@contrast/protect
Advanced tools
Comparing version 1.6.0 to 1.6.1
@@ -43,3 +43,2 @@ /* | ||
const [mode, ruleId] = sourceContext.findings.securityException; | ||
sourceContext.block('block', 'cmd-injection'); | ||
@@ -46,0 +45,0 @@ err.output.statusCode = 403; |
@@ -74,5 +74,5 @@ /* | ||
if (req.cookies && Object.keys(req.cookies).length) { | ||
sourceContext.parsedCookies = req.cookies; | ||
inputAnalysis.handleCookies(sourceContext, req.cookies); | ||
if (req.state && Object.keys(req.state).length) { | ||
sourceContext.parsedCookies = req.state; | ||
inputAnalysis.handleCookies(sourceContext, req.state); | ||
} | ||
@@ -79,0 +79,0 @@ |
@@ -46,5 +46,9 @@ /* | ||
const evalCheck = buildEvaluationCheck(evaluation); | ||
const keyIndex = reqHeaders.indexOf(name.toLowerCase()); | ||
const headersArray = Array.isArray(reqHeaders) ? reqHeaders : Object.entries(reqHeaders).reduce((acc, entry) => { | ||
acc.push(...entry); | ||
return acc; | ||
}, []); | ||
const keyIndex = headersArray.indexOf(name.toLowerCase()); | ||
result = keyIndex !== -1 && evalCheck(reqHeaders[keyIndex + 1], value); | ||
result = keyIndex !== -1 && evalCheck(headersArray[keyIndex + 1], value); | ||
if (!result) break; | ||
@@ -51,0 +55,0 @@ } |
{ | ||
"name": "@contrast/protect", | ||
"version": "1.6.0", | ||
"version": "1.6.1", | ||
"description": "Contrast service providing framework-agnostic Protect support", | ||
@@ -24,5 +24,5 @@ "license": "SEE LICENSE IN LICENSE", | ||
"@contrast/common": "1.1.2", | ||
"@contrast/core": "1.5.0", | ||
"@contrast/esm-hooks": "1.1.6", | ||
"@contrast/scopes": "1.1.1", | ||
"@contrast/core": "1.5.1", | ||
"@contrast/esm-hooks": "1.1.7", | ||
"@contrast/scopes": "1.1.2", | ||
"builtin-modules": "^3.2.0", | ||
@@ -29,0 +29,0 @@ "ipaddr.js": "^2.0.1", |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
165832
4216
+ Added@contrast/core@1.5.1(transitive)
+ Added@contrast/esm-hooks@1.1.7(transitive)
+ Added@contrast/patcher@1.0.5(transitive)
+ Added@contrast/reporter@1.4.1(transitive)
+ Added@contrast/scopes@1.1.2(transitive)
+ Addedaxios@1.7.7(transitive)
+ Addedproxy-from-env@1.1.0(transitive)
- Removed@contrast/core@1.5.0(transitive)
- Removed@contrast/esm-hooks@1.1.6(transitive)
- Removed@contrast/patcher@1.0.4(transitive)
- Removed@contrast/reporter@1.4.0(transitive)
- Removed@contrast/scopes@1.1.1(transitive)
- Removedaxios@0.27.2(transitive)
Updated@contrast/core@1.5.1
Updated@contrast/esm-hooks@1.1.7
Updated@contrast/scopes@1.1.2