tcell_agent 0.2.18 → 0.2.19

data/spec/lib/tcell_agent/policies/appsensor_policy_spec.rb

@@ -43,6 +43,9 @@ module TCellAgent
               expect(empty_policy.options["nullbyte"]).to be_nil
               expect(empty_policy.options["retr"]).to be_nil
               expect(empty_policy.options["login"]).to be_nil
+              expect(empty_policy.options["ua"]).to be_nil
+              expect(empty_policy.options["errors"]).to be_nil
+              expect(empty_policy.options["database"]).to be_nil
             end
           end
 
@@ -70,6 +73,9 @@ module TCellAgent
               expect(empty_policy.options["nullbyte"]).to be_nil
               expect(empty_policy.options["retr"]).to be_nil
               expect(empty_policy.options["login"]).to be_nil
+              expect(empty_policy.options["ua"]).to be_nil
+              expect(empty_policy.options["errors"]).to be_nil
+              expect(empty_policy.options["database"]).to be_nil
             end
           end
 
@@ -97,6 +103,9 @@ module TCellAgent
               expect(policy.options["nullbyte"]).to_not be_nil
               expect(policy.options["retr"]).to_not be_nil
               expect(policy.options["login"]).to_not be_nil
+              expect(policy.options["ua"]).to_not be_nil
+              expect(policy.options["errors"]).to_not be_nil
+              expect(policy.options["database"]).to_not be_nil
 
               expect(policy.options["req_size"].enabled).to eq(false)
               expect(policy.options["resp_size"].enabled).to eq(false)
@@ -108,6 +117,12 @@ module TCellAgent
               expect(policy.options["nullbyte"].enabled).to eq(true)
               expect(policy.options["retr"].enabled).to eq(false)
               expect(policy.options["login"].enabled).to eq(false)
+              expect(policy.options["ua"].enabled).to eq(false)
+              expect(policy.options["ua"].empty_enabled).to eq(false)
+              expect(policy.options["errors"].enabled).to eq(false)
+              expect(policy.options["errors"].csrf_exception_enabled).to eq(false)
+              expect(policy.options["errors"].sql_exception_enabled).to eq(false)
+              expect(policy.options["database"].enabled).to eq(false)
 
               expect(policy.options["xss"].v1_compatability_enabled).to eq(true)
               expect(policy.options["sqli"].v1_compatability_enabled).to eq(true)
@@ -142,6 +157,9 @@ module TCellAgent
               expect(empty_policy.options["nullbyte"]).to_not be_nil
               expect(empty_policy.options["retr"]).to_not be_nil
               expect(empty_policy.options["login"]).to_not be_nil
+              expect(empty_policy.options["ua"]).to_not be_nil
+              expect(empty_policy.options["errors"]).to_not be_nil
+              expect(empty_policy.options["database"]).to_not be_nil
 
               expect(empty_policy.options["req_size"].enabled).to eq(false)
               expect(empty_policy.options["resp_size"].enabled).to eq(false)
@@ -153,6 +171,12 @@ module TCellAgent
               expect(empty_policy.options["nullbyte"].enabled).to eq(false)
               expect(empty_policy.options["retr"].enabled).to eq(false)
               expect(empty_policy.options["login"].enabled).to eq(false)
+              expect(empty_policy.options["ua"].enabled).to eq(false)
+              expect(empty_policy.options["ua"].empty_enabled).to eq(false)
+              expect(empty_policy.options["errors"].enabled).to eq(false)
+              expect(empty_policy.options["errors"].csrf_exception_enabled).to eq(false)
+              expect(empty_policy.options["errors"].sql_exception_enabled).to eq(false)
+              expect(empty_policy.options["database"].enabled).to eq(false)
 
               expect(empty_policy.options["xss"].v1_compatability_enabled).to eq(true)
               expect(empty_policy.options["sqli"].v1_compatability_enabled).to eq(true)
@@ -197,6 +221,9 @@ module TCellAgent
               expect(policy.options["nullbyte"]).to_not be_nil
               expect(policy.options["retr"]).to_not be_nil
               expect(policy.options["login"]).to_not be_nil
+              expect(policy.options["ua"]).to_not be_nil
+              expect(policy.options["errors"]).to_not be_nil
+              expect(policy.options["database"]).to_not be_nil
 
               expect(policy.options["req_size"].enabled).to eq(true)
               expect(policy.options["resp_size"].enabled).to eq(true)
@@ -208,6 +235,12 @@ module TCellAgent
               expect(policy.options["nullbyte"].enabled).to eq(true)
               expect(policy.options["retr"].enabled).to eq(true)
               expect(policy.options["login"].enabled).to eq(true)
+              expect(policy.options["ua"].enabled).to eq(false)
+              expect(policy.options["ua"].empty_enabled).to eq(false)
+              expect(policy.options["errors"].enabled).to eq(false)
+              expect(policy.options["errors"].csrf_exception_enabled).to eq(false)
+              expect(policy.options["errors"].sql_exception_enabled).to eq(false)
+              expect(policy.options["database"].enabled).to eq(false)
 
               expect(policy.options["xss"].v1_compatability_enabled).to eq(true)
               expect(policy.options["sqli"].v1_compatability_enabled).to eq(true)
@@ -256,6 +289,9 @@ module TCellAgent
               expect(empty_policy.options["nullbyte"]).to be_nil
               expect(empty_policy.options["retr"]).to be_nil
               expect(empty_policy.options["login"]).to be_nil
+              expect(empty_policy.options["ua"]).to be_nil
+              expect(empty_policy.options["errors"]).to be_nil
+              expect(empty_policy.options["database"]).to be_nil
             end
           end
 
@@ -285,6 +321,9 @@ module TCellAgent
               expect(empty_policy.options["nullbyte"]).to be_nil
               expect(empty_policy.options["retr"]).to be_nil
               expect(empty_policy.options["login"]).to be_nil
+              expect(empty_policy.options["ua"]).to be_nil
+              expect(empty_policy.options["errors"]).to be_nil
+              expect(empty_policy.options["database"]).to be_nil
             end
           end
 
@@ -317,6 +356,9 @@ module TCellAgent
               expect(policy.options["nullbyte"]).to_not be_nil
               expect(policy.options["retr"]).to_not be_nil
               expect(policy.options["login"]).to_not be_nil
+              expect(policy.options["ua"]).to_not be_nil
+              expect(policy.options["errors"]).to_not be_nil
+              expect(policy.options["database"]).to_not be_nil
 
               expect(policy.options["req_size"].enabled).to eq(false)
               expect(policy.options["resp_size"].enabled).to eq(false)
@@ -328,6 +370,12 @@ module TCellAgent
               expect(policy.options["nullbyte"].enabled).to eq(true)
               expect(policy.options["retr"].enabled).to eq(false)
               expect(policy.options["login"].enabled).to eq(false)
+              expect(policy.options["ua"].enabled).to eq(false)
+              expect(policy.options["ua"].empty_enabled).to eq(false)
+              expect(policy.options["errors"].enabled).to eq(false)
+              expect(policy.options["errors"].csrf_exception_enabled).to eq(false)
+              expect(policy.options["errors"].sql_exception_enabled).to eq(false)
+              expect(policy.options["database"].enabled).to eq(false)
 
               expect(policy.options["xss"].v1_compatability_enabled).to eq(false)
               expect(policy.options["sqli"].v1_compatability_enabled).to eq(false)
@@ -371,6 +419,9 @@ module TCellAgent
               expect(policy.options["nullbyte"]).to_not be_nil
               expect(policy.options["retr"]).to_not be_nil
               expect(policy.options["login"]).to_not be_nil
+              expect(policy.options["ua"]).to_not be_nil
+              expect(policy.options["errors"]).to_not be_nil
+              expect(policy.options["database"]).to_not be_nil
 
               expect(policy.options["req_size"].enabled).to eq(false)
               expect(policy.options["resp_size"].enabled).to eq(false)
@@ -382,6 +433,12 @@ module TCellAgent
               expect(policy.options["nullbyte"].enabled).to eq(false)
               expect(policy.options["retr"].enabled).to eq(false)
               expect(policy.options["login"].enabled).to eq(false)
+              expect(policy.options["ua"].enabled).to eq(false)
+              expect(policy.options["ua"].empty_enabled).to eq(false)
+              expect(policy.options["errors"].enabled).to eq(false)
+              expect(policy.options["errors"].csrf_exception_enabled).to eq(false)
+              expect(policy.options["errors"].sql_exception_enabled).to eq(false)
+              expect(policy.options["database"].enabled).to eq(false)
 
               expect(policy.options["xss"].v1_compatability_enabled).to eq(false)
               expect(policy.options["sqli"].v1_compatability_enabled).to eq(false)
@@ -442,12 +499,24 @@ module TCellAgent
                     "retr" => {
                          "patterns" => ["1","2"]
                     },
+                    "ua" => {
+                      "empty_enabled" => true,
+                    },
                     "login" => {
                         "lgnSccss_enabled" => true,
                         "lgnFlr_enabled" => true,
                         "psswdRstReq" => true,
                         "psswdRstAttmpt" => true,
                         "psswdRst" => true
+                    },
+                    "errors" => {
+                      "csrf_exception_enabled" => true,
+                      "sql_exception_enabled" => true
+                    },
+                    "database" => {
+                      "large_result" => {
+                        "limit" => 10
+                      }
                     }
                   }
                 }
@@ -466,6 +535,9 @@ module TCellAgent
               expect(policy.options["nullbyte"]).to_not be_nil
               expect(policy.options["retr"]).to_not be_nil
               expect(policy.options["login"]).to_not be_nil
+              expect(policy.options["ua"]).to_not be_nil
+              expect(policy.options["errors"]).to_not be_nil
+              expect(policy.options["database"]).to_not be_nil
 
               expect(policy.options["req_size"].enabled).to eq(true)
               expect(policy.options["resp_size"].enabled).to eq(true)
@@ -477,6 +549,13 @@ module TCellAgent
               expect(policy.options["nullbyte"].enabled).to eq(true)
               expect(policy.options["retr"].enabled).to eq(true)
               expect(policy.options["login"].enabled).to eq(true)
+              expect(policy.options["ua"].enabled).to eq(true)
+              expect(policy.options["ua"].empty_enabled).to eq(true)
+              expect(policy.options["errors"].enabled).to eq(true)
+              expect(policy.options["errors"].csrf_exception_enabled).to eq(true)
+              expect(policy.options["errors"].sql_exception_enabled).to eq(true)
+              expect(policy.options["database"].enabled).to eq(true)
+              expect(policy.options["database"].max_rows).to eq(10)
 
               expect(policy.options["xss"].v1_compatability_enabled).to eq(false)
               expect(policy.options["sqli"].v1_compatability_enabled).to eq(false)

data/spec/lib/tcell_agent/rails/better_ip_spec.rb

@@ -0,0 +1,76 @@
+require 'spec_helper'
+
+module TCellAgent
+  module Utils
+
+    describe ".better_ip" do
+
+      context "with reverse_proxy off" do
+        it "should return the normal ip" do
+          configuration = double("configuration")
+          request = double("request", ip: "127.0.0.0")
+
+          expect(TCellAgent).to receive(:configuration).and_return(configuration)
+          expect(configuration).to receive(:reverse_proxy).and_return(false)
+          expect(Rails.better_ip(request)).to eq("127.0.0.0")
+        end
+      end
+
+      context "with reverse_proxy on" do
+        context "with empty reverse_proxy_ip_address_header" do
+          it "should return normal ip" do
+            configuration = double("configuration")
+            request = double("request", ip: "127.0.0.0")
+            env = double("env")
+
+            expect(TCellAgent).to receive(:configuration).and_return(configuration)
+            expect(configuration).to receive(:reverse_proxy).and_return(true)
+            expect(TCellAgent).to receive(:configuration).and_return(configuration)
+            expect(configuration).to receive(:reverse_proxy_ip_address_header).and_return("")
+            expect(request).to receive(:env).and_return(env)
+            expect(env).to receive(:[]).with("HTTP_X_FORWARDED_FOR").and_return("")
+            expect(Rails.better_ip(request)).to eq("127.0.0.0")
+          end
+        end
+
+        context "with reverse_proxy_ip_address_header that doesn't exist" do
+          it "should return normal ip" do
+            configuration = double("configuration")
+            request = double("request", ip: "127.0.0.0")
+            env = double("env")
+
+            expect(TCellAgent).to receive(:configuration).and_return(configuration)
+            expect(configuration).to receive(:reverse_proxy).and_return(true)
+            expect(TCellAgent).to receive(:configuration).and_return(configuration)
+            expect(configuration).to receive(:reverse_proxy_ip_address_header).and_return(
+              "weird-http-proxy-header"
+            )
+            expect(request).to receive(:env).and_return(env)
+            expect(env).to receive(:[]).with("HTTP_WEIRD_HTTP_PROXY_HEADER").and_return(nil)
+            expect(Rails.better_ip(request)).to eq("127.0.0.0")
+          end
+        end
+
+        context "with reverse_proxy_ip_address_header that exists" do
+          it "should return proxied ip" do
+            configuration = double("configuration")
+            request = double("request", ip: "127.0.0.0")
+            env = double("env")
+
+            expect(TCellAgent).to receive(:configuration).and_return(configuration)
+            expect(configuration).to receive(:reverse_proxy).and_return(true)
+            expect(TCellAgent).to receive(:configuration).and_return(configuration)
+            expect(configuration).to receive(:reverse_proxy_ip_address_header).and_return(
+              "X-Real-IP"
+            )
+            expect(request).to receive(:env).and_return(env)
+            expect(env).to receive(:[]).with("HTTP_X_REAL_IP").and_return("192.168.99.100")
+            expect(Rails.better_ip(request)).to eq("192.168.99.100")
+          end
+        end
+      end
+
+    end
+
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tcell_agent
 version: !ruby/object:Gem::Version
-  version: 0.2.18
+  version: 0.2.19
 platform: ruby
 authors:
 - Garrett
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-06-08 00:00:00.000000000 Z
+date: 2016-07-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client
@@ -135,9 +135,11 @@ files:
 - lib/tcell_agent/instrumentation.rb
 - lib/tcell_agent/logger.rb
 - lib/tcell_agent/policies/appsensor/cmdi_sensor.rb
+- lib/tcell_agent/policies/appsensor/database_sensor.rb
 - lib/tcell_agent/policies/appsensor/fpt_sensor.rb
 - lib/tcell_agent/policies/appsensor/injection_sensor.rb
 - lib/tcell_agent/policies/appsensor/login_sensor.rb
+- lib/tcell_agent/policies/appsensor/misc_sensor.rb
 - lib/tcell_agent/policies/appsensor/nullbyte_sensor.rb
 - lib/tcell_agent/policies/appsensor/request_size_sensor.rb
 - lib/tcell_agent/policies/appsensor/response_codes_sensor.rb
@@ -146,6 +148,7 @@ files:
 - lib/tcell_agent/policies/appsensor/sensor.rb
 - lib/tcell_agent/policies/appsensor/size_sensor.rb
 - lib/tcell_agent/policies/appsensor/sqli_sensor.rb
+- lib/tcell_agent/policies/appsensor/user_agent_sensor.rb
 - lib/tcell_agent/policies/appsensor/xss_sensor.rb
 - lib/tcell_agent/policies/appsensor_policy.rb
 - lib/tcell_agent/policies/clickjacking_policy.rb
@@ -159,12 +162,15 @@ files:
 - lib/tcell_agent/policies/secure_headers_policy.rb
 - lib/tcell_agent/rails/auth/authlogic.rb
 - lib/tcell_agent/rails/auth/devise.rb
+- lib/tcell_agent/rails/better_ip.rb
+- lib/tcell_agent/rails/csrf_exception.rb
 - lib/tcell_agent/rails/dlp.rb
 - lib/tcell_agent/rails/middleware/body_filter_middleware.rb
 - lib/tcell_agent/rails/middleware/context_middleware.rb
 - lib/tcell_agent/rails/middleware/global_middleware.rb
 - lib/tcell_agent/rails/middleware/headers_middleware.rb
 - lib/tcell_agent/rails/on_start.rb
+- lib/tcell_agent/rails/path_parameters_setter.rb
 - lib/tcell_agent/rails/routes.rb
 - lib/tcell_agent/rails/settings_reporter.rb
 - lib/tcell_agent/rails.rb
@@ -251,14 +257,17 @@ files:
 - spec/lib/tcell_agent/configuration_spec.rb
 - spec/lib/tcell_agent/instrumentation_spec.rb
 - spec/lib/tcell_agent/policies/appsensor/cmdi_sensor_spec.rb
+- spec/lib/tcell_agent/policies/appsensor/database_sensor_spec.rb
 - spec/lib/tcell_agent/policies/appsensor/fpt_sensor_spec.rb
 - spec/lib/tcell_agent/policies/appsensor/login_sensor_spec.rb
+- spec/lib/tcell_agent/policies/appsensor/misc_sensor_spec.rb
 - spec/lib/tcell_agent/policies/appsensor/nullbyte_sensor_spec.rb
 - spec/lib/tcell_agent/policies/appsensor/request_size_sensor_spec.rb
 - spec/lib/tcell_agent/policies/appsensor/response_codes_sensor_spec.rb
 - spec/lib/tcell_agent/policies/appsensor/response_size_sensor_spec.rb
 - spec/lib/tcell_agent/policies/appsensor/retr_sensor_spec.rb
 - spec/lib/tcell_agent/policies/appsensor/sqli_sensor_spec.rb
+- spec/lib/tcell_agent/policies/appsensor/user_agent_sensor_spec.rb
 - spec/lib/tcell_agent/policies/appsensor/xss_sensor_spec.rb
 - spec/lib/tcell_agent/policies/appsensor_policy_spec.rb
 - spec/lib/tcell_agent/policies/clickjacking_policy_spec.rb
@@ -270,6 +279,7 @@ files:
 - spec/lib/tcell_agent/policies/login_policy_spec.rb
 - spec/lib/tcell_agent/policies/patches_policy_spec.rb
 - spec/lib/tcell_agent/policies/secure_headers_policy_spec.rb
+- spec/lib/tcell_agent/rails/better_ip_spec.rb
 - spec/lib/tcell_agent/rails/logger_spec.rb
 - spec/lib/tcell_agent/rails/middleware/appsensor_middleware_spec.rb
 - spec/lib/tcell_agent/rails/middleware/dlp_middleware_spec.rb
@@ -375,14 +385,17 @@ test_files:
 - spec/lib/tcell_agent/configuration_spec.rb
 - spec/lib/tcell_agent/instrumentation_spec.rb
 - spec/lib/tcell_agent/policies/appsensor/cmdi_sensor_spec.rb
+- spec/lib/tcell_agent/policies/appsensor/database_sensor_spec.rb
 - spec/lib/tcell_agent/policies/appsensor/fpt_sensor_spec.rb
 - spec/lib/tcell_agent/policies/appsensor/login_sensor_spec.rb
+- spec/lib/tcell_agent/policies/appsensor/misc_sensor_spec.rb
 - spec/lib/tcell_agent/policies/appsensor/nullbyte_sensor_spec.rb
 - spec/lib/tcell_agent/policies/appsensor/request_size_sensor_spec.rb
 - spec/lib/tcell_agent/policies/appsensor/response_codes_sensor_spec.rb
 - spec/lib/tcell_agent/policies/appsensor/response_size_sensor_spec.rb
 - spec/lib/tcell_agent/policies/appsensor/retr_sensor_spec.rb
 - spec/lib/tcell_agent/policies/appsensor/sqli_sensor_spec.rb
+- spec/lib/tcell_agent/policies/appsensor/user_agent_sensor_spec.rb
 - spec/lib/tcell_agent/policies/appsensor/xss_sensor_spec.rb
 - spec/lib/tcell_agent/policies/appsensor_policy_spec.rb
 - spec/lib/tcell_agent/policies/clickjacking_policy_spec.rb
@@ -394,6 +407,7 @@ test_files:
 - spec/lib/tcell_agent/policies/login_policy_spec.rb
 - spec/lib/tcell_agent/policies/patches_policy_spec.rb
 - spec/lib/tcell_agent/policies/secure_headers_policy_spec.rb
+- spec/lib/tcell_agent/rails/better_ip_spec.rb
 - spec/lib/tcell_agent/rails/logger_spec.rb
 - spec/lib/tcell_agent/rails/middleware/appsensor_middleware_spec.rb
 - spec/lib/tcell_agent/rails/middleware/dlp_middleware_spec.rb