@aikidosec/firewall
Version:
Zen by Aikido is an embedded Application Firewall that autonomously protects Node.js apps against common and critical attacks, provides rate limiting, detects malicious traffic (including bots), and more.
56 lines (55 loc) • 2.04 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.XmlMinusJs = void 0;
const Context_1 = require("../agent/Context");
const wrapExport_1 = require("../agent/hooks/wrapExport");
const isPlainObject_1 = require("../helpers/isPlainObject");
const addXmlToContext_1 = require("./xml/addXmlToContext");
const isXmlInContext_1 = require("./xml/isXmlInContext");
/**
* Wrapper for xml-js package.
*/
class XmlMinusJs {
inspectParse(args, result, jsonStr) {
if (!args.length || typeof args[0] !== "string") {
return;
}
const context = (0, Context_1.getContext)();
if (!context) {
// We expect the context to be set by the wrapped http server
return;
}
const xmlString = args[0];
// Check if the XML string is in the request context
if (!(0, isXmlInContext_1.isXmlInContext)(xmlString, context)) {
return args;
}
const parsed = jsonStr ? JSON.parse(result) : result;
// Replace the body in the context with the parsed result
if (parsed && (0, isPlainObject_1.isPlainObject)(parsed)) {
(0, addXmlToContext_1.addXmlToContext)(parsed, context);
}
}
wrap(hooks) {
hooks
.addPackage("xml-js")
.withVersion("^1.0.0")
.onRequire((exports, pkgInfo) => {
(0, wrapExport_1.wrapExport)(exports, "xml2js", pkgInfo, {
kind: "deserialize_op",
modifyReturnValue: (args, result) => {
this.inspectParse(args, result, false);
return result;
},
});
(0, wrapExport_1.wrapExport)(exports, "xml2json", pkgInfo, {
kind: "deserialize_op",
modifyReturnValue: (args, result) => {
this.inspectParse(args, result, true);
return result;
},
});
});
}
}
exports.XmlMinusJs = XmlMinusJs;