func evaluateInvalidVerbs(r *http.Request) {
if !isValidVerb(r.Method) {
glog.Info("Invalid HTTP verb seen, creating event.")
go ids.AddEvent("Request", "RE2", r)
}
}
func evaluateUnexpectedVerbs(r *http.Request) {
if config.EnableGlobalPreflightRequests && r.Method == "OPTIONS" {
// using OPTIONS always allowed in preflight mode
return
}
if staticPaths.Exists(r.URL.Path) {
for _, verb := range config.Resources[r.URL.Path] {
if verb == r.Method {
// found matching verb .. bail
return
}
}
glog.Info("Invalid verb was found for static path, creating event.")
go ids.AddEvent("Request", "RE1", r)
return
}
for _, re := range regexPaths {
if re.MatchString(r.URL.Path) {
for _, verb := range config.Resources["REGEX|"+r.URL.Path] {
if verb == r.Method {
// found matching verb .. bail
return
}
}
glog.Info("Invalid verb was found for regex path, creating event.")
go ids.AddEvent("Request", "RE1", r)
return
}
}
if config.EvaluateUnlistedResources {
glog.Info("No resource listing matched, creating event.")
go ids.AddEvent("Request", "RE1", r)
}
}
func evaluateUnexpectedResources(r *http.Request) {
if staticPaths.Exists(r.URL.Path) {
// found static route, we're good
return
}
for _, re := range regexPaths {
if re.MatchString(r.URL.Path) {
// found match with regex, we're good
return
}
}
//create event - didn't find a match
glog.Info("Did not find matching resource - creating event.")
go ids.AddEvent("Access Control", "ACE1", r)
}