@aikidosec/firewall
Version:
Zen by Aikido is an embedded Web Application Firewall that autonomously protects Node.js apps against common and critical attacks
47 lines (46 loc) • 2.07 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.onInspectionInterceptorResult = onInspectionInterceptorResult;
const path_1 = require("path");
const cleanupStackTrace_1 = require("../../helpers/cleanupStackTrace");
const escapeHTML_1 = require("../../helpers/escapeHTML");
const Attack_1 = require("../Attack");
const Context_1 = require("../Context");
const cleanError_1 = require("../../helpers/cleanError");
// Used for cleaning up the stack trace
const libraryRoot = (0, path_1.resolve)(__dirname, "../..");
function onInspectionInterceptorResult(context, agent, result, pkgInfo, start, operation, kind) {
const end = performance.now();
if (kind) {
agent.getInspectionStatistics().onInspectedCall({
operation: operation,
kind: kind,
attackDetected: !!result,
blocked: agent.shouldBlock(),
durationInMs: end - start,
withoutContext: !context,
});
}
const isBypassedIP = context &&
context.remoteAddress &&
agent.getConfig().isBypassedIP(context.remoteAddress);
if (result && context && !isBypassedIP) {
// Flag request as having an attack detected
(0, Context_1.updateContext)(context, "attackDetected", true);
agent.onDetectedAttack({
module: pkgInfo.name,
operation: result.operation,
kind: result.kind,
source: result.source,
blocked: agent.shouldBlock(),
stack: (0, cleanupStackTrace_1.cleanupStackTrace)(new Error().stack, libraryRoot),
paths: result.pathsToPayload,
metadata: result.metadata,
request: context,
payload: result.payload,
});
if (agent.shouldBlock()) {
throw (0, cleanError_1.cleanError)(new Error(`Zen has blocked ${(0, Attack_1.attackKindHumanName)(result.kind)}: ${result.operation}(...) originating from ${result.source}${(0, escapeHTML_1.escapeHTML)((result.pathsToPayload || []).join())}`));
}
}
}