From 3b8a680d128f1b92f0f4d417d09df11f9f7b15da Mon Sep 17 00:00:00 2001 From: Renaud Bidou <34469789+rbidou@users.noreply.github.com> Date: Sat, 25 Nov 2023 16:17:51 +0100 Subject: [PATCH] v0.3.1 --- README.md | 4 ++-- pyproject.toml | 2 +- pyrasp/pyrasp.py | 10 +++++----- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index adb0178..71186c2 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ Security modules, technology, and operations are provided in the table below. | HTTP Parameter Polution | Grouping | Prevents HPP attacks attempts | ## Supported Frameworks -`pyrasp` 0.3.0 supports Flask, FastAPI and Flask +`pyrasp` 0.3.x supports Flask, FastAPI and Flask > **IMPORTANT** FastAPI support requires `starlette` >= 0.28.0 @@ -90,7 +90,7 @@ MIDDLEWARE = [ At startup of the application `pyrasp` loading information is displayed. ``` -### PyRASP v0.3.0 ########## +### PyRASP v0.3.1 ########## [+] Starting PyRASP [+] Loading configuration from rasp.json [+] XSS model loaded diff --git a/pyproject.toml b/pyproject.toml index 0e9dd92..0e45b66 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [project] name = "pyrasp" -version = "0.3.0" +version = "0.3.1" authors = [ { name = "Renaud Bidou", email = "renaud@paracyberbellum.io" } ] diff --git a/pyrasp/pyrasp.py b/pyrasp/pyrasp.py index dd6d6cd..3bca6fe 100644 --- a/pyrasp/pyrasp.py +++ b/pyrasp/pyrasp.py @@ -1,4 +1,4 @@ -VERSION = '0.3.0' +VERSION = '0.3.1' from pprint import pprint import time @@ -686,6 +686,10 @@ def check_inbound_attacks(self, host, request_method, request_path, source_ip, t (attack_location, attack_payload) = (None, None) + ignore = False + attack_id = None + attack = None + # Check if source is whitelisted whitelist = False @@ -696,10 +700,6 @@ def check_inbound_attacks(self, host, request_method, request_path, source_ip, t # Not whitelisted, going through security tests if not whitelist: - ignore = False - attack_id = None - attack = None - ### Rules to be applied to all requests # Check if source IP is already blacklisted