private string BuildLogMessage(string ip, RequestValidationResult validationResult) { StringBuilder message = new StringBuilder(); message.AppendFormat("Detected xss vulnerability. Time: {0}, IP:{1}, Request Part: {2}", DateTime.Now.ToString(CultureInfo.InvariantCulture), ip, validationResult.DiseasedRequestPart); return message.ToString(); }
private void LogXssWarning(HttpRequest request, RequestValidationResult validationResult) { string ipInformation = _ipAdressHelper.GetIpInformation(request); _logger.Warn(BuildLogMessage(ipInformation, validationResult)); }
public RequestValidationResult HasXssVulnerability(HttpRequest request) { if (string.IsNullOrWhiteSpace(_configuration.ControlRegex)) { _xssDetectionRegex = new Regex(_regexProcessor.XssPattern, RegexOptions.IgnoreCase); } else { try { _xssDetectionRegex = new Regex(HttpUtility.HtmlDecode(_configuration.ControlRegex), RegexOptions.IgnoreCase); } catch { _xssDetectionRegex = new Regex(_regexProcessor.XssPattern, RegexOptions.IgnoreCase); } } RequestValidationResult result = new RequestValidationResult { IsValid = true, DiseasedRequestPart = DiseasedRequestPart.None }; if (request != null) { string queryString = request.QueryString.ToString(); if (!string.IsNullOrEmpty(queryString) && _regexProcessor.ExecFor(_xssDetectionRegex, queryString)) { result.IsValid = false; result.DiseasedRequestPart = DiseasedRequestPart.QueryString; } if (request.HttpMethod.Equals("POST", StringComparison.InvariantCultureIgnoreCase)) { string formPostValues; try { formPostValues = request.Form.ToString(); } catch (Exception ex) { if (_configuration.Log.Equals(bool.TrueString)) { string message = string.Format(@"Request.Form getter called, Method :{0}, Requested Page: {1}", MethodBase.GetCurrentMethod().Name, request.Url); _logger.Error(message, ex); } throw; } if (!string.IsNullOrEmpty(formPostValues) && _regexProcessor.ExecFor(_xssDetectionRegex, formPostValues)) { result.IsValid = false; result.DiseasedRequestPart = DiseasedRequestPart.Form; } } } return result; }