GuardianUnivalle-Benito-Yucra 0.1.15__py3-none-any.whl → 0.1.16__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of GuardianUnivalle-Benito-Yucra might be problematic. Click here for more details.

Files changed (6) hide show
  1. GuardianUnivalle_Benito_Yucra/detectores/detector_sql.py +11 -4
  2. {guardianunivalle_benito_yucra-0.1.15.dist-info → guardianunivalle_benito_yucra-0.1.16.dist-info}/METADATA +1 -1
  3. {guardianunivalle_benito_yucra-0.1.15.dist-info → guardianunivalle_benito_yucra-0.1.16.dist-info}/RECORD +6 -6
  4. {guardianunivalle_benito_yucra-0.1.15.dist-info → guardianunivalle_benito_yucra-0.1.16.dist-info}/WHEEL +0 -0
  5. {guardianunivalle_benito_yucra-0.1.15.dist-info → guardianunivalle_benito_yucra-0.1.16.dist-info}/licenses/LICENSE +0 -0
  6. {guardianunivalle_benito_yucra-0.1.15.dist-info → guardianunivalle_benito_yucra-0.1.16.dist-info}/top_level.txt +0 -0
GuardianUnivalle_Benito_Yucra/detectores/detector_sql.py CHANGED
@@ -139,25 +139,32 @@ def get_client_ip(request):
139
139
 
140
140
  class SQLIDefenseMiddleware(MiddlewareMixin):
141
141
  def process_request(self, request):
142
- excluded_paths = getattr(settings, "SQLI_DEFENSE_EXCLUDED_PATHS", [])
143
- if any(request.path.startswith(p) for p in excluded_paths):
142
+ # Obtener la IP del cliente
143
+ client_ip = get_client_ip(request)
144
+
145
+ # Obtener lista de IPs confiables desde settings
146
+ trusted_ips = getattr(settings, "SQLI_DEFENSE_TRUSTED_IPS", [])
147
+
148
+ # Si la IP está en la lista confiable, no hacemos nada
149
+ if client_ip in trusted_ips:
144
150
  return None
145
151
 
152
+ # Extraemos el texto de la petición
146
153
  text = extract_payload_text(request)
147
154
  if not text:
148
155
  return None
149
156
 
157
+ # Detectamos SQL Injection
150
158
  flagged, matches = detect_sqli_text(text)
151
159
  if flagged:
152
- client_ip = get_client_ip(request)
153
160
  logger.warning(
154
161
  f"Ataque SQL detectado desde IP {client_ip}: {matches}, payload: {text}"
155
162
  )
156
-
157
163
  return JsonResponse(
158
164
  {"mensaje": "Ataque detectado", "tipos": matches, "ip": client_ip},
159
165
  status=403,
160
166
  )
167
+
161
168
  return None
162
169
 
163
170
 
{guardianunivalle_benito_yucra-0.1.15.dist-info → guardianunivalle_benito_yucra-0.1.16.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: GuardianUnivalle-Benito-Yucra
3
- Version: 0.1.15
3
+ Version: 0.1.16
4
4
  Summary: Middleware y detectores de seguridad (SQLi, XSS, CSRF, DoS, Keylogger) para Django/Flask
5
5
  Author-email: Andres Benito Calle Yucra <benitoandrescalle035@gmail.com>
6
6
  License: MIT
{guardianunivalle_benito_yucra-0.1.15.dist-info → guardianunivalle_benito_yucra-0.1.16.dist-info}/RECORD RENAMED
@@ -7,14 +7,14 @@ GuardianUnivalle_Benito_Yucra/criptografia/kdf.py,sha256=_sbepEY1qHEKga0ExrX2WRg
7
7
  GuardianUnivalle_Benito_Yucra/detectores/detector_csrf.py,sha256=EAYfLkHuxGC5rXSu4mZJ4yZDCbwBpTX8xZWGKz7i5wA,692
8
8
  GuardianUnivalle_Benito_Yucra/detectores/detector_dos.py,sha256=lMWmCw6nccCEnek53nVjpoBCeiBqLdrSXxqRuI7VP2I,696
9
9
  GuardianUnivalle_Benito_Yucra/detectores/detector_keylogger.py,sha256=rEDG-Q_R56OsG2ypfHVBK7erolYjdvATnAxB3yvPXts,729
10
- GuardianUnivalle_Benito_Yucra/detectores/detector_sql.py,sha256=yBaJyZP13mN1IYhavzX2qb8AddzlVbFoUAUTxgZccHI,5841
10
+ GuardianUnivalle_Benito_Yucra/detectores/detector_sql.py,sha256=YTpQUTrGZPu_GMSt1kiQeZaSnqQBwQ9UMRUu2mQAWYs,6046
11
11
  GuardianUnivalle_Benito_Yucra/detectores/detector_xss.py,sha256=66V_xuxNOZEwluvWOT4-6pk5MJ3zWE1IwcVkBl7MZSg,719
12
12
  GuardianUnivalle_Benito_Yucra/middleware_web/middleware_web.py,sha256=23pLLYqliUoMrIC6ZEwz3hKXeDjWfHSm9vYPWGmDDik,495
13
13
  GuardianUnivalle_Benito_Yucra/mitigacion/limitador_peticion.py,sha256=ipMOebYhql-6mSyHs0ddYXOcXq9w8P_IXLlpiIqGncw,246
14
14
  GuardianUnivalle_Benito_Yucra/mitigacion/lista_bloqueo.py,sha256=6AYWII4mrmwCLHCvGTyoBxR4Oasr4raSHpFbVjqn7d8,193
15
15
  GuardianUnivalle_Benito_Yucra/puntuacion/puntuacion_amenaza.py,sha256=Wx5XfcII4oweLvZsTBEJ7kUc9pMpP5-36RfI5C5KJXo,561
16
- guardianunivalle_benito_yucra-0.1.15.dist-info/licenses/LICENSE,sha256=5e4IdL542v1E8Ft0A24GZjrxZeTsVK7XrS3mZEUhPtM,37
17
- guardianunivalle_benito_yucra-0.1.15.dist-info/METADATA,sha256=PKSr1QDnQBgB4YWIeg3lnIxQeLj-RoFQvmy7CeiLGsU,1893
18
- guardianunivalle_benito_yucra-0.1.15.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
19
- guardianunivalle_benito_yucra-0.1.15.dist-info/top_level.txt,sha256=HTWfZM64WAV_QYr5cnXnLuabQt92dvlxqlR3pCwpbDQ,30
20
- guardianunivalle_benito_yucra-0.1.15.dist-info/RECORD,,
16
+ guardianunivalle_benito_yucra-0.1.16.dist-info/licenses/LICENSE,sha256=5e4IdL542v1E8Ft0A24GZjrxZeTsVK7XrS3mZEUhPtM,37
17
+ guardianunivalle_benito_yucra-0.1.16.dist-info/METADATA,sha256=kRbYVXUib-W_0w5djy5GqeasNPG0RWeQccMdHooYKF8,1893
18
+ guardianunivalle_benito_yucra-0.1.16.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
19
+ guardianunivalle_benito_yucra-0.1.16.dist-info/top_level.txt,sha256=HTWfZM64WAV_QYr5cnXnLuabQt92dvlxqlR3pCwpbDQ,30
20
+ guardianunivalle_benito_yucra-0.1.16.dist-info/RECORD,,