Class: Contrast::Agent::Protect::Rule::HttpMethodTampering

Inherits:
BaseService show all
Defined in:
lib/contrast/agent/protect/rule/http_method_tampering.rb

Overview

The Ruby implementation of the Protect HTTP Method Tampering rule.

Constant Summary collapse

NAME = 
'method-tampering'
STANDARD_METHODS = 
%w[GET HEAD POST PUT DELETE CONNECT OPTIONS TRACE PATCH].cs__freeze

Constants inherited from Base

Base::BLOCKING_MODES, Base::OFF, Base::POSTFILTER_MODES, Base::STACK_COLLECTION_RESULTS, Base::UNKNOWN_USER_INPUT

Instance Attribute Summary

Attributes inherited from Base

#mode

Instance Method Summary collapse

Methods inherited from BaseService

#block_message, #infilter?

Methods inherited from Base

#append_to_activity, #build_attack_with_match, #build_attack_without_match, #enabled?, #excluded?, #infilter, #infilter?, #initialize, #prefilter, #stream_safe?

Methods included from Components::Interface

included

Constructor Details

This class inherits a constructor from Contrast::Agent::Protect::Rule::Base

Instance Method Details

#nameObject 



15
16
17
 
# File 'lib/contrast/agent/protect/rule/http_method_tampering.rb', line 15

def name
  NAME
end

#postfilter(context) ⇒ Object 



19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
 
# File 'lib/contrast/agent/protect/rule/http_method_tampering.rb', line 19

def postfilter context
  return unless enabled? && POSTFILTER_MODES.include?(mode)
  return if normal_request?(context)

  # The only way to be here in postfilter with a result is if the rule mode was MONITOR
  ia_results = gather_ia_results(context)
  return if ia_results.empty?

  # does the status code start with 4 or 5? Rails responds with 404 (but java is checking 501)
  response_code = context&.response&.response_code
  return unless response_code

  method = ia_results.first.value
  result = if response_code.to_s.start_with?('4', '5')
             build_attack_without_match(
                 context,
                 nil,
                 nil,
                 method: method,
                 response_code: response_code)
           else
             build_attack_with_match(
                 context,
                 nil,
                 nil,
                 nil,
                 method: method,
                 response_code: response_code)
           end
  append_to_activity(context, result) if result
end