Module: Sqreen::Legacy::WafRedactions

Defined in:

lib/sqreen/legacy/waf_redactions.rb

Class Method Summary

• .redact_attacks!(attacks, values) ⇒ Object
• .redact_exceptions!(exceptions, values) ⇒ Object

  see github.com/sqreen/TechDoc/blob/master/content/specs/spec000022-waf-data-sanitization.md#changes-to-the-agents.

Class Method Details

.redact_attacks!(attacks, values) ⇒ Object

# File 'lib/sqreen/legacy/waf_redactions.rb', line 10

def redact_attacks!(attacks, values)
  return attacks if values.empty?

  values = values.map { |v| v.downcase if v.is_a?(String) }

  attacks.each do |e|
    next(e) unless e[:infos]
    next(e) unless e[:infos][:waf_data]

    parsed = JSON.parse(e[:infos][:waf_data])
    redacted = parsed.each do |w|
      next unless (filters = w['filter'])

      filters.each do |f|
        next unless (v = f['resolved_value'])
        next unless values.include?(v.downcase)

        f['match_status'] = SensitiveDataRedactor::MASK
        f['resolved_value'] = SensitiveDataRedactor::MASK
      end
    end
    e[:infos][:waf_data] = JSON.dump(redacted)
  end
end

.redact_exceptions!(exceptions, values) ⇒ Object

see github.com/sqreen/TechDoc/blob/master/content/specs/spec000022-waf-data-sanitization.md#changes-to-the-agents

# File 'lib/sqreen/legacy/waf_redactions.rb', line 36

def redact_exceptions!(exceptions, values)
  return exceptions if values.empty?

  exceptions.each do |e|
    next(e) unless e[:infos]
    next(e) unless e[:infos][:waf]

    e[:infos][:waf].delete(:args)
  end
end