Jun 16th update

2025-10-01 20:17:43 +03:00 · 2023-01-17 11:34:09 +02:00
parent 90bcc544a2
commit ad04b8d063
168 changed files with 64034 additions and 932 deletions
--- a/components/security_apps/waap/waap_clib/Waf2Util.cc
+++ b/components/security_apps/waap/waap_clib/Waf2Util.cc
@@ -1128,6 +1128,11 @@ static const SingleRegex broken_utf_evasion_re(
    err,
    "broken_utf_evasion"
 );
+static const SingleRegex csp_report_policy_re(
+    "default-src\\s+[^\\w]+.*report-uri\\s+[^\\w]+",
+    err,
+    "csp_report_policy"
+);

 static void b64TestChunk(const string &s,
        string::const_iterator chunkStart,
@@ -1391,10 +1396,16 @@ unescapeInvalidUtf8(const string &payload)
    return unescaped_text;
 }

-bool
-containsBrokenUtf8(const string &payload)
+Maybe<std::string>
+containsBrokenUtf8(const string &payload, const string &unquoted_payload)
 {
-    return broken_utf_evasion_re.hasMatch(payload);
+    if (broken_utf_evasion_re.hasMatch(unquoted_payload)) {
+        return unquoted_payload;
+    } else if (broken_utf_evasion_re.hasMatch(payload)) {
+        return payload;
+    } else {
+        return genError("does not contain broken-down UTF8");
+    }
 }

 string
@@ -1426,6 +1437,12 @@ unescapeBrokenUtf8(const string &payload)
    return unescaped_text;
 }

+bool
+containsCspReportPolicy(const string &payload)
+{
+    return csp_report_policy_re.hasMatch(payload);
+}
+
 string
 charToString(const char* s, int slen)
 {
@@ -1825,6 +1842,11 @@ ContentType detectContentType(const char* hdr_value) {
            return CONTENT_TYPE_JSON;
        }

+        // Detect Graphql content type if Content-Type header value is application/graphql
+        if (my_stristarts_with(hdr_value, "application/graphql")) {
+            return CONTENT_TYPE_GQL;
+        }
+
        // Detect HTML content type
        if (my_stristarts_with(hdr_value, "text/html")) {
            return CONTENT_TYPE_HTML;