class Pentest::BaseChecker

Attributes

description[R]

Public Class Methods

new(endpoint, params) click to toggle source
# File lib/pentest/checkers/base_checker.rb, line 6
def initialize(endpoint, params)
  @params = params
  @warnings = []
  @endpoint = endpoint
  @route = endpoint.route
  @app_path = endpoint.app_path
end

Private Instance Methods

dispatch(payload) click to toggle source
# File lib/pentest/checkers/base_checker.rb, line 16
def dispatch(payload)
  @endpoint.dispatch(payload)
end
get_status(err) click to toggle source
# File lib/pentest/checkers/base_checker.rb, line 20
def get_status(err)
  if err.nil?
    nil
  elsif err.respond_to?(:status)
    err.status
  elsif ActiveRecord::RecordNotFound === err || ActionController::UrlGenerationError === err
    404
  else
    500
  end
end
normalize_error(err, payload) click to toggle source
# File lib/pentest/checkers/base_checker.rb, line 32
def normalize_error(err, payload)
  return if err.nil?

  status = get_status(err)

  return if status.nil? || status / 100 != 5
  
  message = err.message.lines.first.strip
  payload.params_hash.values.sort_by(&:size).reverse.each do |param|
    message = message.gsub(param.inspect, '"[parameter]"')
    if param.size >= 4
      message = message.gsub(param, '[parameter]')
    end
  end

  message
end