tcell_agent 2.7.0 → 2.7.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/tcell_agent/agent.rb +1 -2
- data/lib/tcell_agent/instrumentation.rb +0 -192
- data/lib/tcell_agent/policies/policies_manager.rb +1 -17
- data/lib/tcell_agent/policies/policy_polling.rb +1 -2
- data/lib/tcell_agent/policies/policy_types.rb +0 -1
- data/lib/tcell_agent/rails/database.rb +49 -0
- data/lib/tcell_agent/rails/middleware/headers_middleware.rb +1 -1
- data/lib/tcell_agent/rails/railties/tcell_agent_database_railties.rb +81 -0
- data/lib/tcell_agent/rails/railties/tcell_agent_railties.rb +0 -1
- data/lib/tcell_agent/rails/routes.rb +0 -8
- data/lib/tcell_agent/rust/libtcellagent-alpine.so +0 -0
- data/lib/tcell_agent/rust/libtcellagent-x64.dll +0 -0
- data/lib/tcell_agent/rust/libtcellagent.dylib +0 -0
- data/lib/tcell_agent/rust/libtcellagent.so +0 -0
- data/lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb +0 -17
- data/lib/tcell_agent/version.rb +1 -1
- data/lib/tcell_agent.rb +5 -3
- data/spec/lib/tcell_agent/policies/policies_manager_spec.rb +5 -16
- data/spec/lib/tcell_agent/rails/database.rb +60 -0
- data/spec/lib/tcell_agent/rails/middleware/tcell_body_proxy_spec.rb +2 -2
- data/spec/support/force_logger_mocking.rb +0 -8
- metadata +6 -16
- data/lib/tcell_agent/policies/dataloss_policy.rb +0 -304
- data/lib/tcell_agent/rails/dlp/process_request.rb +0 -83
- data/lib/tcell_agent/rails/dlp.rb +0 -410
- data/lib/tcell_agent/rails/dlp_handler.rb +0 -63
- data/lib/tcell_agent/sensor_events/dlp.rb +0 -53
- data/lib/tcell_agent/sinatra.rb +0 -38
- data/spec/lib/tcell_agent/policies/dataloss_policy_spec.rb +0 -222
- data/spec/lib/tcell_agent/rails/dlp_spec.rb +0 -1040
- data/spec/lib/tcell_agent/rails/logger_spec.rb +0 -169
- data/spec/lib/tcell_agent/sensor_events/dlp_spec.rb +0 -14
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: tcell_agent
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.7.
|
4
|
+
version: 2.7.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Rapid7, Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-09-26 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: ffi
|
@@ -125,7 +125,6 @@ files:
|
|
125
125
|
- lib/tcell_agent/patches.rb
|
126
126
|
- lib/tcell_agent/policies/appfirewall_policy.rb
|
127
127
|
- lib/tcell_agent/policies/command_injection_policy.rb
|
128
|
-
- lib/tcell_agent/policies/dataloss_policy.rb
|
129
128
|
- lib/tcell_agent/policies/headers_policy.rb
|
130
129
|
- lib/tcell_agent/policies/http_redirect_policy.rb
|
131
130
|
- lib/tcell_agent/policies/js_agent_policy.rb
|
@@ -145,14 +144,13 @@ files:
|
|
145
144
|
- lib/tcell_agent/rails/auth/userinfo.rb
|
146
145
|
- lib/tcell_agent/rails/better_ip.rb
|
147
146
|
- lib/tcell_agent/rails/csrf_exception.rb
|
148
|
-
- lib/tcell_agent/rails/
|
149
|
-
- lib/tcell_agent/rails/dlp/process_request.rb
|
150
|
-
- lib/tcell_agent/rails/dlp_handler.rb
|
147
|
+
- lib/tcell_agent/rails/database.rb
|
151
148
|
- lib/tcell_agent/rails/js_agent_insert.rb
|
152
149
|
- lib/tcell_agent/rails/middleware/body_filter_middleware.rb
|
153
150
|
- lib/tcell_agent/rails/middleware/context_middleware.rb
|
154
151
|
- lib/tcell_agent/rails/middleware/global_middleware.rb
|
155
152
|
- lib/tcell_agent/rails/middleware/headers_middleware.rb
|
153
|
+
- lib/tcell_agent/rails/railties/tcell_agent_database_railties.rb
|
156
154
|
- lib/tcell_agent/rails/railties/tcell_agent_railties.rb
|
157
155
|
- lib/tcell_agent/rails/railties/tcell_agent_unicorn_railties.rb
|
158
156
|
- lib/tcell_agent/rails/responses.rb
|
@@ -174,7 +172,6 @@ files:
|
|
174
172
|
- lib/tcell_agent/sensor_events/agent_setting_event.rb
|
175
173
|
- lib/tcell_agent/sensor_events/app_config_setting_event.rb
|
176
174
|
- lib/tcell_agent/sensor_events/discovery.rb
|
177
|
-
- lib/tcell_agent/sensor_events/dlp.rb
|
178
175
|
- lib/tcell_agent/sensor_events/sensor.rb
|
179
176
|
- lib/tcell_agent/sensor_events/server_agent.rb
|
180
177
|
- lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb
|
@@ -187,7 +184,6 @@ files:
|
|
187
184
|
- lib/tcell_agent/servers/unicorn.rb
|
188
185
|
- lib/tcell_agent/servers/webrick.rb
|
189
186
|
- lib/tcell_agent/settings_reporter.rb
|
190
|
-
- lib/tcell_agent/sinatra.rb
|
191
187
|
- lib/tcell_agent/tcell_context.rb
|
192
188
|
- lib/tcell_agent/utils/headers.rb
|
193
189
|
- lib/tcell_agent/utils/params.rb
|
@@ -209,7 +205,6 @@ files:
|
|
209
205
|
- spec/lib/tcell_agent/policies/clickjacking_policy_spec.rb
|
210
206
|
- spec/lib/tcell_agent/policies/command_injection_policy_spec.rb
|
211
207
|
- spec/lib/tcell_agent/policies/content_security_policy_spec.rb
|
212
|
-
- spec/lib/tcell_agent/policies/dataloss_policy_spec.rb
|
213
208
|
- spec/lib/tcell_agent/policies/http_redirect_policy_spec.rb
|
214
209
|
- spec/lib/tcell_agent/policies/js_agent_policy_spec.rb
|
215
210
|
- spec/lib/tcell_agent/policies/login_policy_spec.rb
|
@@ -219,9 +214,8 @@ files:
|
|
219
214
|
- spec/lib/tcell_agent/policies/secure_headers_policy_spec.rb
|
220
215
|
- spec/lib/tcell_agent/rails/better_ip_spec.rb
|
221
216
|
- spec/lib/tcell_agent/rails/csrf_exception_spec.rb
|
222
|
-
- spec/lib/tcell_agent/rails/
|
217
|
+
- spec/lib/tcell_agent/rails/database.rb
|
223
218
|
- spec/lib/tcell_agent/rails/js_agent_insert_spec.rb
|
224
|
-
- spec/lib/tcell_agent/rails/logger_spec.rb
|
225
219
|
- spec/lib/tcell_agent/rails/middleware/tcell_body_proxy_spec.rb
|
226
220
|
- spec/lib/tcell_agent/rails/responses_spec.rb
|
227
221
|
- spec/lib/tcell_agent/rails/routes/grape_spec.rb
|
@@ -229,7 +223,6 @@ files:
|
|
229
223
|
- spec/lib/tcell_agent/rails/routes/routes_spec.rb
|
230
224
|
- spec/lib/tcell_agent/rails_spec.rb
|
231
225
|
- spec/lib/tcell_agent/rust/agent_config_spec.rb
|
232
|
-
- spec/lib/tcell_agent/sensor_events/dlp_spec.rb
|
233
226
|
- spec/lib/tcell_agent/sensor_events/util/sanitizer_utilities_spec.rb
|
234
227
|
- spec/lib/tcell_agent/settings_reporter_spec.rb
|
235
228
|
- spec/lib/tcell_agent/tcell_context_spec.rb
|
@@ -293,7 +286,6 @@ test_files:
|
|
293
286
|
- spec/lib/tcell_agent/policies/clickjacking_policy_spec.rb
|
294
287
|
- spec/lib/tcell_agent/policies/command_injection_policy_spec.rb
|
295
288
|
- spec/lib/tcell_agent/policies/content_security_policy_spec.rb
|
296
|
-
- spec/lib/tcell_agent/policies/dataloss_policy_spec.rb
|
297
289
|
- spec/lib/tcell_agent/policies/http_redirect_policy_spec.rb
|
298
290
|
- spec/lib/tcell_agent/policies/js_agent_policy_spec.rb
|
299
291
|
- spec/lib/tcell_agent/policies/login_policy_spec.rb
|
@@ -303,9 +295,8 @@ test_files:
|
|
303
295
|
- spec/lib/tcell_agent/policies/secure_headers_policy_spec.rb
|
304
296
|
- spec/lib/tcell_agent/rails/better_ip_spec.rb
|
305
297
|
- spec/lib/tcell_agent/rails/csrf_exception_spec.rb
|
306
|
-
- spec/lib/tcell_agent/rails/
|
298
|
+
- spec/lib/tcell_agent/rails/database.rb
|
307
299
|
- spec/lib/tcell_agent/rails/js_agent_insert_spec.rb
|
308
|
-
- spec/lib/tcell_agent/rails/logger_spec.rb
|
309
300
|
- spec/lib/tcell_agent/rails/middleware/tcell_body_proxy_spec.rb
|
310
301
|
- spec/lib/tcell_agent/rails/responses_spec.rb
|
311
302
|
- spec/lib/tcell_agent/rails/routes/grape_spec.rb
|
@@ -313,7 +304,6 @@ test_files:
|
|
313
304
|
- spec/lib/tcell_agent/rails/routes/routes_spec.rb
|
314
305
|
- spec/lib/tcell_agent/rails_spec.rb
|
315
306
|
- spec/lib/tcell_agent/rust/agent_config_spec.rb
|
316
|
-
- spec/lib/tcell_agent/sensor_events/dlp_spec.rb
|
317
307
|
- spec/lib/tcell_agent/sensor_events/util/sanitizer_utilities_spec.rb
|
318
308
|
- spec/lib/tcell_agent/settings_reporter_spec.rb
|
319
309
|
- spec/lib/tcell_agent/tcell_context_spec.rb
|
@@ -1,304 +0,0 @@
|
|
1
|
-
require 'set'
|
2
|
-
require 'tcell_agent/policies/policy'
|
3
|
-
|
4
|
-
module TCellAgent
|
5
|
-
module Policies
|
6
|
-
class DataLossPolicy < Policy # rubocop:disable Metrics/ClassLength
|
7
|
-
def self.api_identifier
|
8
|
-
'dlp'
|
9
|
-
end
|
10
|
-
|
11
|
-
class FilterActions
|
12
|
-
attr_accessor :body_event
|
13
|
-
attr_accessor :body_redact
|
14
|
-
attr_accessor :body_hash
|
15
|
-
|
16
|
-
attr_accessor :log_event
|
17
|
-
attr_accessor :log_redact
|
18
|
-
attr_accessor :log_hash
|
19
|
-
|
20
|
-
attr_accessor :action_id
|
21
|
-
end
|
22
|
-
|
23
|
-
class RequestProtectionManager
|
24
|
-
FORM = 'form'.freeze
|
25
|
-
COOKIE = 'cookie'.freeze
|
26
|
-
HEADER = 'header'.freeze
|
27
|
-
end
|
28
|
-
|
29
|
-
attr_accessor :enabled
|
30
|
-
attr_accessor :session_id_filter_actions
|
31
|
-
attr_accessor :request_filter_actions
|
32
|
-
attr_accessor :database_filter_actions
|
33
|
-
|
34
|
-
attr_accessor :policy_id
|
35
|
-
|
36
|
-
attr_accessor :table_field_actions
|
37
|
-
attr_accessor :session_id_actions
|
38
|
-
attr_accessor :database_actions
|
39
|
-
|
40
|
-
attr_accessor :database_discovery_enabled
|
41
|
-
|
42
|
-
attr_accessor :field_redact_body
|
43
|
-
attr_accessor :field_alerts
|
44
|
-
|
45
|
-
def initialize(policies_json)
|
46
|
-
init_options
|
47
|
-
from_json(policies_json) unless policies_json.nil? || policies_json.empty?
|
48
|
-
end
|
49
|
-
|
50
|
-
def init_options
|
51
|
-
@enabled = false
|
52
|
-
@policy_id = nil
|
53
|
-
|
54
|
-
@table_field_actions = {}
|
55
|
-
@session_id_actions = []
|
56
|
-
|
57
|
-
@database_discovery_enabled = false
|
58
|
-
|
59
|
-
@field_redact_body = Set.new # ["work_infos.SSN"].to_set #
|
60
|
-
@field_alerts = Set.new
|
61
|
-
|
62
|
-
@session_id_filter_actions = nil
|
63
|
-
@request_filter_actions = {
|
64
|
-
RequestProtectionManager::FORM => Hash.new { |h, k| h[k] = Hash.new { |i_h, i_k| i_h[i_k] = Set.new } },
|
65
|
-
RequestProtectionManager::COOKIE => Hash.new { |h, k| h[k] = Hash.new { |i_h, i_k| i_h[i_k] = Set.new } },
|
66
|
-
RequestProtectionManager::HEADER => Hash.new { |h, k| h[k] = Hash.new { |i_h, i_k| i_h[i_k] = Set.new } }
|
67
|
-
}
|
68
|
-
@database_actions = Hash.new do |h, k|
|
69
|
-
h[k] = Hash.new do |d_h, d_k|
|
70
|
-
d_h[d_k] = Hash.new do |s_h, s_k|
|
71
|
-
s_h[s_k] = Hash.new do |t_h, t_k|
|
72
|
-
t_h[t_k] = Hash.new do |f_h, f_k|
|
73
|
-
f_h[f_k] = Set.new
|
74
|
-
end
|
75
|
-
end
|
76
|
-
end
|
77
|
-
end
|
78
|
-
end
|
79
|
-
|
80
|
-
@log_actions = nil
|
81
|
-
end
|
82
|
-
|
83
|
-
def get_actions_for_session_id(_route_id = nil)
|
84
|
-
@session_id_filter_actions
|
85
|
-
end
|
86
|
-
|
87
|
-
def actions_for_form_parameter?
|
88
|
-
!@request_filter_actions[RequestProtectionManager::FORM].empty?
|
89
|
-
end
|
90
|
-
|
91
|
-
def actions_for_headers?
|
92
|
-
!@request_filter_actions[RequestProtectionManager::HEADER].empty?
|
93
|
-
end
|
94
|
-
|
95
|
-
def actions_for_cookie?
|
96
|
-
!@request_filter_actions[RequestProtectionManager::COOKIE].empty?
|
97
|
-
end
|
98
|
-
|
99
|
-
def get_actions_for_cookie(cookie_name, route_id = nil)
|
100
|
-
get_actions_for_request(RequestProtectionManager::COOKIE, cookie_name, route_id)
|
101
|
-
end
|
102
|
-
|
103
|
-
def get_actions_for_header(header_name, route_id = nil)
|
104
|
-
get_actions_for_request(RequestProtectionManager::HEADER, header_name.downcase, route_id)
|
105
|
-
end
|
106
|
-
|
107
|
-
def get_actions_for_form_parameter(parameter_name, route_id = nil)
|
108
|
-
get_actions_for_request(RequestProtectionManager::FORM, parameter_name.downcase, route_id)
|
109
|
-
end
|
110
|
-
|
111
|
-
def get_actions_for_request(context, variable, route_id = nil)
|
112
|
-
return nil if context.nil? || variable.nil?
|
113
|
-
|
114
|
-
route_id = '*' if route_id.nil?
|
115
|
-
if context != RequestProtectionManager::COOKIE
|
116
|
-
variable = variable.downcase
|
117
|
-
end
|
118
|
-
actions = Set.new
|
119
|
-
if @request_filter_actions.key?(context)
|
120
|
-
if @request_filter_actions[context].key?(route_id) && @request_filter_actions[context][route_id].key?(variable)
|
121
|
-
actions.merge(@request_filter_actions[context][route_id][variable])
|
122
|
-
end
|
123
|
-
if route_id != '*' && @request_filter_actions[context].key?('*') && @request_filter_actions[context]['*'].key?(variable)
|
124
|
-
actions.merge(@request_filter_actions[context]['*'][variable])
|
125
|
-
end
|
126
|
-
end
|
127
|
-
return nil if actions.size <= 0
|
128
|
-
|
129
|
-
actions
|
130
|
-
end
|
131
|
-
|
132
|
-
def get_actions_for_table(database, schema, table, field, route_id = '*')
|
133
|
-
route_id = '*' if route_id.nil?
|
134
|
-
actions = Set.new
|
135
|
-
[database, '*'].each do |d|
|
136
|
-
next if @database_actions.key?(d) == false
|
137
|
-
|
138
|
-
[schema, '*'].each do |s|
|
139
|
-
next if @database_actions[d].key?(s) == false
|
140
|
-
|
141
|
-
[table, '*'].each do |t|
|
142
|
-
next if @database_actions[d][s].key?(t) == false
|
143
|
-
|
144
|
-
[field, '*'].each do |f|
|
145
|
-
next if @database_actions[d][s][t].key?(f) == false
|
146
|
-
|
147
|
-
route_id_rules = @database_actions[d][s][t][f]
|
148
|
-
if route_id_rules.key?(route_id)
|
149
|
-
actions.merge(@database_actions[d][s][t][f][route_id])
|
150
|
-
end
|
151
|
-
if route_id != '*' && route_id_rules.key?('*')
|
152
|
-
actions.merge(@database_actions[d][s][t][f]['*'])
|
153
|
-
end
|
154
|
-
end
|
155
|
-
end
|
156
|
-
end
|
157
|
-
end
|
158
|
-
return nil if actions.empty?
|
159
|
-
|
160
|
-
actions
|
161
|
-
end
|
162
|
-
|
163
|
-
def get_actions_for(table, field)
|
164
|
-
actions = Set.new
|
165
|
-
key = "#{table}.#{field}"
|
166
|
-
actions.merge(@table_field_actions.fetch(key, [].to_set))
|
167
|
-
actions
|
168
|
-
end
|
169
|
-
|
170
|
-
def self.actions_from_json(options)
|
171
|
-
actions = nil
|
172
|
-
if options.key?('log')
|
173
|
-
if options['log'].include? 'redact'
|
174
|
-
actions ||= FilterActions.new
|
175
|
-
actions.log_redact = true
|
176
|
-
end
|
177
|
-
if options['log'].include? 'event'
|
178
|
-
actions ||= FilterActions.new
|
179
|
-
actions.log_event = true
|
180
|
-
end
|
181
|
-
if options['log'].include? 'hash'
|
182
|
-
actions ||= FilterActions.new
|
183
|
-
actions.log_hash = true
|
184
|
-
end
|
185
|
-
end
|
186
|
-
if options.key?('body')
|
187
|
-
if options['body'].include? 'redact'
|
188
|
-
actions ||= FilterActions.new
|
189
|
-
actions.body_redact = true
|
190
|
-
end
|
191
|
-
if options['body'].include? 'event'
|
192
|
-
actions ||= FilterActions.new
|
193
|
-
actions.body_event = true
|
194
|
-
end
|
195
|
-
if options['body'].include? 'hash'
|
196
|
-
actions ||= FilterActions.new
|
197
|
-
actions.body_hash = true
|
198
|
-
end
|
199
|
-
end
|
200
|
-
actions
|
201
|
-
end
|
202
|
-
|
203
|
-
def from_json(policy_json)
|
204
|
-
return unless policy_json
|
205
|
-
|
206
|
-
@policy_id = policy_json['policy_id']
|
207
|
-
raise 'Policy ID missing' unless @policy_id
|
208
|
-
|
209
|
-
data_json = (policy_json['data'] || {})
|
210
|
-
|
211
|
-
if data_json.key?('data_discovery')
|
212
|
-
data_discovery_json = data_json['data_discovery']
|
213
|
-
@database_discovery_enabled = data_discovery_json.fetch('database_enabled', false)
|
214
|
-
@enabled = @database_discovery_enabled
|
215
|
-
end
|
216
|
-
|
217
|
-
if data_json.key?('session_id_protections')
|
218
|
-
session_id_protection = data_json['session_id_protections']
|
219
|
-
rule_id = session_id_protection.fetch('id', nil)
|
220
|
-
filter_actions = DataLossPolicy.actions_from_json(session_id_protection)
|
221
|
-
unless filter_actions.nil?
|
222
|
-
@enabled = true
|
223
|
-
filter_actions.action_id = rule_id
|
224
|
-
@session_id_filter_actions = filter_actions
|
225
|
-
end
|
226
|
-
end
|
227
|
-
|
228
|
-
if data_json.key?('request_protections')
|
229
|
-
data_json['request_protections'].each do |protection|
|
230
|
-
context = protection.fetch('variable_context', nil)
|
231
|
-
variables = protection.fetch('variables', nil)
|
232
|
-
scope = protection.fetch('scope', 'global')
|
233
|
-
rule_id = protection.fetch('id', nil)
|
234
|
-
options = protection.fetch('actions', nil)
|
235
|
-
route_ids = []
|
236
|
-
|
237
|
-
if scope == 'global'
|
238
|
-
route_ids = ['*']
|
239
|
-
elsif scope == 'route'
|
240
|
-
route_ids = protection.fetch('route_ids', [])
|
241
|
-
else
|
242
|
-
next
|
243
|
-
end
|
244
|
-
|
245
|
-
next unless context && @request_filter_actions.key?(context) && variables && options
|
246
|
-
|
247
|
-
filter_actions = DataLossPolicy.actions_from_json(options)
|
248
|
-
next if filter_actions.nil?
|
249
|
-
|
250
|
-
@enabled = true
|
251
|
-
filter_actions.action_id = rule_id
|
252
|
-
variables.each do |variable|
|
253
|
-
route_ids.each do |route_id|
|
254
|
-
if context == RequestProtectionManager::COOKIE
|
255
|
-
# Case sensitive variable name
|
256
|
-
@request_filter_actions[context][route_id][variable].add(filter_actions)
|
257
|
-
else
|
258
|
-
@request_filter_actions[context][route_id][variable.downcase].add(filter_actions)
|
259
|
-
end
|
260
|
-
end
|
261
|
-
end
|
262
|
-
end
|
263
|
-
end
|
264
|
-
|
265
|
-
return unless data_json.key?('db_protections')
|
266
|
-
|
267
|
-
protections = data_json['db_protections']
|
268
|
-
return unless protections
|
269
|
-
|
270
|
-
protections.each do |protection_json|
|
271
|
-
scope = protection_json.fetch('scope', nil)
|
272
|
-
databases = protection_json.fetch('databases', ['*'])
|
273
|
-
schemas = protection_json.fetch('schemas', ['*'])
|
274
|
-
tables = protection_json.fetch('tables', ['*'])
|
275
|
-
fields = protection_json.fetch('fields', nil)
|
276
|
-
rule_id = protection_json.fetch('id', nil)
|
277
|
-
actions = protection_json.fetch('actions', {})
|
278
|
-
filter_actions = DataLossPolicy.actions_from_json(actions)
|
279
|
-
route_ids = ['*']
|
280
|
-
|
281
|
-
if !scope.nil? && scope != 'global' && scope == 'route'
|
282
|
-
route_ids = protection_json.fetch('route_ids', [])
|
283
|
-
end
|
284
|
-
|
285
|
-
next if fields.nil? || filter_actions.nil?
|
286
|
-
|
287
|
-
@enabled = true
|
288
|
-
filter_actions.action_id = rule_id
|
289
|
-
databases.each do |database|
|
290
|
-
schemas.each do |schema|
|
291
|
-
tables.each do |table|
|
292
|
-
fields.each do |field|
|
293
|
-
route_ids.each do |route_id|
|
294
|
-
@database_actions[database][schema][table][field][route_id].add(filter_actions)
|
295
|
-
end
|
296
|
-
end
|
297
|
-
end
|
298
|
-
end
|
299
|
-
end
|
300
|
-
end
|
301
|
-
end
|
302
|
-
end
|
303
|
-
end
|
304
|
-
end
|
@@ -1,83 +0,0 @@
|
|
1
|
-
module TCellAgent
|
2
|
-
module DLP
|
3
|
-
def self.handle_request_dlp_parameters(request)
|
4
|
-
TCellAgent::Instrumentation.safe_block('Handling Dataexposure (request forms)') do
|
5
|
-
_handle_dataexpsure_forms(request)
|
6
|
-
end
|
7
|
-
|
8
|
-
TCellAgent::Instrumentation.safe_block('Handling Dataexposure (request headers)') do
|
9
|
-
_handle_dataexpsure_headers(request)
|
10
|
-
end
|
11
|
-
|
12
|
-
TCellAgent::Instrumentation.safe_block('Handling Dataexposure (request cookies)') do
|
13
|
-
_handler_dataexposure_cookies(request)
|
14
|
-
end
|
15
|
-
end
|
16
|
-
|
17
|
-
def self.loop_params_hash(method, param_hash, &block)
|
18
|
-
param_hash.each do |param_name, param_value|
|
19
|
-
if param_value && param_value.is_a?(Hash)
|
20
|
-
loop_params_hash(method, param_value, &block)
|
21
|
-
elsif !param_value || !param_value.instance_of?(String) || param_value == ''
|
22
|
-
next
|
23
|
-
else
|
24
|
-
block.call(method, param_name, param_value)
|
25
|
-
end
|
26
|
-
end
|
27
|
-
end
|
28
|
-
|
29
|
-
def self.for_params(request, &block)
|
30
|
-
get_params = request.GET
|
31
|
-
loop_params_hash('get', get_params, &block) if get_params
|
32
|
-
post_params = request.POST
|
33
|
-
loop_params_hash('post', post_params, &block) if post_params
|
34
|
-
end
|
35
|
-
|
36
|
-
def self._handle_dataexpsure_forms(request)
|
37
|
-
dataex_policy = TCellAgent.policy(TCellAgent::PolicyTypes::DATALOSS)
|
38
|
-
tcell_context = request.env[TCellAgent::Instrumentation::TCELL_ID]
|
39
|
-
return unless tcell_context && dataex_policy && dataex_policy.actions_for_form_parameter?
|
40
|
-
|
41
|
-
for_params(request) do |_method, param_name, param_value|
|
42
|
-
actions = dataex_policy.get_actions_for_form_parameter(param_name, tcell_context.route_id)
|
43
|
-
if actions
|
44
|
-
actions.each do |action|
|
45
|
-
tcell_context.add_filter_for_request_parameter(param_value, action, param_name)
|
46
|
-
end
|
47
|
-
end
|
48
|
-
end
|
49
|
-
end
|
50
|
-
|
51
|
-
def self._handle_dataexpsure_headers(request)
|
52
|
-
dataex_policy = TCellAgent.policy(TCellAgent::PolicyTypes::DATALOSS)
|
53
|
-
tcell_context = request.env[TCellAgent::Instrumentation::TCELL_ID]
|
54
|
-
return unless tcell_context && dataex_policy && dataex_policy.actions_for_headers?
|
55
|
-
|
56
|
-
headers = request.env.select { |k, _v| k.start_with? 'HTTP_' }
|
57
|
-
headers.each do |header_name, header_value|
|
58
|
-
header_name = header_name.sub(/^HTTP_/, '').tr('_', '-')
|
59
|
-
actions = dataex_policy.get_actions_for_header(header_name)
|
60
|
-
next unless actions
|
61
|
-
|
62
|
-
actions.each do |action|
|
63
|
-
tcell_context.add_filter_for_header_value(header_value, action, header_name)
|
64
|
-
end
|
65
|
-
end
|
66
|
-
end
|
67
|
-
|
68
|
-
def self._handler_dataexposure_cookies(request)
|
69
|
-
dataex_policy = TCellAgent.policy(TCellAgent::PolicyTypes::DATALOSS)
|
70
|
-
tcell_context = request.env[TCellAgent::Instrumentation::TCELL_ID]
|
71
|
-
return unless tcell_context && dataex_policy && dataex_policy.actions_for_cookie?
|
72
|
-
|
73
|
-
request.cookies.each do |cookie_name, cookie_value|
|
74
|
-
actions = dataex_policy.get_actions_for_cookie(cookie_name)
|
75
|
-
next unless actions
|
76
|
-
|
77
|
-
actions.each do |action|
|
78
|
-
tcell_context.add_filter_for_cookie_value(cookie_value, action, cookie_name)
|
79
|
-
end
|
80
|
-
end
|
81
|
-
end
|
82
|
-
end
|
83
|
-
end
|