1 /*
2 * ModSecurity, http://www.modsecurity.org/
3 * Copyright (c) 2015 - 2021 Trustwave Holdings, Inc. (http://www.trustwave.com/)
4 *
5 * You may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * If any of the files related to licensing are missing or if you have any
11 * other questions related to licensing please contact Trustwave Holdings, Inc.
12 * directly using the email address security@modsecurity.org.
13 *
14 */
15
16 #include "src/operators/detect_xss.h"
17
18 #include <string>
19
20 #include "src/operators/operator.h"
21 #include "others/libinjection/src/libinjection.h"
22
23
24 namespace modsecurity {
25 namespace operators {
26
27
evaluate(Transaction * t,RuleWithActions * rule,const std::string & input,std::shared_ptr<RuleMessage> ruleMessage)28 bool DetectXSS::evaluate(Transaction *t, RuleWithActions *rule,
29 const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
30 int is_xss;
31
32 is_xss = libinjection_xss(input.c_str(), input.length());
33
34 if (t) {
35 if (is_xss) {
36 ms_dbg_a(t, 5, "detected XSS using libinjection.");
37 if (rule && rule->hasCaptureAction()) {
38 t->m_collections.m_tx_collection->storeOrUpdateFirst(
39 "0", std::string(input));
40 ms_dbg_a(t, 7, "Added DetectXSS match TX.0: " + \
41 std::string(input));
42 }
43 } else {
44 ms_dbg_a(t, 9, "libinjection was not able to " \
45 "find any XSS in: " + input);
46 }
47 }
48 return is_xss != 0;
49 }
50
51
52 } // namespace operators
53 } // namespace modsecurity
54