Skip to content

Latest commit

 

History

History
116 lines (85 loc) · 5.92 KB

mitigations.md

File metadata and controls

116 lines (85 loc) · 5.92 KB

Mitigation Strategies Analysis for lostisland/faraday

Mitigation Strategy: Request/Response Middleware for Sanitization

  • Description:

    1. Create a Custom Faraday Middleware Class: Define a new Ruby class that inherits from Faraday::Middleware.
    2. Implement the call Method: This method receives the request environment (env).
    3. Inspect Request Headers: Access env.request_headers. Redact or remove sensitive headers (e.g., Authorization, Cookie). Use a whitelist.
    4. Inspect Request Body (Carefully): If env.request_body exists and Content-Type is structured (e.g., application/json), parse it safely. Redact sensitive fields. Handle parsing errors.
    5. Call the Next Middleware: Use @app.call(env).
    6. Inspect Response (in on_complete): Use .on_complete on @app.call(env)'s result. Repeat steps 3 and 4 for the response.
    7. Register the Middleware: Use conn.use YourMiddlewareClass when creating your Faraday connection. Position it strategically (before logging).

  • Threats Mitigated:

    • Unintentional Exposure of Sensitive Data in Requests: (Severity: High)
    • Data Leakage via Logging: (Severity: High)

  • Impact:

    • Unintentional Exposure of Sensitive Data: Significantly reduces risk.
    • Data Leakage via Logging: Significantly reduces risk.

  • Currently Implemented:

    • Partially implemented in app/middleware/sensitive_data_redactor.rb. Redacts Authorization header.

  • Missing Implementation:

    • Response header redaction.
    • Request/response body redaction.
    • Not used by all Faraday connections.

Mitigation Strategy: Limit Redirects (follow_redirects)

  • Description:

    1. Identify Faraday Connections: Locate all Faraday connection configurations.
    2. Configure follow_redirects: If enabled, set limit to a reasonable value (e.g., 3 or 5).
    3. Disable if Unnecessary: If following redirects isn't needed, disable it.

  • Threats Mitigated:

    • Open Redirects (via follow_redirects): (Severity: Medium)
    • Denial of Service (DoS) via Redirect Loops: (Severity: Low)

  • Impact:

    • Open Redirects: Reduces risk.
    • DoS via Redirect Loops: Eliminates risk of infinite loops.

  • Currently Implemented:

    • Partially implemented. Some connections have limits, but not all.

  • Missing Implementation:

    • Consistent application to all connections.
    • Some connections might use default (unlimited) redirects.

Mitigation Strategy: Choose and Configure Secure Adapters

  • Description:

    1. Review Adapter Options: Examine Faraday adapters (Net::HTTP, Typhoeus, Excon) and documentation.
    2. Prefer Secure Defaults: Choose adapters known for security. Net::HTTP (with TLS) is a good default.
    3. Configure TLS Properly: Use TLS 1.2+ with strong cipher suites. Avoid insecure versions/ciphers. This is done within the Faraday adapter configuration.
    4. Avoid Custom Adapters (Unless Necessary): If creating a custom adapter, follow security best practices (TLS, input validation).

  • Threats Mitigated:

    • Insecure Adapter Configuration: (Severity: Medium to High)
    • Man-in-the-Middle (MITM) Attacks (if TLS is misconfigured): (Severity: High)

  • Impact:

    • Insecure Adapter Configuration: Reduces risk.
    • MITM Attacks: Significantly reduces risk with correct TLS.

  • Currently Implemented:

    • Primarily uses Net::HTTP.

  • Missing Implementation:

    • Explicit TLS configuration (ciphers, minimum version) is inconsistent.

Mitigation Strategy: Enforce SSL/TLS Certificate Verification

  • Description:

    1. Locate Faraday Connections: Find all configurations.
    2. Explicitly Enable Verification: Set ssl: { verify: true } for all connections, especially in production. Make it explicit.
    3. Use Test Certificates: In development/testing, use self-signed certs or a local CA, not disabling verification. Configure Faraday to trust them.
    4. Consider Certificate Pinning (Advanced): Explore pinning (may require custom middleware/adapter features). This is configured through Faraday (or its adapter).

  • Threats Mitigated:

    • Man-in-the-Middle (MITM) Attacks: (Severity: High)

  • Impact:

    • MITM Attacks: Eliminates risk with correct implementation.

  • Currently Implemented:

    • Verification is enabled by default in most connections.

  • Missing Implementation:

    • Not all connections explicitly set ssl: { verify: true }.
    • No use of test certificates; verification is sometimes disabled.
    • No certificate pinning.

Mitigation Strategy: Set Reasonable Timeouts

  • Description:

    1. Locate Faraday Connections: Find all configurations.
    2. Configure Timeouts: Set conn.options.timeout (overall) and conn.options.open_timeout (connection open) to reasonable values (seconds).
    3. Consider Per-Endpoint Timeouts: For different services, set timeouts per-request: request.options.timeout and request.options.open_timeout.

  • Threats Mitigated:

    • Denial of Service (DoS) via Slow Requests: (Severity: Medium)

  • Impact:

    • DoS via Slow Requests: Significantly reduces risk.

  • Currently Implemented:

    • Some connections have timeouts, but not all.

  • Missing Implementation:

    • Consistent application to all connections.
    • Some might use default (long) timeouts.
    • No per-endpoint timeouts.