Class: NewRelic::Security::Agent::Control::HTTPContext

Inherits:
Object
  • Object
show all
Defined in:
lib/newrelic_security/agent/control/http_context.rb

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(env) ⇒ HTTPContext

Returns a new instance of HTTPContext.



24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
 
# File 'lib/newrelic_security/agent/control/http_context.rb', line 24

def initialize(env)
  @time_stamp = current_time_millis
  @req = env.select { |key, _| CGI_VARIABLES.include? key}
  @method = @req[REQUEST_METHOD]
  @url = "#{@req[PATH_INFO]}?#{@req[QUERY_STRING]}"
  @headers = env.select { |key, _| key.include?(HTTP_) }
  @headers = @headers.transform_keys{ |key| key[5..-1].gsub(UNDERSCORE, HYPHEN).downcase }
  request = Rack::Request.new(env) unless env.empty?
					@params = request&.params
					@params&.each { |k, v| v.force_encoding(Encoding::UTF_8) if v.is_a?(String) }
  strio = env[RACK_INPUT]
  if strio.instance_of?(::StringIO)
						offset = strio.tell
						@body = strio.read(REQUEST_BODY_LIMIT * 1024) #after read, offset changes
						strio.seek(offset)
    # In case of Grape and Roda strio.read giving empty result, added below approach to handle such cases
    @body = strio.string if @body.nil? && strio.size > 0
  elsif defined?(::Rack) && defined?(::Rack::Lint::InputWrapper) && strio.instance_of?(::Rack::Lint::InputWrapper)
						@body = strio.read(REQUEST_BODY_LIMIT * 1024)
  elsif defined?(::Protocol::Rack::Input) && defined?(::Protocol::Rack::Input) && strio.instance_of?(::Protocol::Rack::Input)
    @body = strio.read(REQUEST_BODY_LIMIT * 1024)
  elsif defined?(::PhusionPassenger::Utils::TeeInput) && strio.instance_of?(::PhusionPassenger::Utils::TeeInput)
						@body = strio.read(REQUEST_BODY_LIMIT * 1024)
  end
  @data_truncated = @body && @body.size >= REQUEST_BODY_LIMIT * 1024
					strio&.rewind
					@body = @body.force_encoding(Encoding::UTF_8) if @body.is_a?(String)
  @custom_data_type = {}
  @cache = Hash.new
  @fuzz_files = ::Set.new
  @event_counter = 0
  @mutex = Mutex.new
  NewRelic::Security::Agent.agent.http_request_count.increment
  NewRelic::Security::Agent.agent.iast_client.completed_requests[@headers[NR_CSEC_PARENT_ID]] = [] if @headers.key?(NR_CSEC_PARENT_ID)
end

Instance Attribute Details

#bodyObject

Returns the value of attribute body.



22
23
24
 
# File 'lib/newrelic_security/agent/control/http_context.rb', line 22

def body
  @body
end

#cacheObject

Returns the value of attribute cache.



22
23
24
 
# File 'lib/newrelic_security/agent/control/http_context.rb', line 22

def cache
  @cache
end

#custom_data_typeObject

Returns the value of attribute custom_data_type.



22
23
24
 
# File 'lib/newrelic_security/agent/control/http_context.rb', line 22

def custom_data_type
  @custom_data_type
end

#data_truncatedObject

Returns the value of attribute data_truncated.



22
23
24
 
# File 'lib/newrelic_security/agent/control/http_context.rb', line 22

def data_truncated
  @data_truncated
end

#event_counterObject

Returns the value of attribute event_counter.



22
23
24
 
# File 'lib/newrelic_security/agent/control/http_context.rb', line 22

def event_counter
  @event_counter
end

#fuzz_filesObject

Returns the value of attribute fuzz_files.



22
23
24
 
# File 'lib/newrelic_security/agent/control/http_context.rb', line 22

def fuzz_files
  @fuzz_files
end

#headersObject

Returns the value of attribute headers.



22
23
24
 
# File 'lib/newrelic_security/agent/control/http_context.rb', line 22

def headers
  @headers
end

#methodObject

Returns the value of attribute method.



22
23
24
 
# File 'lib/newrelic_security/agent/control/http_context.rb', line 22

def method
  @method
end

#mutexObject

Returns the value of attribute mutex.



22
23
24
 
# File 'lib/newrelic_security/agent/control/http_context.rb', line 22

def mutex
  @mutex
end

#paramsObject

Returns the value of attribute params.



22
23
24
 
# File 'lib/newrelic_security/agent/control/http_context.rb', line 22

def params
  @params
end

#reqObject

Returns the value of attribute req.



22
23
24
 
# File 'lib/newrelic_security/agent/control/http_context.rb', line 22

def req
  @req
end

#routeObject

Returns the value of attribute route.



22
23
24
 
# File 'lib/newrelic_security/agent/control/http_context.rb', line 22

def route
  @route
end

#time_stampObject

Returns the value of attribute time_stamp.



22
23
24
 
# File 'lib/newrelic_security/agent/control/http_context.rb', line 22

def time_stamp
  @time_stamp
end

#urlObject

Returns the value of attribute url.



22
23
24
 
# File 'lib/newrelic_security/agent/control/http_context.rb', line 22

def url
  @url
end

Class Method Details

.get_contextObject 



64
65
66
 
# File 'lib/newrelic_security/agent/control/http_context.rb', line 64

def self.get_context
  ::NewRelic::Agent::Tracer.current_transaction.instance_variable_get(:@security_context_data) if ::NewRelic::Agent::Tracer.current_transaction.instance_variable_defined?(:@security_context_data)
end

.get_current_transactionObject 



76
77
78
 
# File 'lib/newrelic_security/agent/control/http_context.rb', line 76

def self.get_current_transaction
  ::NewRelic::Agent::Tracer.current_transaction
end

.reset_contextObject 



72
73
74
 
# File 'lib/newrelic_security/agent/control/http_context.rb', line 72

def self.reset_context
  ::NewRelic::Agent::Tracer.current_transaction.remove_instance_variable(:@security_context_data) if ::NewRelic::Agent::Tracer.current_transaction.instance_variable_defined?(:@security_context_data)
end

.set_context(env) ⇒ Object 



68
69
70
 
# File 'lib/newrelic_security/agent/control/http_context.rb', line 68

def self.set_context(env)
  ::NewRelic::Agent::Tracer.current_transaction.instance_variable_set(:@security_context_data, HTTPContext.new(env))
end

Instance Method Details

#current_time_millisObject 



60
61
62
 
# File 'lib/newrelic_security/agent/control/http_context.rb', line 60

def current_time_millis
  (Time.now.to_f * 1000).to_i
end