Conversation
… boolean value and adjust related tests
…nd update metadata handling.
… wave detection tests
![aikido-pr-checks[bot]](https://avatars.githubusercontent.com/in/898896?s=60&v=4){kind=small}
| // 5. If threshold exceeded: records the event time on the queue, logs the detection, and sends event to cloud | ||
| func updateAttackWaveCountsAndDetect(server *ServerData, isWebScanner bool, ip string, userId string, userAgent string) bool { | ||
| // 5. If threshold exceeded: records the event time on the queue, logs the detection, and sends event with samples to cloud | ||
| func updateAttackWaveCountsAndDetect(server *ServerData, isWebScanner bool, ip string, userId string, userAgent string, method string, url string) bool { |
There was a problem hiding this comment.
Function updateAttackWaveCountsAndDetect now mixes attack detection, sample collection, and JSON serialization/metadata construction.
Details
🔧 How do I fix it?
Split classes that handle database, HTTP, and UI concerns into separate, focused classes.
More info - Comment @AikidoSec feedback: [FEEDBACK] to get better review comments in the future.
| // updateAttackWaveCountsAndDetect implements the attack wave detection logic: | ||
| // 1. Validates the request is from a web scanner and has a valid IP address | ||
| // 2. Increments the sliding window counter for this IP | ||
| // 2. Increments the sliding window counter for this IP and collects request samples |
There was a problem hiding this comment.
Comment for step 2 in updateAttackWaveCountsAndDetect merely restates that the sliding window is incremented and samples are collected, which duplicates the code's mechanics.
Details
🔧 How do I fix it?
Write comments that explain the purpose, reasoning, or business logic behind the code using words like 'because', 'so that', or 'in order to'.
More info - Comment @AikidoSec feedback: [FEEDBACK] to get better review comments in the future.
2 participants
No description provided.