Class: Contrast::Agent::Protect::Rule::NoSqli::MongoNoSqlScanner Deprecated

Inherits:

DefaultScanner

Object
DefaultScanner
Contrast::Agent::Protect::Rule::NoSqli::MongoNoSqlScanner

show all

Defined in:: lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb

Overview

Deprecated.

RUBY-356

The Mongo specific NoSQL scanner, used by the NoSQLI rule to determine if a NoSQL attack was performed against a Mongo database.

Constant Summary

Constants inherited from DefaultScanner

DefaultScanner::OPERATOR_PATTERN

Instance Method Summary collapse

#double_quote_escape_in_double_quote? ⇒ Boolean

Indicates if ‘“”’ inside of double quotes is the equivalent of ‘"’.
#start_block_comment?(_char, _index, _query) ⇒ Boolean
#start_line_comment?(char, index, query) ⇒ Boolean

Is the current & next character ‘//’ or are the current and subsequent characters ‘<–’ ?.

Methods inherited from DefaultScanner

#crosses_boundary, #double_quote?, #end_block_comment?, #escape_char?, #escape_sequence_end?, #escape_sequence_start?, #find_block_comment_boundary, #find_escape_sequence_boundary, #find_new_line_boundary, #operator?, #process_double_quote, #process_expecting_token, #process_inside_token, #process_number, #process_single_quote, #process_state, #scan_token_boundaries, #singe_quote_escape_in_singe_quote?, #single_quote?, #token_boundaries

Instance Method Details

#double_quote_escape_in_double_quote? ⇒ `Boolean`

Indicates if ‘“”’ inside of double quotes is the equivalent of ‘"’

Returns:

(Boolean)



33
34
35

# File 'lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb', line 33

def double_quote_escape_in_double_quote?
  true
end

#start_block_comment?(_char, _index, _query) ⇒ `Boolean`

Returns:

(Boolean)



28
29
30

# File 'lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb', line 28

def start_block_comment? _char, _index, _query
  false
end

#start_line_comment?(char, index, query) ⇒ `Boolean`

Is the current & next character ‘//’ or are the current and subsequent characters ‘<–’ ?

Returns:

(Boolean)

# File 'lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb', line 16

def start_line_comment? char, index, query
  if char == Contrast::Utils::ObjectShare::SLASH &&
        query[index + 1] == Contrast::Utils::ObjectShare::SLASH

    return true
  end

  char == Contrast::Utils::ObjectShare::LEFT_ANGLE &&
      query[index + 1] == Contrast::Utils::ObjectShare::DASH &&
      query[index + 2] == Contrast::Utils::ObjectShare::DASH
end

Class: Contrast::Agent::Protect::Rule::NoSqli::MongoNoSqlScanner Deprecated

Overview

Constant Summary

Constants inherited from DefaultScanner

Instance Method Summary collapse

Methods inherited from DefaultScanner

Instance Method Details

#double_quote_escape_in_double_quote? ⇒ Boolean

#start_block_comment?(_char, _index, _query) ⇒ Boolean

#start_line_comment?(char, index, query) ⇒ Boolean

#double_quote_escape_in_double_quote? ⇒ `Boolean`

#start_block_comment?(_char, _index, _query) ⇒ `Boolean`

#start_line_comment?(char, index, query) ⇒ `Boolean`