UNPKG

@aikidosec/firewall

Version:

Zen by Aikido is an embedded Application Firewall that autonomously protects Node.js apps against common and critical attacks, provides rate limiting, detects malicious traffic (including bots), and more.

aikido.dev/zen

AikidoSec/firewall-node

110 lines (109 loc) 3.95 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.__instrumentInspectArgs = __instrumentInspectArgs; exports.__instrumentModifyArgs = __instrumentModifyArgs; exports.__instrumentModifyReturnValue = __instrumentModifyReturnValue; exports.__instrumentAccessLocalVariables = __instrumentAccessLocalVariables; const AgentSingleton_1 = require("../../AgentSingleton"); const Context_1 = require("../../Context"); const wrapExport_1 = require("../wrapExport"); const instructions_1 = require("./instructions"); function __instrumentInspectArgs(id, args, pkgVersion, subject // "This" of the method being called ) { const agent = (0, AgentSingleton_1.getInstance)(); if (!agent) { return; } const context = (0, Context_1.getContext)(); const cbInfo = (0, instructions_1.getFunctionCallbackInfo)(id); if (!cbInfo) { return; } if (typeof cbInfo.funcs.inspectArgs === "function") { wrapExport_1.inspectArgs.call(subject, Array.from(args), cbInfo.funcs.inspectArgs, context, agent, { name: cbInfo.pkgName, version: pkgVersion, type: "external", }, cbInfo.methodName, cbInfo.operationKind); } } function __instrumentModifyArgs(id, args, subject // "This" of the method being called ) { var _a; if (!Array.isArray(args)) { return []; } const agent = (0, AgentSingleton_1.getInstance)(); if (!agent) { return args; } const cbInfo = (0, instructions_1.getFunctionCallbackInfo)(id); if (!cbInfo || !cbInfo.funcs || typeof cbInfo.funcs.modifyArgs !== "function") { return args; } try { const newArgs = cbInfo.funcs.modifyArgs(args, agent, subject); // Only return the new arguments if they are an array if (Array.isArray(newArgs)) { if (!cbInfo.funcs.bindContext) { return newArgs; } // Ensure that all functions in the new arguments are bound to the current execution context (only if bindContext is true) return newArgs.map((arg) => { if (typeof arg === "function") { return (0, Context_1.bindContext)(arg); } return arg; }); } } catch (error) { if (error instanceof Error) { (_a = (0, AgentSingleton_1.getInstance)()) === null || _a === void 0 ? void 0 : _a.onFailedToWrapMethod(cbInfo.pkgName, cbInfo.methodName, error); } } return args; } function __instrumentModifyReturnValue(id, args, returnValue, subject // "This" of the method being called ) { var _a; const agent = (0, AgentSingleton_1.getInstance)(); if (!agent) { return args; } const cbInfo = (0, instructions_1.getFunctionCallbackInfo)(id); if (!cbInfo || !cbInfo.funcs || typeof cbInfo.funcs.modifyReturnValue !== "function") { return returnValue; } try { return cbInfo.funcs.modifyReturnValue(Array.from(args), returnValue, agent, subject); } catch (error) { if (error instanceof Error) { (_a = (0, AgentSingleton_1.getInstance)()) === null || _a === void 0 ? void 0 : _a.onFailedToWrapMethod(cbInfo.pkgName, cbInfo.methodName, error); } } return returnValue; } function __instrumentAccessLocalVariables(id, vars) { var _a; const cbInfo = (0, instructions_1.getFileCallbackInfo)(id); if (!cbInfo || typeof cbInfo.localVariableAccessCb !== "function") { return; } try { cbInfo.localVariableAccessCb(vars, { name: cbInfo.pkgName, type: "external", }); } catch (error) { if (error instanceof Error) { (_a = (0, AgentSingleton_1.getInstance)()) === null || _a === void 0 ? void 0 : _a.onFailedToWrapModule(cbInfo.pkgName, error); } } }