Class: Rails::Guarddog::Checkers::CsrfChecker

Inherits:
BaseChecker
  • Object
show all
Defined in:
lib/rails/guarddog/checkers/csrf_checker.rb

Instance Attribute Summary

Attributes inherited from BaseChecker

#findings

Instance Method Summary collapse

Methods inherited from BaseChecker

#initialize

Constructor Details

This class inherits a constructor from Rails::Guarddog::Checkers::BaseChecker

Instance Method Details

#runObject 



5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
 
# File 'lib/rails/guarddog/checkers/csrf_checker.rb', line 5

def run
  glob_files('app/controllers/**/*.rb').each do |file|
    content = File.read(file)
    has_skip = content.include?('skip_before_action :verify_authenticity_token')
    if has_skip && !content.include?('# CSRF disabled for specific reason')
      add_finding(
        severity: :critical,
        message: "CSRF protection disabled without documented reason",
        file: file,
        line: 1,
        remediation: "Remove skip_before_action or add documented reason"
      )
    end
  end
  findings
end