Packages
sobelow
0.3.8
0.14.1
0.14.0
0.13.0
0.12.2
0.12.1
0.12.0
0.11.1
0.11.0
0.10.6
0.10.5
0.10.4
0.10.3
0.10.2
0.10.1
0.10.0
0.9.3
0.9.2
0.9.1
0.9.0
0.8.0
0.7.8
0.7.7
0.7.6
0.7.5
0.7.4
0.7.3
0.7.2
0.7.1
0.7.0
0.6.9
0.6.8
0.6.7
0.6.6
0.6.5
0.6.4
0.6.3
0.6.2
0.6.1
0.6.0
0.5.4
0.5.3
0.5.2
0.5.1
0.5.0
0.4.9
0.4.8
0.4.7
0.4.6
0.4.5
0.4.4
0.4.3
0.4.2
0.4.1
0.4.0
0.3.12
0.3.11
0.3.10
0.3.9
0.3.8
0.3.7
0.3.6
0.3.5
0.3.4
0.3.3
0.3.2
0.3.1
0.3.0
0.2.8
0.2.7
0.2.6
0.2.5
0.2.4
0.2.3
Security-focused static analysis for Elixir & the Phoenix framework
Current section
Files
Jump to
Current section
Files
lib/sobelow/config.ex
defmodule Sobelow.Config do
alias Sobelow.Utils
alias Sobelow.Config.CSRF
@submodules [Sobelow.Config.CSRF,
Sobelow.Config.Secrets,
Sobelow.Config.HTTPS,
Sobelow.Config.HSTS]
use Sobelow.Finding
@skip_files ["dev.exs", "test.exs", "dev.secret.exs", "test.secret.exs"]
def fetch(root, router) do
allowed = @submodules -- Sobelow.get_ignored()
dir_path = root <> "config/"
if File.dir?(dir_path) do
configs =
File.ls!(dir_path)
|> Enum.filter(&want_to_scan?/1)
Enum.each allowed, fn mod ->
path = if mod === CSRF, do: router, else: dir_path
apply(mod, :run, [path, configs])
end
end
end
defp want_to_scan?(conf) do
if Path.extname(conf) === ".exs" && !Enum.member?(@skip_files, conf), do: conf
end
def get_configs_by_file(secret, file) do
if File.exists?(file) do
Utils.get_configs(secret, file)
else
[]
end
end
end