Catalog/ruby.yml at main · RootCauseScan/Catalog · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
# Ruby: sources = user-manipulable (headers, cookies, query, body, path, env)
sources:
  # Query / params / body (Rails, Sinatra, Rack)
  - "params"
  - "params*"
  - "request.params"
  - "request.GET"
  - "request.POST"
  - "request.body"
  - "request.body.read"
  # HTTP headers (Cookie, Authorization, X-*, etc.)
  - "request.env"
  - "request.headers"
  - "request.header"
  - "request.get_header"
  - "env"
  # Cookies
  - "cookies"
  - "request.cookies"
  - "request.cookie_jar"
  # URL / path / referrer
  - "request.path"
  - "request.url"
  - "request.referer"
  - "request.user_agent"
  # Session (user-origin data)
  - "session"
  - "session*"
  # Rack raw env (HTTP_*, etc.)
  - "Rack::Request*"
  # Environment
  - "ENV"
  - "ENV[]"
sinks:
  - "eval"
  - "instance_eval"
  - "class_eval"
  - "module_eval"
  - "exec"
  - "system"
  - "spawn"
  - "`"
  - "Kernel.exec"
  - "Kernel.system"
  - "Open3.popen*"
  - "IO.popen"
  - "exec"
  - "SQL"
  - "execute"
  - "query"
  - "ActiveRecord::Base.connection.execute"
sanitizers:
  - "escape"
  - "escapeHTML"
  - "h"
  - "ERB::Util.html_escape"
  - "sanitize"
  - "Rails::Html::Sanitizer"