@contrast/protect 1.74.0 → 1.74.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/input-analysis/handlers.js +38 -30
- package/package.json +12 -12
|
@@ -20,6 +20,7 @@ const {
|
|
|
20
20
|
BLOCKING_MODES,
|
|
21
21
|
Rule,
|
|
22
22
|
ProtectRuleMode: { OFF, MONITOR },
|
|
23
|
+
identity,
|
|
23
24
|
isString,
|
|
24
25
|
traverseKeysAndValues,
|
|
25
26
|
traverseValues,
|
|
@@ -676,41 +677,48 @@ module.exports = Core.makeComponent({
|
|
|
676
677
|
const findingsForScoreAtom = {};
|
|
677
678
|
const valueToResultByRuleId = {};
|
|
678
679
|
|
|
679
|
-
Object.values(resultsMap).
|
|
680
|
-
|
|
681
|
-
|
|
682
|
-
|
|
683
|
-
|
|
684
|
-
|
|
685
|
-
|
|
686
|
-
|
|
687
|
-
|
|
688
|
-
|
|
680
|
+
const flattened = Object.values(resultsMap).flatMap(identity);
|
|
681
|
+
for (const result of flattened) {
|
|
682
|
+
const {
|
|
683
|
+
ruleId,
|
|
684
|
+
exploited,
|
|
685
|
+
score,
|
|
686
|
+
value,
|
|
687
|
+
key,
|
|
688
|
+
inputType
|
|
689
|
+
} = result;
|
|
690
|
+
if (
|
|
691
|
+
sourceContext.policy.getRuleMode(ruleId) !== MONITOR ||
|
|
692
|
+
exploited === true ||
|
|
693
|
+
score >= 90 ||
|
|
694
|
+
!probesRules.some((rule) => rule === ruleId) ||
|
|
695
|
+
inputType == InputType.UNKNOWN ||
|
|
696
|
+
flattened.some((maybeReported) => (
|
|
697
|
+
// remove chances of duplicate analysis for "similar" findings that
|
|
698
|
+
// would have already been reported for being blocked or exploited
|
|
699
|
+
maybeReported.value == result.value &&
|
|
700
|
+
maybeReported.inputType == result.inputType &&
|
|
701
|
+
maybeReported.key == result.key &&
|
|
702
|
+
(maybeReported.exploited || maybeReported.blocked)
|
|
703
|
+
))
|
|
704
|
+
) {
|
|
705
|
+
continue;
|
|
706
|
+
}
|
|
689
707
|
|
|
690
|
-
|
|
691
|
-
|
|
692
|
-
|
|
693
|
-
|
|
694
|
-
!probesRules.some((rule) => rule === ruleId) ||
|
|
695
|
-
inputType == InputType.UNKNOWN
|
|
696
|
-
) {
|
|
697
|
-
return;
|
|
708
|
+
const dataType = findingsForScoreRequest[inputType];
|
|
709
|
+
if (!dataType) {
|
|
710
|
+
if (!findingsForScoreAtom[value]) {
|
|
711
|
+
findingsForScoreAtom[value] = {};
|
|
698
712
|
}
|
|
699
713
|
|
|
700
|
-
|
|
701
|
-
|
|
702
|
-
|
|
703
|
-
findingsForScoreAtom[value] = {};
|
|
704
|
-
}
|
|
714
|
+
findingsForScoreAtom[value][inputType] = result;
|
|
715
|
+
continue;
|
|
716
|
+
}
|
|
705
717
|
|
|
706
|
-
|
|
707
|
-
|
|
708
|
-
|
|
718
|
+
dataType[key] = value;
|
|
719
|
+
valueToResultByRuleId[value] = result;
|
|
720
|
+
}
|
|
709
721
|
|
|
710
|
-
dataType[key] = value;
|
|
711
|
-
valueToResultByRuleId[value] = resultByRuleId;
|
|
712
|
-
});
|
|
713
|
-
});
|
|
714
722
|
const { ParameterValue, HeaderValue, CookieValue } = findingsForScoreRequest;
|
|
715
723
|
const results =
|
|
716
724
|
agentLib.scoreRequestConnect(
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@contrast/protect",
|
|
3
|
-
"version": "1.74.
|
|
3
|
+
"version": "1.74.1",
|
|
4
4
|
"description": "Contrast service providing framework-agnostic Protect support",
|
|
5
5
|
"license": "SEE LICENSE IN LICENSE",
|
|
6
6
|
"author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
|
|
@@ -21,17 +21,17 @@
|
|
|
21
21
|
},
|
|
22
22
|
"dependencies": {
|
|
23
23
|
"@contrast/agent-lib": "^9.1.0",
|
|
24
|
-
"@contrast/common": "1.41.
|
|
25
|
-
"@contrast/config": "1.57.
|
|
26
|
-
"@contrast/core": "1.62.
|
|
27
|
-
"@contrast/dep-hooks": "1.31.
|
|
28
|
-
"@contrast/esm-hooks": "2.37.
|
|
29
|
-
"@contrast/instrumentation": "1.41.
|
|
30
|
-
"@contrast/logger": "1.35.
|
|
31
|
-
"@contrast/patcher": "1.34.
|
|
32
|
-
"@contrast/rewriter": "1.39.
|
|
33
|
-
"@contrast/scopes": "1.32.
|
|
34
|
-
"@contrast/stack-trace-factory": "1.2.
|
|
24
|
+
"@contrast/common": "1.41.1",
|
|
25
|
+
"@contrast/config": "1.57.1",
|
|
26
|
+
"@contrast/core": "1.62.1",
|
|
27
|
+
"@contrast/dep-hooks": "1.31.1",
|
|
28
|
+
"@contrast/esm-hooks": "2.37.1",
|
|
29
|
+
"@contrast/instrumentation": "1.41.1",
|
|
30
|
+
"@contrast/logger": "1.35.1",
|
|
31
|
+
"@contrast/patcher": "1.34.1",
|
|
32
|
+
"@contrast/rewriter": "1.39.1",
|
|
33
|
+
"@contrast/scopes": "1.32.1",
|
|
34
|
+
"@contrast/stack-trace-factory": "1.2.1",
|
|
35
35
|
"async-hook-domain": "^4.0.1",
|
|
36
36
|
"ipaddr.js": "^2.0.1",
|
|
37
37
|
"on-finished": "^2.4.1",
|