Class: Sqreen::Rules::Haml4ParserScriptHookCB

Inherits:

RuleCB

Object
CB
FrameworkCB
RuleCB
Sqreen::Rules::Haml4ParserScriptHookCB

show all

Defined in:: lib/sqreen/rules/xss_cb.rb

Overview

Hook into haml4 script parser

Constant Summary

Instance Attribute Summary

Attributes inherited from RuleCB

#block, #payload_tpl, #test

Attributes included from CallCountable

#call_count_interval, #call_counts

Attributes inherited from FrameworkCB

#framework

Attributes inherited from CB

#klass, #method, #overtimeable

Instance Method Summary collapse

#initialize(*args) ⇒ Haml4ParserScriptHookCB constructor

A new instance of Haml4ParserScriptHookCB.
#pre(_inst, args, _budget = nil, &_block) ⇒ Object

Methods inherited from RuleCB

#advise_action, #overtime!, #priority, #record_event, #record_exception, #rule_name, #rulespack_id

Methods included from CallCountable

#count_callback_calls, #failing_with_count, #post_with_count, #pre_with_count

Methods included from Conditionable

#condition_callbacks, #failing_with_conditions, #post_with_conditions, #pre_with_conditions

Methods inherited from FrameworkCB

#record_observation, #whitelisted?

Methods inherited from CB

#failing?, #framework, #overtime!, #post?, #pre?, #priority, #to_s, #whitelisted?

Constructor Details

#initialize(*args) ⇒ `Haml4ParserScriptHookCB`

Returns a new instance of Haml4ParserScriptHookCB.

# File 'lib/sqreen/rules/xss_cb.rb', line 116

def initialize(*args)
  super(*args)
  @overtimeable = false
end

Instance Method Details

#pre(_inst, args, _budget = nil, &_block) ⇒ `Object`

# File 'lib/sqreen/rules/xss_cb.rb', line 121

def pre(_inst, args, _budget = nil, &_block)
  return unless args.size > 1
  return unless Haml::VERSION < '5'
  text = args[0]
  escape_html = args[1]
  if escape_html == false &&
     text.respond_to?(:include?) &&
     !text.include?('html_escape')
    if text.respond_to? :text=
      args[0].text = "Sqreen.escape_haml((#{args[0].text}))"
    else
      args[0].replace("Sqreen.escape_haml((#{args[0]}))")
    end
  end
  nil
end

Class: Sqreen::Rules::Haml4ParserScriptHookCB

Overview

Constant Summary

Constants inherited from RuleCB

Constants included from CallCountable

Constants inherited from CB

Instance Attribute Summary

Attributes inherited from RuleCB

Attributes included from CallCountable

Attributes inherited from FrameworkCB

Attributes inherited from CB

Instance Method Summary collapse

Methods inherited from RuleCB

Methods included from CallCountable

Methods included from Conditionable

Methods inherited from FrameworkCB

Methods inherited from CB

Constructor Details

#initialize(*args) ⇒ Haml4ParserScriptHookCB

Instance Method Details

#pre(_inst, args, _budget = nil, &_block) ⇒ Object

#initialize(*args) ⇒ `Haml4ParserScriptHookCB`

#pre(_inst, args, _budget = nil, &_block) ⇒ `Object`