Merge pull request #8 from appsentinels/hide_values

support for hiding values for privacy concerns
appsentinels · Aug 16, 2023 · d7ed0da · d7ed0da
2 parents dd52bd0 + 5efa232
commit d7ed0da
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 4 deletions.
diff --git a/internal/corazawaf/transaction.go b/internal/corazawaf/transaction.go
@@ -457,10 +457,15 @@ func (tx *Transaction) matchVariable(match *corazarules.MatchData) {
 	matchedVarName := tx.variables.matchedVarName
 	matchedVarName.Reset()
 
-	matchedVars.Add(varName, match.Value_)
-	tx.variables.matchedVar.Set(match.Value_)
-
+	if tx.WAF.HideValues == true {
+		matchedVars.Add(varName, "APPSENTINELS_HIDDEN")
+		tx.variables.matchedVar.Set("APPSENTINELS_HIDDEN")
+	} else {
+		matchedVars.Add(varName, match.Value_)
+		tx.variables.matchedVar.Set(match.Value_)
+	}
 	matchedVarName.Set(varName)
+
 }
 
 // MatchRule Matches a rule to be logged

diff --git a/internal/corazawaf/waf.go b/internal/corazawaf/waf.go
@@ -131,6 +131,9 @@ type WAF struct {
 
 	// Configures the maximum number of ARGS that will be accepted for processing.
 	ArgumentLimit int
+
+	//Hide Values for privacy concerns default is false - MJ
+	HideValues bool
 }
 
 // NewTransaction Creates a new initialized transaction for this WAF instance
@@ -283,6 +286,7 @@ func NewWAF() *WAF {
 		AuditLogWriterConfig:      auditlog.NewConfig(),
 		Logger:                    logger,
 		ArgumentLimit:             1000,
+		HideValues:                false,
 	}
 
 	if environment.HasAccessToFS {

diff --git a/waf.go b/waf.go
@@ -148,8 +148,17 @@ func (w wafWrapper) WafUpdateRuleFlags(flagName string, flagValue interface{}) b
 	case "recordruletimingsclear":
 		corazawaf.ClearRuleTimingsRecord()
 		ret_val = true
+	case "hideflag":
+		if val, ok := flagValue.(bool); ok {
+			fmt.Println("WafUpdateRuleFlags: updating hideflag: ", w.waf.HideValues, val)
+			w.waf.HideValues = val //a direct write from wrapper to internal object -- should be ok
+			ret_val = true
+		}
 	default:
-		fmt.Println("WafUpdateRuleFlags: Invalid parameters: ", flagName, flagValue)
+		//fmt.Println("WafUpdateRuleFlags: Invalid parameters: ", flagName, flagValue)
+	}
+	if ret_val == false {
+		fmt.Println("WafUpdateRuleFlags: Invalid parameters : ", flagName, " or value: ", flagValue)
 	}
 	return ret_val
 }