UNPKG

@aikidosec/firewall

Version:

Zen by Aikido is an embedded Application Firewall that autonomously protects Node.js apps against common and critical attacks, provides rate limiting, detects malicious traffic (including bots), and more.

aikido.dev/zen

AikidoSec/firewall-node

87 lines (86 loc) 3.15 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
"use strict"; let imports = {}; let cachedUint8ArrayMemory0 = null; function getUint8ArrayMemory0() { if (cachedUint8ArrayMemory0 === null || cachedUint8ArrayMemory0.byteLength === 0) { cachedUint8ArrayMemory0 = new Uint8Array(wasm.memory.buffer); } return cachedUint8ArrayMemory0; } function passStringToWasm0(arg, malloc, realloc) { if (realloc === undefined) { const buf = cachedTextEncoder.encode(arg); const ptr = malloc(buf.length, 1) >>> 0; getUint8ArrayMemory0().subarray(ptr, ptr + buf.length).set(buf); WASM_VECTOR_LEN = buf.length; return ptr; } let len = arg.length; let ptr = malloc(len, 1) >>> 0; const mem = getUint8ArrayMemory0(); let offset = 0; for (; offset < len; offset++) { const code = arg.charCodeAt(offset); if (code > 0x7F) break; mem[ptr + offset] = code; } if (offset !== len) { if (offset !== 0) { arg = arg.slice(offset); } ptr = realloc(ptr, len, len = offset + arg.length * 3, 1) >>> 0; const view = getUint8ArrayMemory0().subarray(ptr + offset, ptr + len); const ret = cachedTextEncoder.encodeInto(arg, view); offset += ret.written; ptr = realloc(ptr, len, offset, 1) >>> 0; } WASM_VECTOR_LEN = offset; return ptr; } const cachedTextEncoder = new TextEncoder(); if (!('encodeInto' in cachedTextEncoder)) { cachedTextEncoder.encodeInto = function (arg, view) { const buf = cachedTextEncoder.encode(arg); view.set(buf); return { read: arg.length, written: buf.length }; }; } let WASM_VECTOR_LEN = 0; /** * @param {string} code * @param {string} userinput * @param {number} sourcetype * @returns {boolean} */ function wasm_detect_js_injection(code, userinput, sourcetype) { const ptr0 = passStringToWasm0(code, wasm.__wbindgen_export, wasm.__wbindgen_export2); const len0 = WASM_VECTOR_LEN; const ptr1 = passStringToWasm0(userinput, wasm.__wbindgen_export, wasm.__wbindgen_export2); const len1 = WASM_VECTOR_LEN; const ret = wasm.wasm_detect_js_injection(ptr0, len0, ptr1, len1, sourcetype); return ret !== 0; } exports.wasm_detect_js_injection = wasm_detect_js_injection; /** * @param {string} query * @param {string} userinput * @param {number} dialect * @returns {number} */ function wasm_detect_sql_injection(query, userinput, dialect) { const ptr0 = passStringToWasm0(query, wasm.__wbindgen_export, wasm.__wbindgen_export2); const len0 = WASM_VECTOR_LEN; const ptr1 = passStringToWasm0(userinput, wasm.__wbindgen_export, wasm.__wbindgen_export2); const len1 = WASM_VECTOR_LEN; const ret = wasm.wasm_detect_sql_injection(ptr0, len0, ptr1, len1, dialect); return ret; } exports.wasm_detect_sql_injection = wasm_detect_sql_injection; const wasmPath = `${__dirname}/zen_internals_bg.wasm`; const wasmBytes = require('fs').readFileSync(wasmPath); const wasmModule = new WebAssembly.Module(wasmBytes); const wasm = exports.__wasm = new WebAssembly.Instance(wasmModule, imports).exports;