GuardianUnivalle-Benito-Yucra 0.1.24__tar.gz → 0.1.25__tar.gz

{guardianunivalle_benito_yucra-0.1.24 → guardianunivalle_benito_yucra-0.1.25}/GuardianUnivalle_Benito_Yucra/detectores/detector_sql.py

@@ -59,56 +59,12 @@ def get_client_ip(request):
 
 
 class SQLIDefenseMiddleware(MiddlewareMixin):
-    def process_request(self, request):
-        # 1️⃣ Excluir rutas primero
-        exempt_paths = getattr(settings, "SQLI_DEFENSE_EXEMPT_PATHS", [])
-        if any(request.path.startswith(p) for p in exempt_paths):
-            return None  # No analizar payload
-
-        # 2️⃣ Verificar si viene de un origin confiable (Netlify u otros frontends)
-        trusted_origins = getattr(settings, "SQLI_DEFENSE_TRUSTED_ORIGINS", [])
-        request_origin = request.META.get("HTTP_ORIGIN", "")
-        if request_origin in trusted_origins:
-            return None  # Permitir solicitud confiable
-
-        # 3️⃣ Verificar IP confiable
-        client_ip = get_client_ip(request)
-        trusted_ips = getattr(settings, "SQLI_DEFENSE_TRUSTED_IPS", [])
-        if client_ip in trusted_ips:
-            return None
-
-        # 4️⃣ Analizar payload
-        text = extract_payload_text(request)
-        if not text:
-            return None
-
-        flagged, descripcion = detect_sql_attack(text)
-        if flagged:
-            request.sql_attack_info = {
-                "ip": client_ip,
-                "tipos": ["SQL"],
-                "descripcion": descripcion,
-                "payload": text,
-            }
-            logger.warning(
-                f"Ataque SQL detectado desde IP {client_ip}, origin {request_origin}: {descripcion}, payload: {text}"
-            )
-
-        return None
-
-
-""" class SQLIDefenseMiddleware(MiddlewareMixin):
     def process_request(self, request):
         client_ip = get_client_ip(request)
         trusted_ips = getattr(settings, "SQLI_DEFENSE_TRUSTED_IPS", [])
-        exempt_paths = getattr(settings, "SQLI_DEFENSE_EXEMPT_PATHS", [])
 
         if client_ip in trusted_ips:
             return None
-        # 2️⃣ Permitir rutas exentas
-        for path in exempt_paths:
-            if request.path.startswith(path):
-                return None
 
         text = extract_payload_text(request)
         if not text:
@@ -123,8 +79,10 @@ class SQLIDefenseMiddleware(MiddlewareMixin):
                 "descripcion": descripcion,
                 "payload": text,
             }
+
             logger.warning(
                 f"Ataque SQL detectado desde IP {client_ip}: {descripcion}, payload: {text}"
             )
+
             # No devolvemos JsonResponse, solo marcamos el ataque
-            return None """
+            return None

{guardianunivalle_benito_yucra-0.1.24 → guardianunivalle_benito_yucra-0.1.25}/GuardianUnivalle_Benito_Yucra.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: GuardianUnivalle-Benito-Yucra
-Version: 0.1.24
+Version: 0.1.25
 Summary: Middleware y detectores de seguridad (SQLi, XSS, CSRF, DoS, Keylogger) para Django/Flask
 Author-email: Andres Benito Calle Yucra <benitoandrescalle035@gmail.com>
 License: MIT

{guardianunivalle_benito_yucra-0.1.24 → guardianunivalle_benito_yucra-0.1.25}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: GuardianUnivalle-Benito-Yucra
-Version: 0.1.24
+Version: 0.1.25
 Summary: Middleware y detectores de seguridad (SQLi, XSS, CSRF, DoS, Keylogger) para Django/Flask
 Author-email: Andres Benito Calle Yucra <benitoandrescalle035@gmail.com>
 License: MIT

{guardianunivalle_benito_yucra-0.1.24 → guardianunivalle_benito_yucra-0.1.25}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "GuardianUnivalle-Benito-Yucra"  # usar mayúsculas consistente
-version = "0.1.24"
+version = "0.1.25"
 description = "Middleware y detectores de seguridad (SQLi, XSS, CSRF, DoS, Keylogger) para Django/Flask"
 authors = [
     { name = "Andres Benito Calle Yucra", email = "benitoandrescalle035@gmail.com" }