Class: TaintedLove::Replacer::ReplaceRailsUserInput

Inherits:

Base

• Object
• Base
• TaintedLove::Replacer::ReplaceRailsUserInput

Defined in:

lib/tainted_love/replacer/replace_rails_user_input.rb

Overview

Ensures user input is tainted in Rails

Instance Method Summary

• #replace! ⇒ Object
• #should_replace? ⇒ Boolean

Methods inherited from Base

replacers

Instance Method Details

#replace! ⇒ Object

# File 'lib/tainted_love/replacer/replace_rails_user_input.rb', line 11

def replace!
  # taint headers
  TaintedLove.proxy_method('ActionDispatch::Http::Headers', :[]) do |return_value, *_args|
    return_value.taint
  end

  # taint the values loaded from the database
  if Object.const_defined?('ActiveRecord::Base')
    ActiveRecord::Base.after_find do
      attributes.values.each do |value|
        value.taint unless value.frozen?
      end
    end
  end

  if Object.const_defined?('ActionController::Base')
    ActionController::Base.class_eval do
      before_action :taint_params
      before_action :taint_cookies

      private

      def taint_params(value = params)
        if value.is_a?(ActionController::Parameters) || value.is_a?(ActiveSupport::HashWithIndifferentAccess)
          value.values.map { |x| x.taint unless x.frozen? }
          value.values.each { |x| taint_params(x) }
        else
          value.taint unless value.frozen?
        end
      end

      def taint_cookies
        request.cookies.values.each(&:taint)
      end
    end
  end

  # taint params keys
  if Object.const_defined?('ActionController::Parameters')
    ActionController::Parameters.class_eval do
      def keys
        @parameters.keys.map { |key| key.dup.taint }
      end
    end
  end
end

#should_replace? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/tainted_love/replacer/replace_rails_user_input.rb', line 7

def should_replace?
  Object.const_defined?('Rails')
end