli_options = deep_symbolize_all_keys(cli_options)
|
67
|
-
|
72
|
+
if cli_options
|
73
|
+
config_kv = deep_merge(cli_options, config_kv)
|
74
|
+
config_sources = deep_merge(assign_source_to(cli_options, Contrast::Components::Config::Sources::CLI),
|
75
|
+
config_sources)
|
76
|
+
end
|
68
77
|
|
69
78
|
# Some in-flight rewrites to maintain backwards compatibility
|
70
79
|
config_kv = update_prop_keys(config_kv)
|
80
|
+
@loaded_config = config_kv
|
81
|
+
|
82
|
+
@sources = Contrast::Components::Config::Sources.new(config_sources)
|
71
83
|
|
72
84
|
@api = Contrast::Components::Api::Interface.new(config_kv[:api])
|
73
85
|
@enable = config_kv[:enable]
|
@@ -77,7 +89,6 @@ module Contrast
|
|
77
89
|
@assess = Contrast::Components::Assess::Interface.new(config_kv[:assess])
|
78
90
|
@inventory = Contrast::Components::Inventory::Interface.new(config_kv[:inventory])
|
79
91
|
@protect = Contrast::Components::Protect::Interface.new(config_kv[:protect])
|
80
|
-
@service = Contrast::Components::Service::Interface.new(config_kv[:service])
|
81
92
|
end
|
82
93
|
|
83
94
|
# Get a loggable YAML format of this configuration
|
@@ -122,11 +133,6 @@ module Contrast
|
|
122
133
|
@protect ||= Contrast::Components::Protect::Interface.new # rubocop:disable Naming/MemoizedInstanceVariableName
|
123
134
|
end
|
124
135
|
|
125
|
-
# @return [Contrast::Components::Service::Interface]
|
126
|
-
def service
|
127
|
-
@service ||= Contrast::Components::Service::Interface.new # rubocop:disable Naming/MemoizedInstanceVariableName
|
128
|
-
end
|
129
|
-
|
130
136
|
protected
|
131
137
|
|
132
138
|
# TODO: RUBY-546 move utility methods to auxiliary classes
|
@@ -141,6 +147,7 @@ module Contrast
|
|
141
147
|
next
|
142
148
|
end
|
143
149
|
config = yaml_to_hash(path) || {}
|
150
|
+
@config_file = path
|
144
151
|
break
|
145
152
|
end
|
146
153
|
|
@@ -316,5 +323,15 @@ module Contrast
|
|
316
323
|
def redactable? key
|
317
324
|
KEYS_TO_REDACT.include?(key.to_sym)
|
318
325
|
end
|
326
|
+
|
327
|
+
def assign_source_to hash, source = Contrast::Components::Config::Sources::YAML
|
328
|
+
hash.transform_values do |value|
|
329
|
+
if value.is_a?(Hash)
|
330
|
+
assign_source_to(value, source)
|
331
|
+
else
|
332
|
+
source
|
333
|
+
end
|
334
|
+
end
|
335
|
+
end
|
319
336
|
end
|
320
337
|
end
|
@@ -5,6 +5,7 @@ require 'contrast/agent/patching/policy/patch'
|
|
5
5
|
require 'contrast/agent/patching/policy/patcher'
|
6
6
|
require 'contrast/components/scope'
|
7
7
|
require 'contrast/agent/assess/events/event_data'
|
8
|
+
require 'cs__assess_array/cs__assess_array'
|
8
9
|
|
9
10
|
module Contrast
|
10
11
|
module Extension
|
@@ -61,6 +62,14 @@ module Contrast
|
|
61
62
|
end
|
62
63
|
end
|
63
64
|
end
|
65
|
+
|
66
|
+
# Helper module to call cs__join
|
67
|
+
module ContrastArray
|
68
|
+
def join *args
|
69
|
+
cs__join(*args)
|
70
|
+
super(*args)
|
71
|
+
end
|
72
|
+
end
|
64
73
|
end
|
65
74
|
end
|
66
75
|
end
|
@@ -39,7 +39,7 @@ module ERBPropagator
|
|
39
39
|
# @param used_binding [Binding] the binding in of the current event, saved as preshift argument
|
40
40
|
# @param erb_pre_result [String] the source saved in the preshift
|
41
41
|
# @param properties [Contrast::Agent::Assess::Properties] properties of the target if none create new
|
42
|
-
# @param parent_events [Array<Contrast::Agent::
|
42
|
+
# @param parent_events [Array<Contrast::Agent::Reporting::FindingEvent>] parents event extracted from the source
|
43
43
|
# properties
|
44
44
|
# @param ret [String] the Return of the invoked method
|
45
45
|
# @return [Array<Symbol>]
|
@@ -1,6 +1,8 @@
|
|
1
1
|
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
2
|
# frozen_string_literal: true
|
3
3
|
|
4
|
+
require 'delegate'
|
5
|
+
|
4
6
|
# Some developers override various methods on Delegator, which can often
|
5
7
|
# involve changing expected method parity/behavior which in turn prevents us
|
6
8
|
# from being able to reliably use affected methods. Let's alias these methods
|
@@ -71,9 +71,11 @@ module Contrast
|
|
71
71
|
first_framework_result(:application_name, 'root')
|
72
72
|
end
|
73
73
|
|
74
|
+
# @return app_root [String] path
|
74
75
|
def app_root
|
75
76
|
found = first_framework_result(:application_root, nil)
|
76
|
-
found
|
77
|
+
found ||= ::Rack::Directory.new('').root
|
78
|
+
found.to_s
|
77
79
|
end
|
78
80
|
|
79
81
|
# Build a request from the provided env, based on the framework(s) we're currently supporting.
|
@@ -1,7 +1,6 @@
|
|
1
1
|
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
2
|
# frozen_string_literal: true
|
3
3
|
|
4
|
-
require 'contrast/api/dtm.pb'
|
5
4
|
require 'contrast/framework/base_support'
|
6
5
|
require 'contrast/framework/rails/patch/support'
|
7
6
|
require 'contrast/utils/string_utils'
|
@@ -7,7 +7,7 @@ require 'contrast/agent/reporting/reporter'
|
|
7
7
|
|
8
8
|
module Contrast
|
9
9
|
# A Rake task to generate a contrast_security.yaml file with some basic settings
|
10
|
-
module Config
|
10
|
+
module Config
|
11
11
|
extend Rake::DSL
|
12
12
|
DEFAULT_CONFIG = {
|
13
13
|
'api' => {
|
@@ -17,13 +17,6 @@ module Contrast
|
|
17
17
|
'user_name' => 'Enter your Contrast user name'
|
18
18
|
},
|
19
19
|
'agent' => {
|
20
|
-
'service' => {
|
21
|
-
'logger' => {
|
22
|
-
'path' => 'contrast_service.log',
|
23
|
-
'level' => 'ERROR' # DEBUG | INFO | WARN | ERROR
|
24
|
-
},
|
25
|
-
'socket' => '/tmp/contrast_service.sock'
|
26
|
-
},
|
27
20
|
'logger' => {
|
28
21
|
'level' => 'ERROR',
|
29
22
|
'path' => 'contrast_agent.log'
|
@@ -12,18 +12,19 @@ module Contrast
|
|
12
12
|
module EventLimitUtils
|
13
13
|
include Contrast::Components::Logger::InstanceMethods
|
14
14
|
# Checks to see if the event limit for the policy type has been met or exceeded
|
15
|
-
# @param
|
16
|
-
|
15
|
+
# @param policy [Contrast::Agent::Patching::Policy::MethodPolicy,
|
16
|
+
# Contrast::Agent::Patching::Policy::TriggerNode] method to check for event limit
|
17
|
+
def event_limit? policy
|
17
18
|
return false unless (context = Contrast::Agent::REQUEST_TRACKER.current)
|
18
19
|
|
19
|
-
if
|
20
|
+
if policy.source_node
|
20
21
|
max = ::Contrast::ASSESS.max_context_source_events
|
21
|
-
return at_limit?(
|
22
|
-
|
22
|
+
return at_limit?(policy, context.source_event_count, max, context)
|
23
23
|
end
|
24
|
-
|
24
|
+
|
25
|
+
if policy.propagation_node
|
25
26
|
max = ::Contrast::ASSESS.max_propagation_events
|
26
|
-
return at_limit?(
|
27
|
+
return at_limit?(policy, context.propagation_event_count, max, context)
|
27
28
|
end
|
28
29
|
|
29
30
|
false # policy does not have limit
|
@@ -65,8 +66,10 @@ module Contrast
|
|
65
66
|
private
|
66
67
|
|
67
68
|
# helper method to check limit and log when necessary
|
68
|
-
def at_limit? method_policy, current_count, event_max
|
69
|
+
def at_limit? method_policy, current_count, event_max, context
|
69
70
|
if current_count == event_max
|
71
|
+
return if event_limit_counts.key?(get_event_limit_key(method_policy, context))
|
72
|
+
|
70
73
|
logger.warn('Event Limit Reached:',
|
71
74
|
{
|
72
75
|
count: current_count,
|
@@ -76,16 +79,21 @@ module Contrast
|
|
76
79
|
})
|
77
80
|
# increment to be over count for logging purposes
|
78
81
|
increment_event_count(method_policy)
|
82
|
+
increment_event_limit_logs(method_policy, context)
|
83
|
+
|
79
84
|
return true
|
80
85
|
elsif current_count > event_max
|
81
|
-
# increment to be over count for logging purposes
|
82
86
|
increment_event_count(method_policy)
|
87
|
+
return if event_limit_counts.key?(get_event_limit_key(method_policy, context))
|
88
|
+
|
89
|
+
# increment to be over count for logging purposes
|
83
90
|
logger.warn('Event Limit Exceeded:',
|
84
91
|
{
|
85
92
|
count: current_count,
|
86
93
|
policy: method_policy.method_name,
|
87
94
|
node: method_policy
|
88
95
|
})
|
96
|
+
increment_event_limit_logs(method_policy, context)
|
89
97
|
return true
|
90
98
|
end
|
91
99
|
false
|
@@ -95,6 +103,20 @@ module Contrast
|
|
95
103
|
@_rule_counts ||= Hash.new { |h, k| h[k] = 0 }
|
96
104
|
end
|
97
105
|
|
106
|
+
def event_limit_counts
|
107
|
+
@_event_limit_counts ||= Hash.new { |h, k| h[k] = 0 }
|
108
|
+
end
|
109
|
+
|
110
|
+
def get_event_limit_key method_policy, context
|
111
|
+
"#{ method_policy.method_name }_#{ context.request.__id__ }"
|
112
|
+
end
|
113
|
+
|
114
|
+
def increment_event_limit_logs method_policy, context
|
115
|
+
event_limit_counter = get_event_limit_key(method_policy, context)
|
116
|
+
|
117
|
+
event_limit_counts[event_limit_counter] += 1
|
118
|
+
end
|
119
|
+
|
98
120
|
# the time threshold for which to track rule counts resets when now >= threshold_time_limit
|
99
121
|
# @return [Integer]
|
100
122
|
def threshold_time_limit
|
@@ -1,12 +1,15 @@
|
|
1
1
|
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
2
|
# frozen_string_literal: true
|
3
3
|
|
4
|
+
require 'contrast/utils/assess/event_limit_utils'
|
5
|
+
|
4
6
|
module Contrast
|
5
7
|
module Utils
|
6
8
|
module Assess
|
7
9
|
# This module will include all methods for some internal validations/appliers in the TriggerMethod module
|
8
10
|
# and some other module methods from the same place, so we can ease the main module
|
9
11
|
module TriggerMethodUtils
|
12
|
+
extend Contrast::Utils::Assess::EventLimitUtils
|
10
13
|
# A request is reportable if it is not from ActionController::Live
|
11
14
|
#
|
12
15
|
# @param env [Hash] the env of the Request
|
@@ -33,10 +36,10 @@ module Contrast
|
|
33
36
|
|
34
37
|
# Finds the first request along the left most tree of parent events
|
35
38
|
#
|
36
|
-
# @param event [Contrast::Agent::
|
39
|
+
# @param event [Contrast::Agent::Reporting::FindingEvent]
|
37
40
|
# @return [Contrast::Agent::Request, nil]
|
38
41
|
def find_event_request event
|
39
|
-
return event.request if event
|
42
|
+
return event.request if event&.source_type
|
40
43
|
|
41
44
|
idx = 0
|
42
45
|
while idx <= event.parent_events.length
|
@@ -44,9 +47,7 @@ module Contrast
|
|
44
47
|
return found if found
|
45
48
|
|
46
49
|
idx += 1
|
47
|
-
return event.request if event.request
|
48
50
|
end
|
49
|
-
return unless event.cs__is_a?(Contrast::Agent::Assess::Events::SourceEvent)
|
50
51
|
|
51
52
|
event.request
|
52
53
|
end
|
@@ -61,8 +61,8 @@ module Contrast
|
|
61
61
|
def update_on_sources events
|
62
62
|
events.each do |event|
|
63
63
|
event.event_sources.each do |source|
|
64
|
-
update(source.
|
65
|
-
update(source.
|
64
|
+
update(source.source_type)
|
65
|
+
update(source.source_name)
|
66
66
|
end
|
67
67
|
end
|
68
68
|
end
|
@@ -0,0 +1,155 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/utils/object_share'
|
5
|
+
require 'contrast/agent/reporting/input_analysis/input_type'
|
6
|
+
require 'contrast/agent/reporting/input_analysis/score_level'
|
7
|
+
require 'contrast/agent/protect/input_analyzer/input_analyzer'
|
8
|
+
require 'contrast/components/logger'
|
9
|
+
|
10
|
+
module Contrast
|
11
|
+
module Agent
|
12
|
+
module Protect
|
13
|
+
module Rule
|
14
|
+
# This module will include all the similar information for all input classifications
|
15
|
+
# between different rules
|
16
|
+
module InputClassificationBase
|
17
|
+
UNKNOWN_KEY = 'unknown'
|
18
|
+
THRESHOLD = 90.cs__freeze
|
19
|
+
WORTHWATCHING_THRESHOLD = 10.cs__freeze
|
20
|
+
include Contrast::Agent::Reporting::InputType
|
21
|
+
include Contrast::Agent::Reporting::ScoreLevel
|
22
|
+
include Contrast::Components::Logger::InstanceMethods
|
23
|
+
|
24
|
+
KEYS_NEEDED = [COOKIE_VALUE, PARAMETER_VALUE, JSON_VALUE, MULTIPART_VALUE, XML_VALUE, DWR_VALUE].cs__freeze
|
25
|
+
|
26
|
+
# Input Classification stage is done to determine if an user input is
|
27
|
+
# DEFINITEATTACK or to be ignored.
|
28
|
+
#
|
29
|
+
# @param rule_id [String] Name of the protect rule.
|
30
|
+
# @param input_type [Symbol, Contrast::Agent::Reporting::InputType] The type of the user input.
|
31
|
+
# @param value [String, Array<String>] the value of the input.
|
32
|
+
# @param input_analysis [Contrast::Agent::Reporting::InputAnalysis] Holds all the results from the
|
33
|
+
# agent analysis from the current
|
34
|
+
# Request.
|
35
|
+
# @return ia [Contrast::Agent::Reporting::InputAnalysis, nil] with updated results.
|
36
|
+
def classify rule_id, input_type, value, input_analysis
|
37
|
+
return unless (rule = Contrast::PROTECT.rule(rule_id))
|
38
|
+
return unless rule.applicable_user_inputs.include?(input_type)
|
39
|
+
return unless input_analysis.request
|
40
|
+
|
41
|
+
Array(value).each do |val|
|
42
|
+
Array(val).each do |v|
|
43
|
+
next unless v
|
44
|
+
|
45
|
+
result = create_new_input_result(input_analysis.request, rule.rule_name, input_type, v)
|
46
|
+
input_analysis.results << result unless result.nil?
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
input_analysis
|
51
|
+
rescue StandardError => e
|
52
|
+
logger.debug("An Error was recorded in the input classification of the #{ rule_id }")
|
53
|
+
logger.debug(e)
|
54
|
+
end
|
55
|
+
|
56
|
+
# Creates new isntance of InputAnalysisResult with basic info.
|
57
|
+
#
|
58
|
+
# @param rule_id [String] The name of the Protect Rule.
|
59
|
+
# @param input_type [Contrast::Agent::Reporting::InputType] The type of the user input.
|
60
|
+
# @param value [String, Array<String>] the value of the input.
|
61
|
+
# @param path [String] the path of the current request context.
|
62
|
+
#
|
63
|
+
# @return res [Contrast::Agent::Reporting::InputAnalysisResult]
|
64
|
+
def new_ia_result rule_id, input_type, path, value = nil
|
65
|
+
res = Contrast::Agent::Reporting::InputAnalysisResult.new
|
66
|
+
res.rule_id = rule_id
|
67
|
+
res.input_type = input_type
|
68
|
+
res.path = path
|
69
|
+
res.value = value
|
70
|
+
res
|
71
|
+
end
|
72
|
+
|
73
|
+
# This methods checks if input is value that matches a key in the input.
|
74
|
+
#
|
75
|
+
# @param request [Contrast::Agent::Request] the current request context.
|
76
|
+
# @param result [Contrast::Agent::Reporting::InputAnalysisResult] result to be updated.
|
77
|
+
# @param input_type [Contrast::Agent::Reporting::InputType] The type of the user input.
|
78
|
+
# @param value [String, Array<String>] the value of the input.
|
79
|
+
#
|
80
|
+
# @return result [Contrast::Agent::Reporting::InputAnalysisResult] updated with key result.
|
81
|
+
def add_needed_key request, result, input_type, value
|
82
|
+
case input_type
|
83
|
+
when COOKIE_VALUE
|
84
|
+
result.key = request.cookies.key(value)
|
85
|
+
when PARAMETER_VALUE, URL_PARAMETER
|
86
|
+
result.key = request.parameters.key(value)
|
87
|
+
when HEADER
|
88
|
+
result.key = request.headers.key(value)
|
89
|
+
when UNKNOWN
|
90
|
+
result.key = UNKNOWN_KEY
|
91
|
+
else
|
92
|
+
result.key
|
93
|
+
end
|
94
|
+
rescue StandardError => e
|
95
|
+
logger.warn('Could not find proper key for input traced value', message: e)
|
96
|
+
end
|
97
|
+
|
98
|
+
# Some input types are not yet supported from the AgentLib.
|
99
|
+
# This will convert the type to the closet possible if viable,
|
100
|
+
# so that the input tracing could be done.
|
101
|
+
#
|
102
|
+
# @param input_type [Contrast::Agent::Reporting::InputType] The type of the user input.
|
103
|
+
# @return [Integer<Contrast::AgentLib::Interface::INPUT_SET>]
|
104
|
+
def convert_input_type input_type
|
105
|
+
case input_type
|
106
|
+
when BODY, DWR_VALUE
|
107
|
+
Contrast::AGENT_LIB.input_set[:PARAMETER_VALUE]
|
108
|
+
when HEADER
|
109
|
+
Contrast::AGENT_LIB.input_set[:HEADER_VALUE]
|
110
|
+
when MULTIPART_VALUE, MULTIPART_FIELD_NAME
|
111
|
+
Contrast::AGENT_LIB.input_set[:MULTIPART_NAME]
|
112
|
+
else
|
113
|
+
Contrast::AGENT_LIB.input_set[input_type]
|
114
|
+
end
|
115
|
+
rescue StandardError
|
116
|
+
Contrast::AGENT_LIB.input_set[:PARAMETER_VALUE]
|
117
|
+
end
|
118
|
+
|
119
|
+
private
|
120
|
+
|
121
|
+
# This methods checks if input is tagged WORTHWATCHING or IGNORE matches value with it's
|
122
|
+
# key if needed and Creates new instance of InputAnalysisResult.
|
123
|
+
#
|
124
|
+
# @param request [Contrast::Agent::Request] the current request context.
|
125
|
+
# @param rule_id [String] The name of the Protect Rule.
|
126
|
+
# @param input_type [Contrast::Agent::Reporting::InputType] The type of the user input.
|
127
|
+
# @param value [String, Array<String>] the value of the input.
|
128
|
+
#
|
129
|
+
# @return res [Contrast::Agent::Reporting::InputAnalysisResult, nil]
|
130
|
+
def create_new_input_result request, rule_id, input_type, value
|
131
|
+
return unless Contrast::AGENT_LIB
|
132
|
+
|
133
|
+
input_eval = Contrast::AGENT_LIB.eval_input(value,
|
134
|
+
convert_input_type(input_type),
|
135
|
+
Contrast::AGENT_LIB.rule_set[rule_id],
|
136
|
+
Contrast::AGENT_LIB.eval_option[:WORTHWATCHING])
|
137
|
+
|
138
|
+
ia_result = new_ia_result(rule_id, input_type, request.path, value)
|
139
|
+
score = input_eval&.score || 0
|
140
|
+
if score >= WORTHWATCHING_THRESHOLD
|
141
|
+
ia_result.score_level = WORTHWATCHING
|
142
|
+
ia_result.ids << self::WORTHWATCHING_MATCH
|
143
|
+
else
|
144
|
+
ia_result.score_level = IGNORE
|
145
|
+
return
|
146
|
+
end
|
147
|
+
|
148
|
+
add_needed_key(request, ia_result, input_type, value) if KEYS_NEEDED.include?(input_type)
|
149
|
+
ia_result
|
150
|
+
end
|
151
|
+
end
|
152
|
+
end
|
153
|
+
end
|
154
|
+
end
|
155
|
+
end
|
data/lib/contrast/utils/os.rb
CHANGED
@@ -13,26 +13,6 @@ module Contrast
|
|
13
13
|
extend Contrast::Components::Scope::InstanceMethods
|
14
14
|
|
15
15
|
class << self
|
16
|
-
def running?
|
17
|
-
result = false
|
18
|
-
with_contrast_scope do
|
19
|
-
process = `ps aux | grep contrast-servic[e]`
|
20
|
-
processes = process.split("\n")
|
21
|
-
result = !processes.empty? && processes.any? { |process_descriptor| !process_descriptor.include?('grep') }
|
22
|
-
end
|
23
|
-
result
|
24
|
-
end
|
25
|
-
|
26
|
-
# check if service was killed and is a zombie process
|
27
|
-
# returns an array of zombie process PIDs as strings; empty array if there are none
|
28
|
-
def zombie_pids
|
29
|
-
with_contrast_scope do
|
30
|
-
# retrieve pid of service processes
|
31
|
-
zombie_pid_list = `ps aux | grep contrast-servic[e] | grep Z | awk '{print $2}'`
|
32
|
-
zombie_pid_list.split("\n")
|
33
|
-
end
|
34
|
-
end
|
35
|
-
|
36
16
|
# Check current OS type
|
37
17
|
# returns true if check is correct or false if not
|
38
18
|
def windows?
|
@@ -0,0 +1,81 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/agent/reporting/reporting_events/application_activity'
|
5
|
+
|
6
|
+
module Contrast
|
7
|
+
module Utils
|
8
|
+
module Reporting
|
9
|
+
# ApplicationActivityBatchUtils handles batching and reporting of ApplicationActivity events to TeamServer at a
|
10
|
+
# set interval
|
11
|
+
module ApplicationActivityBatchUtils
|
12
|
+
DEFAULT_REPORTING_INTERVAL_MS = 30_000.cs__freeze
|
13
|
+
|
14
|
+
# @return [Integer] time when activity batch was created in ms
|
15
|
+
attr_reader :batch_age
|
16
|
+
|
17
|
+
# Merge a ApplicationActivity into the ApplicationActivityBatch
|
18
|
+
# @param activity [Contrast::Agent::Reporting::ApplicationActivity] from a RequestContext
|
19
|
+
def add_activity_to_batch activity
|
20
|
+
return unless activity
|
21
|
+
|
22
|
+
activity_batch.query_count += activity.query_count
|
23
|
+
activity_batch.routes << activity.routes
|
24
|
+
activity_batch.routes.flatten!
|
25
|
+
merge_attackers(activity)
|
26
|
+
activity_batch.attach_inventory(activity.inventory) unless activity.inventory.empty?
|
27
|
+
end
|
28
|
+
|
29
|
+
# If the batch can be reported, mask the data and add it to the reporting queue, then reset the activity_batch
|
30
|
+
def report_batch
|
31
|
+
return unless report_batch?
|
32
|
+
return unless (reporter = Contrast::Agent.reporter)
|
33
|
+
|
34
|
+
Contrast::Agent::Reporting::Masker.mask(activity_batch)
|
35
|
+
reporter&.send_event(activity_batch)
|
36
|
+
reset_activity_batch
|
37
|
+
end
|
38
|
+
|
39
|
+
# @return Contrast::Agent::Reporting::ApplicationActivity
|
40
|
+
def activity_batch
|
41
|
+
return @activity_batch unless @activity_batch.nil?
|
42
|
+
|
43
|
+
reset_activity_batch
|
44
|
+
@activity_batch
|
45
|
+
end
|
46
|
+
|
47
|
+
private
|
48
|
+
|
49
|
+
def merge_attackers activity
|
50
|
+
return if activity.defend.attackers.empty?
|
51
|
+
|
52
|
+
activity.defend.attackers.each do |attacker|
|
53
|
+
if (existing = activity_batch.defend.find_existing_attacker_activity(attacker))
|
54
|
+
attacker.protection_rules.each_key do |key|
|
55
|
+
activity_batch.defend.attach_existing(existing, attacker, key)
|
56
|
+
end
|
57
|
+
else
|
58
|
+
activity_batch.defend.attackers << attacker
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
# resets the activity_batch object and it's batch_age
|
64
|
+
def reset_activity_batch
|
65
|
+
@batch_age = Contrast::Utils::Timer.now_ms
|
66
|
+
@activity_batch = Contrast::Agent::Reporting::ApplicationActivity.new
|
67
|
+
end
|
68
|
+
|
69
|
+
# @return [Boolean] if the age of the batch is outside the reporting interval
|
70
|
+
def report_batch?
|
71
|
+
reporting_interval <= (Contrast::Utils::Timer.now_ms - batch_age)
|
72
|
+
end
|
73
|
+
|
74
|
+
# @return [Integer] interval to report to TeamServer in seconds
|
75
|
+
def reporting_interval
|
76
|
+
Contrast::AGENT.polling.batch_reporting_interval_ms.to_i || DEFAULT_REPORTING_INTERVAL_MS
|
77
|
+
end
|
78
|
+
end
|
79
|
+
end
|
80
|
+
end
|
81
|
+
end
|
@@ -7,22 +7,6 @@ module Contrast
|
|
7
7
|
module ResponseUtils
|
8
8
|
private
|
9
9
|
|
10
|
-
# From the dtm for normalized_response_headers:
|
11
|
-
# Key is UPPERCASE_UNDERSCORE
|
12
|
-
#
|
13
|
-
# Example: Content-Type: text/html; charset=utf-8
|
14
|
-
# "CONTENT_TYPE" => Content-Type,["text/html; charset=utf8"]
|
15
|
-
def append_pair map, key, value
|
16
|
-
return unless key && value
|
17
|
-
return if value.is_a?(Hash)
|
18
|
-
|
19
|
-
safe_key = Contrast::Utils::StringUtils.force_utf8(key)
|
20
|
-
hash_key = Contrast::Utils::StringUtils.normalized_key(safe_key)
|
21
|
-
map[hash_key] ||= Contrast::Api::Dtm::Pair.new
|
22
|
-
map[hash_key].key = safe_key
|
23
|
-
map[hash_key].values << Contrast::Utils::StringUtils.force_utf8(value)
|
24
|
-
end
|
25
|
-
|
26
10
|
HTTP_PREFIX = /^[Hh][Tt][Tt][Pp][_-]/i.cs__freeze
|
27
11
|
|
28
12
|
# Given some holder of the content of the response's body, extract that
|