FuseGuard Logo

fuseguard.components.filters
Component BaseFilter

filters.BaseFilter

The Base Component all Filters must extend.

Method Summary
public BaseFilter init(any firewallInstance)
          Called Once On Application Initialization
public void allowURI(string uriPrefix)
          Add a URI that is to be allowed to be filtered. NOT Case Sensitive
public boolean blockEnabled()
          Returns true if blocking is enabled for this filter (setBlockLevel greater than 0, and not in Log Only Mode)
public void denyURI(string uriPrefix)
          DEPRECATED, use ignoreURI
public boolean filterEnabled()
          Returns true if filtering is enabled for this filter (setFilterLevel greater than 0)
public void filterRequest()
          Filters all varaibles it can in the request when this method is called.
package void filterVariables()
public numeric getBlockLevel()
          Returns the block level specified with setBlockLevel()
public array getConfigurables()
          Returns a array of structs as configurable properties
public string getDescription()
          Returns a plain text description of what the filter does.
public variablename getFilterComponent()
          Returns the name of the component
public numeric getFilterID()
          Returns the id of the filter specified by the firewall at runtime.
public string getFilterInstanceName()
          Returns the filter instance name for this filter instance
public numeric getFilterLevel()
          Returns the filter level specified with setFilterLevel()
public any getFirewall()
          Returns a reference to the firewall object instance.
public string getHelp()
          Returns XHTML markup for a help screen.
public any getIPWhiteListID()
          Returns the ListID that the IP Whitelist is using
public any getIPWhiteListProvider()
          Returns the IP List Provider if one exists, always call hasIPWhiteList first.
public numeric getLogLevel()
          Returns the log level specified with setLogLevel()
public string getName()
          Returns the friendly name of the filter.
public string getRequestLogMessage([boolean escape="true"])
          get a message for the request if defined, otherwise returns an empty string.
public string getRequestLogMessageDetail([boolean escape="true"])
          get a message for the request if defined, otherwise returns an empty string.
public string getThreatCategory()
          Returns a threat category for this filter. Examples are xss,sql-injection,session-hijacking,authentication,validation,general the default is general
public boolean hasIPWhiteList()
          If a IP whitelist is defined by the filter returns true
public boolean ignoresVariable(variableName scope, string varName)
          Returns true if the specified variable is to be ignored from a call to ignoreVariable
public void ignoreURI(string uriPrefix)
          Add a URI that is to be skiped by the filter. NOT case sensitive
public void ignoreVariable(variableName scope, string varName)
          Ignores scanning of the specified variable.
public numeric inspectRequest()
          The method called on every request that the filter is active on. Returns a risk level from 0 to 10 - 0 being no risk found, and 10 being a high risk request.
public numeric inspectResponse([string response], [string contentType])
          Inspects response content. Returns a risk level from 0 to 10 - 0 being no risk found, and 10 being a high risk request.
public boolean inspectsCGIScope()
          Returns true if filter inspects the CGI scope
public boolean inspectsCookieScope()
          Returns true if filter inspects the COOKIE scope
public boolean inspectsFormScope()
          Returns true if filter inspects the FORM scope
public boolean inspectsRequest([any uriValue="#cgi.script_name#"], [any ip="#getFirewall().getRequestIPAddress()#"])
          Determines if the filter should inspect this request (returns true) or skip it (returns false). If you override this method you should consider the value of super.inspectsRequest.
public boolean inspectsRequestBody()
          Returns true if filter inspects the request body
public boolean inspectsURI([any uriValue="#cgi.script_name#"])
          Returns false if the filter ignores this URI from setting allowURI and denyURI functions
public boolean inspectsUrlScope()
          Returns true if filter inspects the URL scope
public numeric inspectVariable(variableName scope, string varName, any value)
          This method can be overridden by a sub component, and will be invoked for each variable by calling inspectVariables()
package numeric inspectVariables()
public boolean logEnabled()
          Returns true if logging is enabled for this filter (setLogLevel greater than 0)
public boolean logOnly()
          false.
public any setAllowDenyOrder(string order)
          Should it run the allow list first, and then the deny? or vise versa. Default is allow,deny
public void setAllowURIList(string uriList)
          A comma seperated list of URIs to allow for this filter.
public void setBlockLevel(numeric blockLevel)
          The blockLevel is an integer from 0 to 10 if set to 0 no requests will be blocked, if set to 10 only highest risk requests are blocked.
public void setFilterID(numeric filterID)
          Automatically Set by the Firewall when addFilter is called.
public void setFilterInstanceName(string name)
          If you have multiple instances of the same filter you can distinguish them by giving them each a unique filter instance name
public void setFilterLevel([numeric filterLevel])
          The filterLevel is an integer from 0 to 10 if set to 0 no requests content will be filtered, if set to 10 only highest risk requests are blocked.
public void setFilterWhitelist(string listID)
          A ip list id to skip processing
public void setIgnoreURIList(string uriList)
          A comma seperated list of URIs to ignore for this filter.
public void setIgnoreVariableList([string variableList])
          Set a list of variable names which are to be ignored by the filter.
public void setLogLevel(numeric logLevel)
          The logLevel is an integer from 0 to 10 if set to 0 nothing is logged, if set to 10 only high risk requests are logged.
public void setRequestLogMessage(string message, [string detail=""])
          used by a filter to set a log message when something is found, this message will be logged.
public void setScopes(string scopes)
          Pass in the scopes you want this filter to check.
 

Method Detail

allowURI

public void allowURI(string uriPrefix)
Add a URI that is to be allowed to be filtered. NOT Case Sensitive

Parameters:
string uriPrefix - prefix of a url, so /admin/foo/ would filter everything in that folder

blockEnabled

public boolean blockEnabled()
Returns true if blocking is enabled for this filter (setBlockLevel greater than 0, and not in Log Only Mode)


denyURI

public void denyURI(string uriPrefix)
DEPRECATED, use ignoreURI

Parameters:
string uriPrefix - prefix of a url, so /admin/ would skip everything in that folder

filterEnabled

public boolean filterEnabled()
Returns true if filtering is enabled for this filter (setFilterLevel greater than 0)


filterRequest

public void filterRequest()
Filters all varaibles it can in the request when this method is called.


filterVariables

package void filterVariables()

getBlockLevel

public numeric getBlockLevel()
Returns the block level specified with setBlockLevel()


getConfigurables

public array getConfigurables()
Returns a array of structs as configurable properties


getDescription

public string getDescription()
Returns a plain text description of what the filter does.


getFilterComponent

public variablename getFilterComponent()
Returns the name of the component


getFilterID

public numeric getFilterID()
Returns the id of the filter specified by the firewall at runtime.


getFilterInstanceName

public string getFilterInstanceName()
Returns the filter instance name for this filter instance


getFilterLevel

public numeric getFilterLevel()
Returns the filter level specified with setFilterLevel()


getFirewall

public any getFirewall()
Returns a reference to the firewall object instance.


getHelp

public string getHelp()
Returns XHTML markup for a help screen.


getIPWhiteListID

public any getIPWhiteListID()
Returns the ListID that the IP Whitelist is using


getIPWhiteListProvider

public any getIPWhiteListProvider()
Returns the IP List Provider if one exists, always call hasIPWhiteList first.


getLogLevel

public numeric getLogLevel()
Returns the log level specified with setLogLevel()


getName

public string getName()
Returns the friendly name of the filter.


getRequestLogMessage

public string getRequestLogMessage([boolean escape="true"])
get a message for the request if defined, otherwise returns an empty string.

Parameters:
[boolean escape="true"] - Escapes nasty characters

getRequestLogMessageDetail

public string getRequestLogMessageDetail([boolean escape="true"])
get a message for the request if defined, otherwise returns an empty string.

Parameters:
[boolean escape="true"] - Escapes nasty characters

getThreatCategory

public string getThreatCategory()
Returns a threat category for this filter. Examples are xss,sql-injection,session-hijacking,authentication,validation,general the default is general


hasIPWhiteList

public boolean hasIPWhiteList()
If a IP whitelist is defined by the filter returns true


ignoresVariable

public boolean ignoresVariable(variableName scope, string varName)
Returns true if the specified variable is to be ignored from a call to ignoreVariable

Parameters:
variableName scope - Must be one of: form,url,cookie,cgi
string varName - The Name of the variable to ignore

ignoreURI

public void ignoreURI(string uriPrefix)
Add a URI that is to be skiped by the filter. NOT case sensitive

Parameters:
string uriPrefix - prefix of a url, so /admin/ would skip everything in that folder

ignoreVariable

public void ignoreVariable(variableName scope, string varName)
Ignores scanning of the specified variable.

Parameters:
variableName scope - Must be one of: form,url,cookie,cgi,all
string varName - The Name of the variable to ignore

init

public BaseFilter init(any firewallInstance)
Called Once On Application Initialization

Parameters:
any firewallInstance

inspectRequest

public numeric inspectRequest()
The method called on every request that the filter is active on. Returns a risk level from 0 to 10 - 0 being no risk found, and 10 being a high risk request.


inspectResponse

public numeric inspectResponse([string response], [string contentType])
Inspects response content. Returns a risk level from 0 to 10 - 0 being no risk found, and 10 being a high risk request.

Parameters:
[string response]
[string contentType]

inspectsCGIScope

public boolean inspectsCGIScope()
Returns true if filter inspects the CGI scope


inspectsCookieScope

public boolean inspectsCookieScope()
Returns true if filter inspects the COOKIE scope


inspectsFormScope

public boolean inspectsFormScope()
Returns true if filter inspects the FORM scope


inspectsRequest

public boolean inspectsRequest([any uriValue="#cgi.script_name#"], [any ip="#getFirewall().getRequestIPAddress()#"])
Determines if the filter should inspect this request (returns true) or skip it (returns false). If you override this method you should consider the value of super.inspectsRequest.

Parameters:
[any uriValue="#cgi.script_name#"] - The URI
[any ip="#getFirewall().getRequestIPAddress()#"] - The Request IP Address

inspectsRequestBody

public boolean inspectsRequestBody()
Returns true if filter inspects the request body


inspectsURI

public boolean inspectsURI([any uriValue="#cgi.script_name#"])
Returns false if the filter ignores this URI from setting allowURI and denyURI functions

Parameters:
[any uriValue="#cgi.script_name#"]

inspectsUrlScope

public boolean inspectsUrlScope()
Returns true if filter inspects the URL scope


inspectVariable

public numeric inspectVariable(variableName scope, string varName, any value)
This method can be overridden by a sub component, and will be invoked for each variable by calling inspectVariables()

Parameters:
variableName scope
string varName
any value

inspectVariables

package numeric inspectVariables()

logEnabled

public boolean logEnabled()
Returns true if logging is enabled for this filter (setLogLevel greater than 0)


logOnly

public boolean logOnly()
false.


setAllowDenyOrder

public any setAllowDenyOrder(string order)
Should it run the allow list first, and then the deny? or vise versa. Default is allow,deny

Parameters:
string order - allow,deny or deny,allow

setAllowURIList

public void setAllowURIList(string uriList)
A comma seperated list of URIs to allow for this filter.

Parameters:
string uriList - a list of URIs

setBlockLevel

public void setBlockLevel(numeric blockLevel)
The blockLevel is an integer from 0 to 10 if set to 0 no requests will be blocked, if set to 10 only highest risk requests are blocked.

Parameters:
numeric blockLevel - 0-10

setFilterID

public void setFilterID(numeric filterID)
Automatically Set by the Firewall when addFilter is called.

Parameters:
numeric filterID

setFilterInstanceName

public void setFilterInstanceName(string name)
If you have multiple instances of the same filter you can distinguish them by giving them each a unique filter instance name

Parameters:
string name

setFilterLevel

public void setFilterLevel([numeric filterLevel])
The filterLevel is an integer from 0 to 10 if set to 0 no requests content will be filtered, if set to 10 only highest risk requests are blocked.

Parameters:
[numeric filterLevel] - 0-10

setFilterWhitelist

public void setFilterWhitelist(string listID)
A ip list id to skip processing

Parameters:
string listID

setIgnoreURIList

public void setIgnoreURIList(string uriList)
A comma seperated list of URIs to ignore for this filter.

Parameters:
string uriList - a list of URIs

setIgnoreVariableList

public void setIgnoreVariableList([string variableList])
Set a list of variable names which are to be ignored by the filter.

Parameters:
[string variableList] - A list of variable names which are to be ignored by this filter. May include scopes.

setLogLevel

public void setLogLevel(numeric logLevel)
The logLevel is an integer from 0 to 10 if set to 0 nothing is logged, if set to 10 only high risk requests are logged.

Parameters:
numeric logLevel - 0-10

setRequestLogMessage

public void setRequestLogMessage(string message, [string detail=""])
used by a filter to set a log message when something is found, this message will be logged.

Parameters:
string message
[string detail=""]

setScopes

public void setScopes(string scopes)
Pass in the scopes you want this filter to check.

Parameters:
string scopes - comma seperated list of scope names, eg: url,form,cookie,cgi