uc3-dmp-id 0.0.11 → 0.0.12
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/uc3-dmp-id/finder.rb +10 -4
- data/lib/uc3-dmp-id/version.rb +1 -1
- data/lib/uc3-dmp-id/waf_analysis_2023-06-05.txt +73 -0
- metadata +2 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c0a0a7c8a7c2ec3b7bfdc0051c323b85ba6f7bb14aa0bc1f77e499b7682b3814
|
4
|
+
data.tar.gz: 9bb5fa376caa1d07bd243cebad4b5757771eb996a4723c200366c034fdf56b2c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8b8ff1171c5127af8fedbfe85bf2c74b4a61f25dc4bab73e42fa1903bbe36c9a20adb0f9db2b1906c6542f7172496ea9173b05c047b20392577d5cc9341002db
|
7
|
+
data.tar.gz: '079687ec9e07dddde7afcbcd9d1b6dc0b3606276f735e4040ca0183e378f1bc0c72017747d48dde140c32b922e7ce6825afc5b3961d6b93503ce4c2052226495'
|
data/lib/uc3-dmp-id/finder.rb
CHANGED
@@ -69,9 +69,12 @@ module Uc3DmpId
|
|
69
69
|
SK: s_key.nil? || s_key.strip.empty? ? Helper::DMP_LATEST_VERSION : s_key
|
70
70
|
}
|
71
71
|
)
|
72
|
-
return
|
72
|
+
return resp unless resp.is_a?(Hash)
|
73
73
|
|
74
|
-
|
74
|
+
dmp = resp['dmp'].nil? ? JSON.parse({ dmp: resp }.to_json) : resp
|
75
|
+
return nil if resp['dmp']['PK'].nil?
|
76
|
+
|
77
|
+
_append_versions(p_key: resp['dmp']['PK'], dmp: dmp, client: client, debug: debug)
|
75
78
|
end
|
76
79
|
|
77
80
|
# Attempt to find the DMP item by the provenance system's identifier
|
@@ -92,10 +95,13 @@ module Uc3DmpId
|
|
92
95
|
}
|
93
96
|
client = client.nil? ? Uc3DmpDynamo::Client.new(debug: debug) : client
|
94
97
|
resp = client.query(**args)
|
95
|
-
return resp
|
98
|
+
return resp unless resp.is_a?(Hash)
|
99
|
+
|
100
|
+
dmp = resp['dmp'].nil? ? JSON.parse({ dmp: resp }.to_json) : resp
|
101
|
+
return nil if resp['dmp']['PK'].nil?
|
96
102
|
|
97
103
|
# If we got a hit, fetch the DMP and return it.
|
98
|
-
by_pk(p_key:
|
104
|
+
by_pk(p_key: dmp['dmp']['PK'], s_key: dmp['dmp']['SK'])
|
99
105
|
end
|
100
106
|
# rubocop:enable Metrics/AbcSize
|
101
107
|
|
data/lib/uc3-dmp-id/version.rb
CHANGED
@@ -0,0 +1,73 @@
|
|
1
|
+
|
2
|
+
WAF analysis
|
3
|
+
===========================================================
|
4
|
+
|
5
|
+
AWS#AWSManagedRulesCommonRuleSet#NoUserAgent_HEADER
|
6
|
+
Action: REMOVE THIS RULE? I feel like this one will cause more harm then good
|
7
|
+
Blocking: /
|
8
|
+
/plans/98982
|
9
|
+
/nuclei.svg?fc9dz=x (about 100 times!)
|
10
|
+
/v1/metadata/private-networks
|
11
|
+
/latest/meta-data/
|
12
|
+
/computeMetadata/v1/project/
|
13
|
+
/dynamic/instance-identity/document
|
14
|
+
/openstack/latest
|
15
|
+
/metadata/v1.json
|
16
|
+
/opc/v1/instance
|
17
|
+
|
18
|
+
AWS#AWSManagedRulesCommonRuleSet#SizeRestrictions_BODY
|
19
|
+
Action: Add exclusion for this specific path!
|
20
|
+
Blocking: /Shibboleth.sso/SAML2/POST
|
21
|
+
|
22
|
+
AWS#AWSManagedRulesAdminProtectionRuleSet#AdminProtection_URIPATH
|
23
|
+
Action: Add exceptions for [/org/admin/, /org_admin/, /super_admin/, /paginable/plans/org_admin]. The others are
|
24
|
+
all illegitimate so we want to block them.
|
25
|
+
Blocking: /org/admin/users/98307/admin_update_permissions
|
26
|
+
/org/admin/users/admin_index
|
27
|
+
/paginable/plans/org_admin/[page]?[query_params]
|
28
|
+
/org_admin/plans
|
29
|
+
/org/admin/543/admin_edit
|
30
|
+
/org/admin/users/admin_index
|
31
|
+
/org/admin/guidance/2163/admin_update
|
32
|
+
/org_admin/templates/1967/phases/2144/sections/11313
|
33
|
+
/org/admin/17/admin_edit
|
34
|
+
/super_admin/users/77446/merge
|
35
|
+
|
36
|
+
/admin/
|
37
|
+
/admin/phpMyAdmin/server_import.php
|
38
|
+
/phpMyAdmin/server_import.php
|
39
|
+
/admin/pma/server_import.php
|
40
|
+
/miscadmin
|
41
|
+
/admin/server_import.php
|
42
|
+
/backend/admin/users?username=anonymous
|
43
|
+
/phpmyadmin/server_import.php
|
44
|
+
/admin/install.php
|
45
|
+
/admin/install/install.php
|
46
|
+
/wp-admin/install.php
|
47
|
+
/solr/admin/
|
48
|
+
/Admin/frmWelcome.aspx
|
49
|
+
/boaform/admin/formLogin?username=user&psd=user
|
50
|
+
|
51
|
+
|
52
|
+
AWS#AWSManagedRulesCommonRuleSet#UserAgent_BadBots_HEADER
|
53
|
+
Actions: Block them
|
54
|
+
Blocking: /public_templates?[query_params]
|
55
|
+
/robots.txt
|
56
|
+
/aab8
|
57
|
+
/aaa9
|
58
|
+
/dmptool-ui/SourceSans3VF-Italic.ttf.fd20af5b.woff2
|
59
|
+
/dmptool-ui/SourceSans3VF-Roman.ttf.99aa17fb.woff2
|
60
|
+
/assets/application-4551ebb71fffa2b6d576438af0e66620a4e84cb8431cdd25889e191eed0fae66.js
|
61
|
+
|
62
|
+
AWS#AWSManagedRulesAmazonIpReputationList#AWSManagedReconnaissanceList
|
63
|
+
Actions: Block them
|
64
|
+
Blocking: /
|
65
|
+
/.env
|
66
|
+
/header.php
|
67
|
+
|
68
|
+
AWS#AWSManagedRulesCommonRuleSet#CrossSiteScripting_BODY
|
69
|
+
Actions: Add exception for /answers/create_or_update (or better yet address it)
|
70
|
+
Blocking: /answers/create_or_update?question_id=17592
|
71
|
+
/content/crx/de/setPreferences.jsp;%0A.html?keymap=<svg/onload=confirm(document.domain)>//a&language=en
|
72
|
+
/7/0/33/1d/www.citysearch.com/search?what=x&where=place%22%3E%3Csvg+onload=confirm(document.domain)%3E
|
73
|
+
/etc/designs/xh1x.childrenlist.json//%3Csvg%20onload=alert%28document.domain%29%3E.html
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: uc3-dmp-id
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.12
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Brian Riley
|
@@ -127,6 +127,7 @@ files:
|
|
127
127
|
- lib/uc3-dmp-id/validator.rb
|
128
128
|
- lib/uc3-dmp-id/version.rb
|
129
129
|
- lib/uc3-dmp-id/versioner.rb
|
130
|
+
- lib/uc3-dmp-id/waf_analysis_2023-06-05.txt
|
130
131
|
homepage: https://github.com/CDLUC3/dmp-hub-cfn/blob/main/src/sam/gems/uc3-dmp-id
|
131
132
|
licenses:
|
132
133
|
- MIT
|