sentinel_modsec/operators/
detection.rs

1//! Detection operators (@detectSQLi, @detectXSS).
2//!
3//! These use our pure Rust libinjection implementation.
4
5use super::traits::{Operator, OperatorResult};
6use crate::libinjection;
7
8/// SQL injection detection operator (@detectSQLi).
9pub struct DetectSqliOperator;
10
11impl Operator for DetectSqliOperator {
12    fn execute(&self, value: &str) -> OperatorResult {
13        let result = libinjection::sqli::detect_sqli(value);
14        if result.is_injection {
15            OperatorResult::matched(result.fingerprint.unwrap_or_default())
16        } else {
17            OperatorResult::no_match()
18        }
19    }
20
21    fn name(&self) -> &'static str {
22        "detectSQLi"
23    }
24}
25
26/// XSS detection operator (@detectXSS).
27pub struct DetectXssOperator;
28
29impl Operator for DetectXssOperator {
30    fn execute(&self, value: &str) -> OperatorResult {
31        let result = libinjection::xss::detect_xss(value);
32        if result.is_injection {
33            OperatorResult::matched(result.fingerprint.unwrap_or_default())
34        } else {
35            OperatorResult::no_match()
36        }
37    }
38
39    fn name(&self) -> &'static str {
40        "detectXSS"
41    }
42}
sentinel_modsec/operators/detection.rs

sentinel_modsec/operators/
detection.rs
