First release of open-appsec source code

components/security_apps/waap/waap_clib/WaapScanner.h

@@ -0,0 +1,52 @@
+// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved.
+
+// Licensed under the Apache License, Version 2.0 (the "License");
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef __WAAP_SCANNER_H__
+#define __WAAP_SCANNER_H__
+
+#include "ParserBase.h"
+#include "ScanResult.h"
+#include "i_transaction.h"
+#include "WaapAssetState.h"
+#include <memory>
+
+namespace Waap {
+    class Scanner :     public IParserReceiver
+    {
+    public:
+        Scanner(IWaf2Transaction *transaction)
+        :
+            m_lastScanResult(),
+            m_transaction(transaction),
+            m_antibotCookie(),
+            m_bIgnoreOverride(false)
+        {
+        }
+        bool suspiciousHit(Waf2ScanResult &res, const std::string &location, const std::string &param_name);
+        int onKv(const char* k, size_t k_len, const char* v, size_t v_len, int flags) override;
+
+        const std::string &getAntibotCookie() const { return m_antibotCookie; }
+        bool getIgnoreOverride() { return m_bIgnoreOverride; };
+        const Waf2ScanResult &getLastScanResult() const { return m_lastScanResult; }
+    private:
+        double getScoreData(Waf2ScanResult& res, const std::string &poolName);
+        bool shouldIgnoreOverride(const Waf2ScanResult &res);
+        
+        Waf2ScanResult m_lastScanResult;
+        IWaf2Transaction *m_transaction;
+        std::string m_antibotCookie;
+        bool m_bIgnoreOverride;
+    };
+}
+
+#endif // __WAAP_SCANNER_H__