Module: Aikido::Zen::Sinks::Net::HTTP::Helpers

Defined in:

lib/aikido/zen/sinks/net_http.rb

Class Method Summary

• .build_outbound(http) ⇒ Aikido::Zen::OutboundConnection

  Maps a Net::HTTP connection to an Aikido OutboundConnection, which our tooling expects.

• .scan(request, connection, operation) ⇒ Object
• .wrap_request(req, session) ⇒ Object
• .wrap_response(response) ⇒ Object

Class Method Details

.build_outbound(http) ⇒ Aikido::Zen::OutboundConnection

Maps a Net::HTTP connection to an Aikido OutboundConnection, which our tooling expects.

Parameters:

• http (Net::HTTP)

Returns:

• (Aikido::Zen::OutboundConnection)

# File 'lib/aikido/zen/sinks/net_http.rb', line 19

def self.build_outbound(http)
  OutboundConnection.new(
    host: http.address,
    port: http.port
  )
end

.scan(request, connection, operation) ⇒ Object

# File 'lib/aikido/zen/sinks/net_http.rb', line 59

def self.scan(request, connection, operation)
  SINK.scan(
    request: request,
    connection: connection,
    operation: operation
  )
end

.wrap_request(req, session) ⇒ Object

# File 'lib/aikido/zen/sinks/net_http.rb', line 26

def self.wrap_request(req, session)
  uri = req.uri if req.uri.is_a?(URI)

  if uri.nil?
    request_uri = URI.parse(req.path)

    uri = URI.parse(
      URI::Generic.build(
        scheme: session.use_ssl? ? "https" : "http",
        host: session.address,
        port: session.port,
        path: request_uri.path,
        query: request_uri.query
      ).to_s
    )
  end

  Scanners::SSRFScanner::Request.new(
    verb: req.method,
    uri: uri,
    headers: req.to_hash,
    header_normalizer: ->(val) { Array(val).join(", ") }
  )
end

.wrap_response(response) ⇒ Object

# File 'lib/aikido/zen/sinks/net_http.rb', line 51

def self.wrap_response(response)
  Scanners::SSRFScanner::Response.new(
    status: response.code.to_i,
    headers: response.to_hash,
    header_normalizer: ->(val) { Array(val).join(", ") }
  )
end