feat: add net http rule (#172)

* feat: support hash in http_detection_rule

* chore: update rule name

integration/flags/.snapshots/TestInitCommand-init

@@ -132,6 +132,22 @@ scan:
             root_lowercase: false
             metavars: {}
             stored: false
+        ruby_http_detection:
+            disabled: false
+            type: risk
+            languages:
+                - ruby
+            patterns:
+                - |
+                  URI.encode_www_form(<$DATA_TYPE>)
+                - |
+                  Net::HTTP.post_form(<$DATA_TYPE>)
+            param_parenting: false
+            processors: []
+            root_singularize: false
+            root_lowercase: false
+            metavars: {}
+            stored: false
     debug: false
     disable-domain-resolution: false
     domain-resolution-timeout: 3s

pkg/commands/process/settings/custom_detector.yml

@@ -1,3 +1,17 @@
+ruby_http_detection:
+  type: "risk"
+  languages:
+    - ruby
+  patterns:
+    - |
+      URI.encode_www_form(<$DATA_TYPE>)
+    - |
+      Net::HTTP.post_form(<$DATA_TYPE>)
+    # - |
+    #   $HTTP_CLIENT.$METHOD(<$DATA_TYPE>)
+  param_parenting: false
+  metavars: {}
+  stored: false
 ruby_file_detection:
   type: "risk"
   languages:

pkg/detectors/csharp/datatype/datatype.go

@@ -217,5 +217,5 @@ func standardizeDataType(node *parser.Node, content string) string {
 		return schema.SimpleTypeObject
 	}
 
-	return schema.SimpleTypeUknown
+	return schema.SimpleTypeUnknown
 }

pkg/detectors/custom/custom.go

@@ -170,7 +170,6 @@ func (detector *Detector) extractData(captures []parser.Captures, rule config.Co
 			var err error
 
 			if param.ArgumentsExtract || param.ClassNameExtract {
-				// @ToDo: This is where we need to define the parent that will get sent as parent
 				paramTypes, err = detector.extractArguments(lang, capture[param.BuildFullName()], idGenerator, fileinfo, filePath)
 				if err != nil {
 					return err
@@ -222,7 +221,7 @@ func (detector *Detector) extractData(captures []parser.Captures, rule config.Co
 							matchType := &schemadatatype.DataType{
 								Node:       matchNode,
 								Name:       string(match),
-								Type:       schema.SimpleTypeUknown,
+								Type:       schema.SimpleTypeUnknown,
 								Properties: make(map[string]schemadatatype.DataTypable),
 							}
 							matchNodeID := matchNode.ID()

pkg/detectors/java/datatype/datatype.go

@@ -145,5 +145,5 @@ func standardizeDataType(node *parser.Node, content string) string {
 		return schema.SimpleTypeObject
 	}
 
-	return schema.SimpleTypeUknown
+	return schema.SimpleTypeUnknown
 }

pkg/detectors/javascript/datatype/objects.go

@@ -40,7 +40,7 @@ func addObjects(tree *parser.Tree, datatypes map[parser.NodeID]*schemadatatype.D
 			datatypes[objectNode.ID()] = &schemadatatype.DataType{
 				Node:       objectNode,
 				Name:       "",
-				Type:       schema.SimpleTypeUknown,
+				Type:       schema.SimpleTypeUnknown,
 				TextType:   "",
 				Properties: make(map[string]schemadatatype.DataTypable),
 			}
@@ -50,7 +50,7 @@ func addObjects(tree *parser.Tree, datatypes map[parser.NodeID]*schemadatatype.D
 		datatypes[objectNode.ID()].Properties[propertyName] = &schemadatatype.DataType{
 			Node:       propertyNode,
 			Name:       propertyNode.Content(),
-			Type:       schema.SimpleTypeUknown,
+			Type:       schema.SimpleTypeUnknown,
 			TextType:   "",
 			Properties: make(map[string]schemadatatype.DataTypable),
 		}

pkg/detectors/javascript/datatype/properties.go

@@ -34,7 +34,7 @@ func addProperties(tree *parser.Tree, helperDatatypes map[parser.NodeID]*schemad
 		helperDatatypes[rootPropertyNode.ID()] = &schemadatatype.DataType{
 			Node:       rootPropertyNode,
 			Name:       id,
-			Type:       schema.SimpleTypeUknown,
+			Type:       schema.SimpleTypeUnknown,
 			TextType:   "",
 			Properties: make(map[string]schemadatatype.DataTypable),
 			UUID:       "",
@@ -49,7 +49,7 @@ func addProperties(tree *parser.Tree, helperDatatypes map[parser.NodeID]*schemad
 		helperDatatypes[rootPropertyNode.ID()] = &schemadatatype.DataType{
 			Node:       rootPropertyNode,
 			Name:       id,
-			Type:       schema.SimpleTypeUknown,
+			Type:       schema.SimpleTypeUnknown,
 			TextType:   "",
 			Properties: make(map[string]schemadatatype.DataTypable),
 			UUID:       "",
@@ -65,7 +65,7 @@ func addProperties(tree *parser.Tree, helperDatatypes map[parser.NodeID]*schemad
 		helperDatatypes[objectNode.ID()] = &schemadatatype.DataType{
 			Node:       propertyNode,
 			Name:       id,
-			Type:       schema.SimpleTypeUknown,
+			Type:       schema.SimpleTypeUnknown,
 			TextType:   "",
 			Properties: make(map[string]schemadatatype.DataTypable),
 			UUID:       "",

pkg/detectors/php/datatype/datatype.go

@@ -93,7 +93,7 @@ func discoverClassProperties(tree *parser.Tree, datatypes map[parser.NodeID]*sch
 		datatypes[classNode.ID()].Properties[propertyName] = &schemadatatype.DataType{
 			Node:     propertyNode,
 			Name:     propertyName,
-			Type:     schema.SimpleTypeUknown,
+			Type:     schema.SimpleTypeUnknown,
 			TextType: "",
 		}
 	}
@@ -114,7 +114,7 @@ func discoverClassFunctions(tree *parser.Tree, datatypes map[parser.NodeID]*sche
 		datatypes[classNode.ID()].Properties[functionName] = &schemadatatype.DataType{
 			Node:     functionNameNode,
 			Name:     functionName,
-			Type:     schema.SimpleTypeUknown,
+			Type:     schema.SimpleTypeUnknown,
 			TextType: "",
 		}
 	}

pkg/detectors/php/datatype/properties.go

@@ -31,7 +31,7 @@ func addProperties(tree *parser.Tree, helperDatatypes map[parser.NodeID]*schemad
 				helperDatatypes[propertyNode.ID()] = &schemadatatype.DataType{
 					Node:       propertyNode,
 					Name:       id,
-					Type:       schema.SimpleTypeUknown,
+					Type:       schema.SimpleTypeUnknown,
 					TextType:   "",
 					Properties: make(map[string]schemadatatype.DataTypable),
 					UUID:       "",
@@ -52,7 +52,7 @@ func addProperties(tree *parser.Tree, helperDatatypes map[parser.NodeID]*schemad
 			helperDatatypes[objectNode.ID()] = &schemadatatype.DataType{
 				Node:       objectNode,
 				Name:       id,
-				Type:       schema.SimpleTypeUknown,
+				Type:       schema.SimpleTypeUnknown,
 				TextType:   "",
 				Properties: make(map[string]schemadatatype.DataTypable),
 				UUID:       "",

pkg/detectors/python/datatype/datatype.go

@@ -106,7 +106,7 @@ func discoverClassProperties(tree *parser.Tree, datatypes map[parser.NodeID]*sch
 		datatypes[classNode.ID()].Properties[propertyName] = &schemadatatype.DataType{
 			Node:       propertyNode,
 			Name:       propertyName,
-			Type:       schema.SimpleTypeUknown,
+			Type:       schema.SimpleTypeUnknown,
 			Properties: make(map[string]schemadatatype.DataTypable),
 			TextType:   "",
 		}
@@ -128,7 +128,7 @@ func discoverClassFunctions(tree *parser.Tree, datatypes map[parser.NodeID]*sche
 		datatypes[classNode.ID()].Properties[functionName] = &schemadatatype.DataType{
 			Node:     functionNameNode,
 			Name:     functionName,
-			Type:     schema.SimpleTypeUknown,
+			Type:     schema.SimpleTypeUnknown,
 			TextType: "",
 		}
 	}

pkg/detectors/python/datatype/properties.go

@@ -34,7 +34,7 @@ func addProperties(tree *parser.Tree, helperDatatypes map[parser.NodeID]*schemad
 			helperDatatypes[childNode.ID()] = &schemadatatype.DataType{
 				Node:       childNode,
 				Name:       id,
-				Type:       schema.SimpleTypeUknown,
+				Type:       schema.SimpleTypeUnknown,
 				TextType:   "",
 				Properties: make(map[string]schemadatatype.DataTypable),
 				UUID:       "",
@@ -47,7 +47,7 @@ func addProperties(tree *parser.Tree, helperDatatypes map[parser.NodeID]*schemad
 		helperDatatypes[elementNode.ID()] = &schemadatatype.DataType{
 			Node:       idNode,
 			Name:       idNode.Content(),
-			Type:       schema.SimpleTypeUknown,
+			Type:       schema.SimpleTypeUnknown,
 			TextType:   "",
 			Properties: make(map[string]schemadatatype.DataTypable),
 			UUID:       "",
@@ -63,7 +63,7 @@ func addProperties(tree *parser.Tree, helperDatatypes map[parser.NodeID]*schemad
 			helperDatatypes[childNode.ID()] = &schemadatatype.DataType{
 				Node:       childNode,
 				Name:       id,
-				Type:       schema.SimpleTypeUknown,
+				Type:       schema.SimpleTypeUnknown,
 				TextType:   "",
 				Properties: make(map[string]schemadatatype.DataTypable),
 				UUID:       "",
@@ -78,7 +78,7 @@ func addProperties(tree *parser.Tree, helperDatatypes map[parser.NodeID]*schemad
 		helperDatatypes[elementNode.ID()] = &schemadatatype.DataType{
 			Node:       idNode,
 			Name:       id,
-			Type:       schema.SimpleTypeUknown,
+			Type:       schema.SimpleTypeUnknown,
 			TextType:   "",
 			Properties: make(map[string]schemadatatype.DataTypable),
 			UUID:       "",

pkg/detectors/ruby/custom_detector/extract_arguments.go

@@ -19,7 +19,7 @@ func (detector *Detector) ExtractArguments(node *parser.Node, idGenerator nodeid
 
 	joinedDatatypes := make(map[parser.NodeID]*schemadatatype.DataType)
 
-	// handle classs name
+	// handle class name
 	if node.Type() == "constant" {
 		datatype := &schemadatatype.DataType{
 			Node:       node,
@@ -35,7 +35,6 @@ func (detector *Detector) ExtractArguments(node *parser.Node, idGenerator nodeid
 		singleArgument := node.Child(i)
 
 		if singleArgument.Type() == "identifier" || singleArgument.Type() == "simple_symbol" || singleArgument.Type() == "bare_symbol" {
-
 			content := singleArgument.Content()
 
 			if singleArgument.Type() == "simple_symbol" {
@@ -45,7 +44,7 @@ func (detector *Detector) ExtractArguments(node *parser.Node, idGenerator nodeid
 			datatype := &schemadatatype.DataType{
 				Node:       singleArgument,
 				Name:       content,
-				Type:       schema.SimpleTypeUknown,
+				Type:       schema.SimpleTypeUnknown,
 				Properties: make(map[string]schemadatatype.DataTypable),
 			}
 			joinedDatatypes[datatype.Node.ID()] = datatype

pkg/detectors/ruby/datatype/class_assignment.go

@@ -12,7 +12,7 @@ import (
 var classAssignmentQuery = parser.QueryMustCompile(ruby.GetLanguage(),
 	`(assignment
 		left: (constant) @param_id
-		right: 
+		right:
 			(call
 				receiver: (constant) @helper_Class
 				method: (identifier) @helper_new
@@ -70,7 +70,7 @@ func discoverClassAssignmentProperties(tree *parser.Tree, datatypes map[parser.N
 		datatypes[classNode.ID()].Properties[propertyName] = &schemadatatype.DataType{
 			Node:       propertyNode,
 			Name:       propertyName,
-			Type:       schema.SimpleTypeUknown,
+			Type:       schema.SimpleTypeUnknown,
 			Properties: make(map[string]schemadatatype.DataTypable),
 			TextType:   "",
 		}
@@ -92,7 +92,7 @@ func discoverClassAssignmentFunctions(tree *parser.Tree, datatypes map[parser.No
 		datatypes[classNode.ID()].Properties[functionName] = &schemadatatype.DataType{
 			Node:     functionNameNode,
 			Name:     functionName,
-			Type:     schema.SimpleTypeUknown,
+			Type:     schema.SimpleTypeUnknown,
 			TextType: "",
 		}
 	}

pkg/detectors/ruby/datatype/datatype.go

@@ -87,7 +87,7 @@ func discoverClassProperties(tree *parser.Tree, datatypes map[parser.NodeID]*sch
 		datatypes[classNode.ID()].Properties[propertyName] = &schemadatatype.DataType{
 			Node:       propertyNode,
 			Name:       propertyName,
-			Type:       schema.SimpleTypeUknown,
+			Type:       schema.SimpleTypeUnknown,
 			Properties: make(map[string]schemadatatype.DataTypable),
 			TextType:   "",
 		}
@@ -109,7 +109,7 @@ func discoverClassFunctions(tree *parser.Tree, datatypes map[parser.NodeID]*sche
 		datatypes[classNode.ID()].Properties[functionName] = &schemadatatype.DataType{
 			Node:     functionNameNode,
 			Name:     functionName,
-			Type:     schema.SimpleTypeUknown,
+			Type:     schema.SimpleTypeUnknown,
 			TextType: "",
 		}
 	}