@aikidosec/firewall/vulnerabilities/js-injection/checkContextForJsInjection.js

Zen by Aikido is an embedded Application Firewall that autonomously protects Node.js apps against common and critical attacks, provides rate limiting, detects malicious traffic (including bots), and more.

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.checkContextForJsInjection = checkContextForJsInjection;
const Source_1 = require("../../agent/Source");
const attackPath_1 = require("../../helpers/attackPath");
const extractStringsFromUserInputCached_1 = require("../../helpers/extractStringsFromUserInputCached");
const detectJsInjection_1 = require("./detectJsInjection");
/**
 * This function goes over all the different input types in the context and checks
 * if it's a possible JS Injection, if so the function returns an InterceptorResult
 */
function checkContextForJsInjection({ js, operation, context, }) {
    for (const source of Source_1.SOURCES) {
        const userInput = (0, extractStringsFromUserInputCached_1.extractStringsFromUserInputCached)(context, source);
        if (!userInput) {
            continue;
        }
        for (const str of userInput) {
            if ((0, detectJsInjection_1.detectJsInjection)(js, str)) {
                return {
                    operation: operation,
                    kind: "code_injection",
                    source: source,
                    pathsToPayload: (0, attackPath_1.getPathsToPayload)(str, context[source]),
                    metadata: {
                        language: "js",
                        code: js,
                    },
                    payload: str,
                };
            }
        }
    }
}