@contrast/common 1.37.0 → 1.39.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/constants.d.ts +12 -4
- package/lib/constants.js +16 -7
- package/lib/types.d.ts +10 -1
- package/package.json +1 -1
package/lib/constants.d.ts
CHANGED
|
@@ -6,7 +6,7 @@ export declare enum Event {
|
|
|
6
6
|
ASSESS_DATAFLOW_FINDING = "assess-dataflow-findings",
|
|
7
7
|
ASSESS_DATAFLOW_SAFE_POSITIVE = "assess-dataflow-safe-positive",
|
|
8
8
|
ASSESS_RESPONSE_SCANNING_FINDING = "assess-response-scanning-findings",
|
|
9
|
-
|
|
9
|
+
ASSESS_CONFIGURATION_FINDING = "assess-configuration-findings",
|
|
10
10
|
ASSESS_CRYPTO_ANALYSIS_FINDING = "assess-crypto-analysis-finding",
|
|
11
11
|
LIBRARY = "library",
|
|
12
12
|
LIBRARY_USAGE = "library-usage",
|
|
@@ -60,9 +60,10 @@ export declare enum ResponseScanningRule {
|
|
|
60
60
|
XCONTENTTYPE_HEADER_MISSING = "xcontenttype-header-missing",
|
|
61
61
|
XXSPROTECTION_HEADER_DISABLED = "xxssprotection-header-disabled"
|
|
62
62
|
}
|
|
63
|
-
export declare enum
|
|
63
|
+
export declare enum ConfigurationRule {
|
|
64
64
|
HTTPONLY = "httponly",
|
|
65
|
-
SECURE_FLAG_MISSING = "secure-flag-missing"
|
|
65
|
+
SECURE_FLAG_MISSING = "secure-flag-missing",
|
|
66
|
+
GRAPHQL_INTROSPECTION = "graphql-introspection"
|
|
66
67
|
}
|
|
67
68
|
export declare enum InputType {
|
|
68
69
|
UNDEFINED_TYPE = "UNDEFINED_TYPE",
|
|
@@ -86,7 +87,8 @@ export declare enum InputType {
|
|
|
86
87
|
METHOD = "METHOD",
|
|
87
88
|
REQUEST = "REQUEST",
|
|
88
89
|
URL_PARAMETER = "URL_PARAMETER",
|
|
89
|
-
UNKNOWN = "UNKNOWN"
|
|
90
|
+
UNKNOWN = "UNKNOWN",
|
|
91
|
+
WEBSOCKET = "WEBSOCKET"
|
|
90
92
|
}
|
|
91
93
|
export declare enum ExclusionType {
|
|
92
94
|
BODY = "BODY",
|
|
@@ -96,6 +98,12 @@ export declare enum ExclusionType {
|
|
|
96
98
|
QUERYSTRING = "QUERYSTRING",
|
|
97
99
|
URL = "URL"
|
|
98
100
|
}
|
|
101
|
+
export declare enum RouteType {
|
|
102
|
+
HTTP = "HTTP",
|
|
103
|
+
MESSAGE_BROKER = "MESSAGE_BROKER",
|
|
104
|
+
MIDDLEWARE = "MIDDLEWARE",
|
|
105
|
+
RPC = "RPC"
|
|
106
|
+
}
|
|
99
107
|
export declare enum DataflowTag {
|
|
100
108
|
XML_ENCODED = "XML_ENCODED",
|
|
101
109
|
XML_DECODED = "XML_DECODED",
|
package/lib/constants.js
CHANGED
|
@@ -14,7 +14,7 @@
|
|
|
14
14
|
* way not consistent with the End User License Agreement.
|
|
15
15
|
*/
|
|
16
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
-
exports.URI_REGEXES = exports.symbols = exports.agentLibIDListTypes = exports.FS_METHODS = exports.BLOCKING_MODES = exports.ServerEnvironment = exports.DataflowTag = exports.ExclusionType = exports.InputType = exports.
|
|
17
|
+
exports.URI_REGEXES = exports.symbols = exports.agentLibIDListTypes = exports.FS_METHODS = exports.BLOCKING_MODES = exports.ServerEnvironment = exports.DataflowTag = exports.RouteType = exports.ExclusionType = exports.InputType = exports.ConfigurationRule = exports.ResponseScanningRule = exports.Rule = exports.ProtectRuleMode = exports.Event = void 0;
|
|
18
18
|
var Event;
|
|
19
19
|
(function (Event) {
|
|
20
20
|
// lifecycle
|
|
@@ -26,7 +26,7 @@ var Event;
|
|
|
26
26
|
Event["ASSESS_DATAFLOW_FINDING"] = "assess-dataflow-findings";
|
|
27
27
|
Event["ASSESS_DATAFLOW_SAFE_POSITIVE"] = "assess-dataflow-safe-positive";
|
|
28
28
|
Event["ASSESS_RESPONSE_SCANNING_FINDING"] = "assess-response-scanning-findings";
|
|
29
|
-
Event["
|
|
29
|
+
Event["ASSESS_CONFIGURATION_FINDING"] = "assess-configuration-findings";
|
|
30
30
|
Event["ASSESS_CRYPTO_ANALYSIS_FINDING"] = "assess-crypto-analysis-finding";
|
|
31
31
|
Event["LIBRARY"] = "library";
|
|
32
32
|
Event["LIBRARY_USAGE"] = "library-usage";
|
|
@@ -85,11 +85,12 @@ var ResponseScanningRule;
|
|
|
85
85
|
ResponseScanningRule["XCONTENTTYPE_HEADER_MISSING"] = "xcontenttype-header-missing";
|
|
86
86
|
ResponseScanningRule["XXSPROTECTION_HEADER_DISABLED"] = "xxssprotection-header-disabled";
|
|
87
87
|
})(ResponseScanningRule || (exports.ResponseScanningRule = ResponseScanningRule = {}));
|
|
88
|
-
var
|
|
89
|
-
(function (
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
88
|
+
var ConfigurationRule;
|
|
89
|
+
(function (ConfigurationRule) {
|
|
90
|
+
ConfigurationRule["HTTPONLY"] = "httponly";
|
|
91
|
+
ConfigurationRule["SECURE_FLAG_MISSING"] = "secure-flag-missing";
|
|
92
|
+
ConfigurationRule["GRAPHQL_INTROSPECTION"] = "graphql-introspection";
|
|
93
|
+
})(ConfigurationRule || (exports.ConfigurationRule = ConfigurationRule = {}));
|
|
93
94
|
var InputType;
|
|
94
95
|
(function (InputType) {
|
|
95
96
|
InputType["UNDEFINED_TYPE"] = "UNDEFINED_TYPE";
|
|
@@ -114,6 +115,7 @@ var InputType;
|
|
|
114
115
|
InputType["REQUEST"] = "REQUEST";
|
|
115
116
|
InputType["URL_PARAMETER"] = "URL_PARAMETER";
|
|
116
117
|
InputType["UNKNOWN"] = "UNKNOWN";
|
|
118
|
+
InputType["WEBSOCKET"] = "WEBSOCKET";
|
|
117
119
|
})(InputType || (exports.InputType = InputType = {}));
|
|
118
120
|
var ExclusionType;
|
|
119
121
|
(function (ExclusionType) {
|
|
@@ -124,6 +126,13 @@ var ExclusionType;
|
|
|
124
126
|
ExclusionType["QUERYSTRING"] = "QUERYSTRING";
|
|
125
127
|
ExclusionType["URL"] = "URL";
|
|
126
128
|
})(ExclusionType || (exports.ExclusionType = ExclusionType = {}));
|
|
129
|
+
var RouteType;
|
|
130
|
+
(function (RouteType) {
|
|
131
|
+
RouteType["HTTP"] = "HTTP";
|
|
132
|
+
RouteType["MESSAGE_BROKER"] = "MESSAGE_BROKER";
|
|
133
|
+
RouteType["MIDDLEWARE"] = "MIDDLEWARE";
|
|
134
|
+
RouteType["RPC"] = "RPC";
|
|
135
|
+
})(RouteType || (exports.RouteType = RouteType = {}));
|
|
127
136
|
var DataflowTag;
|
|
128
137
|
(function (DataflowTag) {
|
|
129
138
|
DataflowTag["XML_ENCODED"] = "XML_ENCODED";
|
package/lib/types.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { EventEmitter } from 'events';
|
|
2
2
|
import { ServerResponse } from 'node:http';
|
|
3
|
-
import { Event, ProtectRuleMode, Rule } from './constants';
|
|
3
|
+
import { Event, ProtectRuleMode, RouteType, Rule } from './constants';
|
|
4
4
|
export interface Installable {
|
|
5
5
|
install(...args: any[]): void | Promise<void>;
|
|
6
6
|
uninstall?(): void | Promise<void>;
|
|
@@ -335,6 +335,15 @@ export interface RouteInfo {
|
|
|
335
335
|
* @example "get"
|
|
336
336
|
*/
|
|
337
337
|
method?: string;
|
|
338
|
+
/**
|
|
339
|
+
* The HTTP framework being used.
|
|
340
|
+
* @example "express"
|
|
341
|
+
*/
|
|
342
|
+
framework: string;
|
|
343
|
+
/**
|
|
344
|
+
* The type of route that is being reported. Default should be RouteType.HTTP.
|
|
345
|
+
*/
|
|
346
|
+
type: RouteType;
|
|
338
347
|
/**
|
|
339
348
|
* URL for a route.
|
|
340
349
|
* @example "prefix/route/path"
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@contrast/common",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.39.0",
|
|
4
4
|
"description": "Shared constants and utilities for all Contrast Agent modules",
|
|
5
5
|
"license": "UNLICENSED",
|
|
6
6
|
"author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
|