GuardianUnivalle-Benito-Yucra 0.1.10__py3-none-any.whl → 0.1.11__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of GuardianUnivalle-Benito-Yucra might be problematic. Click here for more details.

Files changed (6) hide show
  1. GuardianUnivalle_Benito_Yucra/detectores/detector_sql.py +6 -14
  2. {guardianunivalle_benito_yucra-0.1.10.dist-info → guardianunivalle_benito_yucra-0.1.11.dist-info}/METADATA +1 -1
  3. {guardianunivalle_benito_yucra-0.1.10.dist-info → guardianunivalle_benito_yucra-0.1.11.dist-info}/RECORD +6 -6
  4. {guardianunivalle_benito_yucra-0.1.10.dist-info → guardianunivalle_benito_yucra-0.1.11.dist-info}/WHEEL +0 -0
  5. {guardianunivalle_benito_yucra-0.1.10.dist-info → guardianunivalle_benito_yucra-0.1.11.dist-info}/licenses/LICENSE +0 -0
  6. {guardianunivalle_benito_yucra-0.1.10.dist-info → guardianunivalle_benito_yucra-0.1.11.dist-info}/top_level.txt +0 -0
GuardianUnivalle_Benito_Yucra/detectores/detector_sql.py CHANGED
@@ -143,17 +143,14 @@ class SQLIDefenseStrongMiddleware(MiddlewareMixin):
143
143
  def process_request(self, request):
144
144
  path = request.path or ""
145
145
  client_ip = get_client_ip(request)
146
- if any(
147
- request.path.startswith(p)
148
- for p in getattr(settings, "SQL_DEFENSE_EXEMPT_PATHS", [])
149
- ):
150
- return None
151
- # 1) Si la ruta está exenta -> no inspeccionar
146
+
147
+ # 1) Rutas exentas
148
+ EXEMPT_PATHS = getattr(settings, "SQLI_EXEMPT_PATHS", [])
152
149
  for p in EXEMPT_PATHS:
153
150
  if path.startswith(p):
154
151
  return None
155
152
 
156
- # 2) Si la IP está temporalmente bloqueada
153
+ # 2) IP bloqueada temporalmente
157
154
  if client_ip in TEMP_BLOCK:
158
155
  if time.time() - TEMP_BLOCK[client_ip] < BLOCK_DURATION:
159
156
  logger.warning(f"IP bloqueada temporalmente: {client_ip}")
@@ -163,17 +160,12 @@ class SQLIDefenseStrongMiddleware(MiddlewareMixin):
163
160
  else:
164
161
  del TEMP_BLOCK[client_ip]
165
162
 
166
- # 3) Bypass: JWT válido o token firmado corto (p. ej. inmediatamente después del login)
167
- if is_valid_jwt(request):
168
- return None
169
- if is_valid_signed_bypass(request):
170
- return None
171
-
172
- # 4) Detectar SQLi
163
+ # 3) Extraer payload
173
164
  text = extract_payload_text(request)
174
165
  if not text:
175
166
  return None
176
167
 
168
+ # 4) Detectar SQLi
177
169
  flagged, matches = detect_sqli_text(text)
178
170
  if flagged:
179
171
  TEMP_BLOCK[client_ip] = time.time()
{guardianunivalle_benito_yucra-0.1.10.dist-info → guardianunivalle_benito_yucra-0.1.11.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: GuardianUnivalle-Benito-Yucra
3
- Version: 0.1.10
3
+ Version: 0.1.11
4
4
  Summary: Middleware y detectores de seguridad (SQLi, XSS, CSRF, DoS, Keylogger) para Django/Flask
5
5
  Author-email: Andres Benito Calle Yucra <benitoandrescalle035@gmail.com>
6
6
  License: MIT
{guardianunivalle_benito_yucra-0.1.10.dist-info → guardianunivalle_benito_yucra-0.1.11.dist-info}/RECORD RENAMED
@@ -7,14 +7,14 @@ GuardianUnivalle_Benito_Yucra/criptografia/kdf.py,sha256=_sbepEY1qHEKga0ExrX2WRg
7
7
  GuardianUnivalle_Benito_Yucra/detectores/detector_csrf.py,sha256=EAYfLkHuxGC5rXSu4mZJ4yZDCbwBpTX8xZWGKz7i5wA,692
8
8
  GuardianUnivalle_Benito_Yucra/detectores/detector_dos.py,sha256=lMWmCw6nccCEnek53nVjpoBCeiBqLdrSXxqRuI7VP2I,696
9
9
  GuardianUnivalle_Benito_Yucra/detectores/detector_keylogger.py,sha256=rEDG-Q_R56OsG2ypfHVBK7erolYjdvATnAxB3yvPXts,729
10
- GuardianUnivalle_Benito_Yucra/detectores/detector_sql.py,sha256=meTgj5yIZNWpvaQxVL526p5d_fhmTeFsWc6_WO8N0ro,6434
10
+ GuardianUnivalle_Benito_Yucra/detectores/detector_sql.py,sha256=jyFZYi_VjEF6jvDuUmDOGo5D5IgTzDtprfyaAO-jypU,6095
11
11
  GuardianUnivalle_Benito_Yucra/detectores/detector_xss.py,sha256=66V_xuxNOZEwluvWOT4-6pk5MJ3zWE1IwcVkBl7MZSg,719
12
12
  GuardianUnivalle_Benito_Yucra/middleware_web/middleware_web.py,sha256=23pLLYqliUoMrIC6ZEwz3hKXeDjWfHSm9vYPWGmDDik,495
13
13
  GuardianUnivalle_Benito_Yucra/mitigacion/limitador_peticion.py,sha256=ipMOebYhql-6mSyHs0ddYXOcXq9w8P_IXLlpiIqGncw,246
14
14
  GuardianUnivalle_Benito_Yucra/mitigacion/lista_bloqueo.py,sha256=6AYWII4mrmwCLHCvGTyoBxR4Oasr4raSHpFbVjqn7d8,193
15
15
  GuardianUnivalle_Benito_Yucra/puntuacion/puntuacion_amenaza.py,sha256=Wx5XfcII4oweLvZsTBEJ7kUc9pMpP5-36RfI5C5KJXo,561
16
- guardianunivalle_benito_yucra-0.1.10.dist-info/licenses/LICENSE,sha256=5e4IdL542v1E8Ft0A24GZjrxZeTsVK7XrS3mZEUhPtM,37
17
- guardianunivalle_benito_yucra-0.1.10.dist-info/METADATA,sha256=xHOfMbH7ZnHOY_dSp9GlHHVnCkgsZJAdlpsq-Rh06XY,1893
18
- guardianunivalle_benito_yucra-0.1.10.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
19
- guardianunivalle_benito_yucra-0.1.10.dist-info/top_level.txt,sha256=HTWfZM64WAV_QYr5cnXnLuabQt92dvlxqlR3pCwpbDQ,30
20
- guardianunivalle_benito_yucra-0.1.10.dist-info/RECORD,,
16
+ guardianunivalle_benito_yucra-0.1.11.dist-info/licenses/LICENSE,sha256=5e4IdL542v1E8Ft0A24GZjrxZeTsVK7XrS3mZEUhPtM,37
17
+ guardianunivalle_benito_yucra-0.1.11.dist-info/METADATA,sha256=yvOtVZ2eIA8Ztxo2_FjVU97mGetiT8KEr1QQ1iDHExA,1893
18
+ guardianunivalle_benito_yucra-0.1.11.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
19
+ guardianunivalle_benito_yucra-0.1.11.dist-info/top_level.txt,sha256=HTWfZM64WAV_QYr5cnXnLuabQt92dvlxqlR3pCwpbDQ,30
20
+ guardianunivalle_benito_yucra-0.1.11.dist-info/RECORD,,