Module: Aikido::Zen::Sinks::Curl::Helpers
- Defined in:
- lib/aikido/zen/sinks/curb.rb
Class Method Summary collapse
- .scan(request, connection, operation) ⇒ Object
- .wrap_request(curl, url: curl.url) ⇒ Object
- .wrap_response(curl) ⇒ Object
Class Method Details
.scan(request, connection, operation) ⇒ Object
37 38 39 40 41 42 43 |
# File 'lib/aikido/zen/sinks/curb.rb', line 37 def self.scan(request, connection, operation) SINK.scan( request: request, connection: connection, operation: operation ) end |
.wrap_request(curl, url: curl.url) ⇒ Object
13 14 15 16 17 18 19 |
# File 'lib/aikido/zen/sinks/curb.rb', line 13 def self.wrap_request(curl, url: curl.url) Scanners::SSRFScanner::Request.new( verb: nil, # Curb hides this by directly setting an option in C uri: URI(url), headers: curl.headers ) end |
.wrap_response(curl) ⇒ Object
21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 |
# File 'lib/aikido/zen/sinks/curb.rb', line 21 def self.wrap_response(curl) # Curb made an… interesting choice by not parsing the response headers # and forcing users to do this manually if they need to look at them. _, *headers = curl.header_str.split(/[\r\n]+/).map(&:strip) headers = headers.flat_map { |str| str.scan(/\A(\S+): (.+)\z/) }.to_h if curl.url != curl.last_effective_url status = 302 # We can't know what the original status was, but we just need a 3XX headers["Location"] = curl.last_effective_url else status = curl.status.to_i end Scanners::SSRFScanner::Response.new(status: status, headers: headers) end |