duck.http.middlewares.security.url¶
Module containing middleware classes for inspecting URLs for various attacks like XSS and SQL Injection.
Module Contents¶
Classes¶
CommandInjectionMiddleware class mitigating against command injection attacks. |
|
SQLInjectionMiddleware class mitigating against SQL injection attacks. |
|
URLSecurityMiddleware class checking URL correctness. |
|
XSSMiddleware class mitigating against XSS attacks. |
API¶
- class duck.http.middlewares.security.url.CommandInjectionMiddleware[source]¶
Bases:
duck.http.middlewares.BaseMiddlewareCommandInjectionMiddleware class mitigating against command injection attacks.
- debug_message¶
‘Command Injection Middleware: Potential URL command injection’
- classmethod get_error_response(request) duck.http.response.HttpBadRequestResponse[source]¶
Returns appropriate error response.
- class duck.http.middlewares.security.url.SQLInjectionMiddleware[source]¶
Bases:
duck.http.middlewares.BaseMiddlewareSQLInjectionMiddleware class mitigating against SQL injection attacks.
- debug_message: str¶
‘SQL Injection Middleware: Potential URL SQL injection’
- classmethod get_error_response(request) duck.http.response.HttpBadRequestResponse[source]¶
Returns appropriate error response.
- class duck.http.middlewares.security.url.URLSecurityMiddleware[source]¶
Bases:
duck.http.middlewares.BaseMiddlewareURLSecurityMiddleware class checking URL correctness.
- debug_message: str¶
‘URL Security Middleware: Malformed URL’
- classmethod get_error_response(request) duck.http.response.HttpBadRequestResponse[source]¶
Returns an appropriate response upon error.
- class duck.http.middlewares.security.url.XSSMiddleware[source]¶
Bases:
duck.http.middlewares.BaseMiddlewareXSSMiddleware class mitigating against XSS attacks.
- debug_message: str¶
‘XSS Middleware: Potential URL XSS’
- classmethod get_error_response(request) duck.http.response.HttpBadRequestResponse[source]¶
Returns appropriate error response.