fuseguard.components.filters.BaseFilter

fuseguard.components.filters
Component BaseFilter

filters.BaseFilter

The Base Component all Filters must extend.

Method Summary

public BaseFilter init(any firewallInstance)
          Called Once On Application Initialization

public void allowURI(string uriPrefix)
          Add a URI that is to be allowed to be filtered. NOT Case Sensitive

public boolean blockEnabled()
          Returns true if blocking is enabled for this filter (setBlockLevel greater than 0)

public void denyURI(string uriPrefix)
          DEPRECATED, use ignoreURI

public boolean filterEnabled()
          Returns true if filtering is enabled for this filter (setFilterLevel greater than 0)

public void filterRequest()
          Filters all varaibles it can in the request when this method is called.

package void filterVariables()

public numeric getBlockLevel()
          Returns the block level specified with setBlockLevel()

public string getDescription()
          Returns a plain text description of what the filter does.

public variablename getFilterComponent()
          Returns the name of the component

public numeric getFilterID()
          Returns the id of the filter specified by the firewall at runtime.

public string getFilterInstanceName()
          Returns the filter instance name for this filter instance

public numeric getFilterLevel()
          Returns the filter level specified with setFilterLevel()

public any getFirewall()
          Returns a reference to the firewall object instance.

public string getHelp()
          Returns XHTML markup for a help screen.

public numeric getLogLevel()
          Returns the log level specified with setLogLevel()

public string getName()
          Returns the friendly name of the filter.

public string getRequestLogMessage([boolean escape="true"])
          get a message for the request if defined, otherwise returns an empty string.

public string getRequestLogMessageDetail([boolean escape="true"])
          get a message for the request if defined, otherwise returns an empty string.

public string getThreatCategory()
          Returns a threat category for this filter. Examples are xss,sql-injection,session-hijacking,authentication,validation,general the default is general

public boolean ignoresVariable(variableName scope, string varName)
          Returns true if the specified variable is to be ignored from a call to ignoreVariable

public void ignoreURI(string uriPrefix)
          Add a URI that is to be skiped by the filter. NOT case sensitive

public void ignoreVariable(variableName scope, string varName)
          Ignores scanning of the specified variable.

public numeric inspectRequest()
          The method called on every request that the filter is active on. Returns a risk level from 0 to 10 - 0 being no risk found, and 10 being a high risk request.

public boolean inspectsCGIScope()
          Returns true if filter inspects the CGI scope

public boolean inspectsCookieScope()
          Returns true if filter inspects the COOKIE scope

public boolean inspectsFormScope()
          Returns true if filter inspects the FORM scope

public boolean inspectsURI([any uriValue="#cgi.script_name#"])
          Returns false if the filter ignores this URI from setting allowURI and denyURI functions

public boolean inspectsUrlScope()
          Returns true if filter inspects the URL scope

public numeric inspectVariable(variableName scope, string varName, any value)
          This method can be overridden by a sub component, and will be invoked for each variable by calling inspectVariables()

package numeric inspectVariables()

public boolean logEnabled()
          Returns true if logging is enabled for this filter (setLogLevel greater than 0)

public boolean logOnly()
          false.

public any setAllowDenyOrder(string order)
          Should it run the allow list first, and then the deny? or vise versa. Default is allow,deny

public void setBlockLevel(numeric blockLevel)
          The blockLevel is an integer from 0 to 10 if set to 0 no requests will be blocked, if set to 10 only highest risk requests are blocked.

public void setFilterID(numeric filterID)
          Automatically Set by the Firewall when addFilter is called.

public void setFilterInstanceName([string name])
          If you have multiple instances of the same filter you can distinguish them by giving them each a unique filter instance name

public void setFilterLevel([numeric filterLevel])
          The filterLevel is an integer from 0 to 10 if set to 0 no requests content will be filtered, if set to 10 only highest risk requests are blocked.

public void setLogLevel(numeric logLevel)
          The logLevel is an integer from 0 to 10 if set to 0 nothing is logged, if set to 10 only high risk requests are logged.

public void setRequestLogMessage(string message, [string detail=""])
          used by a filter to set a log message when something is found, this message will be logged.

public void setScopes(string scopes)
          Pass in the scopes you want this filter to check.

Method Detail

allowURI

public void allowURI(string uriPrefix)

Add a URI that is to be allowed to be filtered. NOT Case Sensitive

Parameters:: string uriPrefix - prefix of a url, so /admin/foo/ would filter everything in that folder

blockEnabled

public boolean blockEnabled()

Returns true if blocking is enabled for this filter (setBlockLevel greater than 0)

denyURI

public void denyURI(string uriPrefix)

DEPRECATED, use ignoreURI

Parameters:: string uriPrefix - prefix of a url, so /admin/ would skip everything in that folder

filterEnabled

public boolean filterEnabled()

Returns true if filtering is enabled for this filter (setFilterLevel greater than 0)

filterRequest

public void filterRequest()

Filters all varaibles it can in the request when this method is called.

filterVariables

package void filterVariables()

getBlockLevel

public numeric getBlockLevel()

Returns the block level specified with setBlockLevel()

getDescription

public string getDescription()

Returns a plain text description of what the filter does.

getFilterComponent

public variablename getFilterComponent()

Returns the name of the component

getFilterID

public numeric getFilterID()

Returns the id of the filter specified by the firewall at runtime.

getFilterInstanceName

public string getFilterInstanceName()

Returns the filter instance name for this filter instance

getFilterLevel

public numeric getFilterLevel()

Returns the filter level specified with setFilterLevel()

getFirewall

public any getFirewall()

Returns a reference to the firewall object instance.

getHelp

public string getHelp()

Returns XHTML markup for a help screen.

getLogLevel

public numeric getLogLevel()

Returns the log level specified with setLogLevel()

getName

public string getName()

Returns the friendly name of the filter.

getRequestLogMessage

public string getRequestLogMessage([boolean escape="true"])

get a message for the request if defined, otherwise returns an empty string.

Parameters:: [boolean escape="true"] - Escapes nasty characters

getRequestLogMessageDetail

public string getRequestLogMessageDetail([boolean escape="true"])

get a message for the request if defined, otherwise returns an empty string.

Parameters:: [boolean escape="true"] - Escapes nasty characters

getThreatCategory

public string getThreatCategory()

Returns a threat category for this filter. Examples are xss,sql-injection,session-hijacking,authentication,validation,general the default is general

ignoresVariable

public boolean ignoresVariable(variableName scope, string varName)

Returns true if the specified variable is to be ignored from a call to ignoreVariable

Parameters:: variableName scope - Must be one of: form,url,cookie,cgi; string varName - The Name of the variable to ignore

ignoreURI

public void ignoreURI(string uriPrefix)

Add a URI that is to be skiped by the filter. NOT case sensitive

Parameters:: string uriPrefix - prefix of a url, so /admin/ would skip everything in that folder

ignoreVariable

public void ignoreVariable(variableName scope, string varName)

Ignores scanning of the specified variable.

Parameters:: variableName scope - Must be one of: form,url,cookie,cgi,all; string varName - The Name of the variable to ignore

init

public BaseFilter init(any firewallInstance)

Called Once On Application Initialization

Parameters:: any firewallInstance

inspectRequest

public numeric inspectRequest()

The method called on every request that the filter is active on. Returns a risk level from 0 to 10 - 0 being no risk found, and 10 being a high risk request.

inspectsCGIScope

public boolean inspectsCGIScope()

Returns true if filter inspects the CGI scope

inspectsCookieScope

public boolean inspectsCookieScope()

Returns true if filter inspects the COOKIE scope

inspectsFormScope

public boolean inspectsFormScope()

Returns true if filter inspects the FORM scope

inspectsURI

public boolean inspectsURI([any uriValue="#cgi.script_name#"])

Returns false if the filter ignores this URI from setting allowURI and denyURI functions

Parameters:: [any uriValue="#cgi.script_name#"]

inspectsUrlScope

public boolean inspectsUrlScope()

Returns true if filter inspects the URL scope

inspectVariable

public numeric inspectVariable(variableName scope, string varName, any value)

This method can be overridden by a sub component, and will be invoked for each variable by calling inspectVariables()

Parameters:: variableName scope; string varName; any value

inspectVariables

package numeric inspectVariables()

logEnabled

public boolean logEnabled()

Returns true if logging is enabled for this filter (setLogLevel greater than 0)

logOnly

public boolean logOnly()

false.

setAllowDenyOrder

public any setAllowDenyOrder(string order)

Should it run the allow list first, and then the deny? or vise versa. Default is allow,deny

Parameters:: string order - allow,deny or deny,allow

setBlockLevel

public void setBlockLevel(numeric blockLevel)

The blockLevel is an integer from 0 to 10 if set to 0 no requests will be blocked, if set to 10 only highest risk requests are blocked.

Parameters:: numeric blockLevel - 0-10

setFilterID

public void setFilterID(numeric filterID)

Automatically Set by the Firewall when addFilter is called.

Parameters:: numeric filterID

setFilterInstanceName

public void setFilterInstanceName([string name])

If you have multiple instances of the same filter you can distinguish them by giving them each a unique filter instance name

Parameters:: [string name]

setFilterLevel

public void setFilterLevel([numeric filterLevel])

The filterLevel is an integer from 0 to 10 if set to 0 no requests content will be filtered, if set to 10 only highest risk requests are blocked.

Parameters:: [numeric filterLevel] - 0-10

setLogLevel

public void setLogLevel(numeric logLevel)

The logLevel is an integer from 0 to 10 if set to 0 nothing is logged, if set to 10 only high risk requests are logged.

Parameters:: numeric logLevel - 0-10

setRequestLogMessage

public void setRequestLogMessage(string message, [string detail=""])

used by a filter to set a log message when something is found, this message will be logged.

Parameters:: string message; [string detail=""]

setScopes

public void setScopes(string scopes)

Pass in the scopes you want this filter to check.

Parameters:: string scopes - comma seperated list of scope names, eg: url,form,cookie,cgi

Method Summary
`public BaseFilter`	`init(any firewallInstance)` Called Once On Application Initialization
`public void`	`allowURI(string uriPrefix)` Add a URI that is to be allowed to be filtered. NOT Case Sensitive
`public boolean`	`blockEnabled()` Returns true if blocking is enabled for this filter (setBlockLevel greater than 0)
`public void`	`denyURI(string uriPrefix)` DEPRECATED, use ignoreURI
`public boolean`	`filterEnabled()` Returns true if filtering is enabled for this filter (setFilterLevel greater than 0)
`public void`	`filterRequest()` Filters all varaibles it can in the request when this method is called.
`package void`	`filterVariables()`
`public numeric`	`getBlockLevel()` Returns the block level specified with setBlockLevel()
`public string`	`getDescription()` Returns a plain text description of what the filter does.
`public variablename`	`getFilterComponent()` Returns the name of the component
`public numeric`	`getFilterID()` Returns the id of the filter specified by the firewall at runtime.
`public string`	`getFilterInstanceName()` Returns the filter instance name for this filter instance
`public numeric`	`getFilterLevel()` Returns the filter level specified with setFilterLevel()
`public any`	`getFirewall()` Returns a reference to the firewall object instance.
`public string`	`getHelp()` Returns XHTML markup for a help screen.
`public numeric`	`getLogLevel()` Returns the log level specified with setLogLevel()
`public string`	`getName()` Returns the friendly name of the filter.
`public string`	`getRequestLogMessage([boolean escape="true"])` get a message for the request if defined, otherwise returns an empty string.
`public string`	`getRequestLogMessageDetail([boolean escape="true"])` get a message for the request if defined, otherwise returns an empty string.
`public string`	`getThreatCategory()` Returns a threat category for this filter. Examples are xss,sql-injection,session-hijacking,authentication,validation,general the default is general
`public boolean`	`ignoresVariable(variableName scope, string varName)` Returns true if the specified variable is to be ignored from a call to ignoreVariable
`public void`	`ignoreURI(string uriPrefix)` Add a URI that is to be skiped by the filter. NOT case sensitive
`public void`	`ignoreVariable(variableName scope, string varName)` Ignores scanning of the specified variable.
`public numeric`	`inspectRequest()` The method called on every request that the filter is active on. Returns a risk level from 0 to 10 - 0 being no risk found, and 10 being a high risk request.
`public boolean`	`inspectsCGIScope()` Returns true if filter inspects the CGI scope
`public boolean`	`inspectsCookieScope()` Returns true if filter inspects the COOKIE scope
`public boolean`	`inspectsFormScope()` Returns true if filter inspects the FORM scope
`public boolean`	`inspectsURI([any uriValue="#cgi.script_name#"])` Returns false if the filter ignores this URI from setting allowURI and denyURI functions
`public boolean`	`inspectsUrlScope()` Returns true if filter inspects the URL scope
`public numeric`	`inspectVariable(variableName scope, string varName, any value)` This method can be overridden by a sub component, and will be invoked for each variable by calling inspectVariables()
`package numeric`	`inspectVariables()`
`public boolean`	`logEnabled()` Returns true if logging is enabled for this filter (setLogLevel greater than 0)
`public boolean`	`logOnly()` false.
`public any`	`setAllowDenyOrder(string order)` Should it run the allow list first, and then the deny? or vise versa. Default is allow,deny
`public void`	`setBlockLevel(numeric blockLevel)` The blockLevel is an integer from 0 to 10 if set to 0 no requests will be blocked, if set to 10 only highest risk requests are blocked.
`public void`	`setFilterID(numeric filterID)` Automatically Set by the Firewall when addFilter is called.
`public void`	`setFilterInstanceName([string name])` If you have multiple instances of the same filter you can distinguish them by giving them each a unique filter instance name
`public void`	`setFilterLevel([numeric filterLevel])` The filterLevel is an integer from 0 to 10 if set to 0 no requests content will be filtered, if set to 10 only highest risk requests are blocked.
`public void`	`setLogLevel(numeric logLevel)` The logLevel is an integer from 0 to 10 if set to 0 nothing is logged, if set to 10 only high risk requests are logged.
`public void`	`setRequestLogMessage(string message, [string detail=""])` used by a filter to set a log message when something is found, this message will be logged.
`public void`	`setScopes(string scopes)` Pass in the scopes you want this filter to check.

fuseguard.components.filters Component BaseFilter