Class: Sqreen::Rules::ReflectedXSSHamlCB

Inherits:

XSSCB

• Object
• CB
• FrameworkCB
• RuleCB
• RegexpRuleCB
• XSSCB
• Sqreen::Rules::ReflectedXSSHamlCB

Defined in:

lib/sqreen/rules/xss_cb.rb

Overview

look for reflected XSS with haml template engine hook function arguments of Haml::Buffer.format_script(result, preserve_script, in_tag, preserve_tag,

escape_html, nuke_inner_whitespace,
interpolated, ugly)

Constant Summary

Constants inherited from RuleCB

Sqreen::Rules::RuleCB::DEFAULT_PAYLOAD

Constants included from CallCountable

CallCountable::COUNT_CALLS, CallCountable::FAILING, CallCountable::POST, CallCountable::PRE

Constants inherited from CB

CB::DEFAULT_PRIORITY

Instance Attribute Summary

Attributes inherited from RuleCB

#block, #payload_tpl, #test

Attributes included from CallCountable

#call_count_interval, #call_counts

Attributes inherited from FrameworkCB

#framework

Attributes inherited from CB

#klass, #method, #overtimeable

Instance Method Summary

• #post(ret, _inst, _args, _budget = nil, &_block) ⇒ Object

Methods inherited from XSSCB

#initialize, #report_dangerous_xss?, #xss_params

Methods inherited from RegexpRuleCB

#initialize, #match_regexp, #prepare

Methods inherited from RuleCB

#advise_action, #initialize, #overtime!, #priority, #record_event, #record_exception, #rule_name, #rulespack_id

Methods included from CallCountable

#count_callback_calls, #failing_with_count, #post_with_count, #pre_with_count

Methods included from Conditionable

#condition_callbacks, #failing_with_conditions, #post_with_conditions, #pre_with_conditions

Methods inherited from FrameworkCB

#record_observation, #whitelisted?

Methods inherited from CB

#failing?, #framework, #initialize, #overtime!, #post?, #pre?, #priority, #to_s, #whitelisted?

Constructor Details

This class inherits a constructor from Sqreen::Rules::XSSCB

Instance Method Details

#post(ret, _inst, _args, _budget = nil, &_block) ⇒ Object

# File 'lib/sqreen/rules/xss_cb.rb', line 97

def post(ret, _inst, _args, _budget = nil, &_block)
  value = ret
  return unless value.is_a?(String)

  # 99% of the time we return here
  return unless xss_params.any? { |p| p == value }

  Sqreen.log.debug { format('Found unescaped user param: %s', value) }

  return unless report_dangerous_xss?(value)

  return unless block
  # potential XSS! let's escape
  advise_action(:override, :new_return_value => CGI.escape_html(value))
end