Module: Contrast::Agent::Protect::Policy::AppliesDeserializationRule
- Extended by:
- RuleApplicator
- Defined in:
- lib/contrast/agent/protect/policy/applies_deserialization_rule.rb
Overview
This Module is how we apply the Deserialization rule. It is called from our patches of the targeted methods in which deserialization occurs. It is responsible for deciding if the infilter methods of the rule should be invoked.
Class Method Summary collapse
- .apply_deserialization_command_check(command) ⇒ Object
- .invoke(_method, _exception, _properties, _object, args) ⇒ Object
Methods included from RuleApplicator
Methods included from Components::Interface
Class Method Details
.apply_deserialization_command_check(command) ⇒ Object
26 27 28 29 30 31 |
# File 'lib/contrast/agent/protect/policy/applies_deserialization_rule.rb', line 26 def apply_deserialization_command_check command return unless command return if skip_analysis? rule.check_command_scope(command) end |
.invoke(_method, _exception, _properties, _object, args) ⇒ Object
19 20 21 22 23 24 |
# File 'lib/contrast/agent/protect/policy/applies_deserialization_rule.rb', line 19 def invoke _method, _exception, _properties, _object, args return unless valid_input?(args) return if skip_analysis? rule.infilter(Contrast::Agent::REQUEST_TRACKER.current, args[0]) end |