Merge pull request #83 from MeasureAuthoringTool/MAT-7204

MAT-7204: Add WAF Intercept
MeasureAuthoringTool · Jun 17, 2024 · c420834 · c420834
2 parents f282e11 + 9982787
commit c420834
Show file tree

Hide file tree

Showing 4 changed files with 66 additions and 17 deletions.
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -25,11 +25,11 @@
     "@babel/runtime": "^7.15.3",
     "@testing-library/jest-dom": "^5.14.1",
     "@testing-library/react": "^12.0.0",
-    "@types/testing-library__jest-dom": "^5.14.1",
     "@types/jest": "^27.0.1",
     "@types/react": "^17.0.19",
     "@types/react-dom": "^17.0.9",
     "@types/systemjs": "^6.1.1",
+    "@types/testing-library__jest-dom": "^5.14.1",
     "@types/webpack-env": "^1.16.2",
     "babel-jest": "^27.0.6",
     "babel-plugin-macros": "^3.1.0",
@@ -57,14 +57,15 @@
   },
   "dependencies": {
     "@madie/madie-models": "^1.3.11",
+    "axios": "^1.6.7",
+    "dompurify": "^3.1.5",
     "react": "^17.0.2",
     "react-dom": "^17.0.2",
     "rxjs": "^7.5.5",
     "single-spa": "^5.9.3",
     "single-spa-react": "^4.3.1",
     "styled-components": "^5.3.5",
-    "twin.macro": "^2.8.2",
-    "axios": "^1.6.7"
+    "twin.macro": "^2.8.2"
   },
   "types": "dist/madie-madie-util.d.ts",
   "overrides": {

diff --git a/src/madie-madie-util.tsx b/src/madie-madie-util.tsx
@@ -9,6 +9,7 @@ import { getServiceConfig } from "./Config/Config";
 import { default as useKeyPress } from "./hooks/useKeyPress";
 import { default as useOktaTokens } from "./hooks/useOktaTokens";
 import { default as useOnClickOutside } from "./hooks/useOnClickOutside";
+import { default as wafIntercept } from "./util/wafIntercept";
 import { measureStore } from "./Store/measureStore";
 import { cqlLibraryStore } from "./Store/cqlLibraryStore";
 import { routeHandlerStore } from "./Store/routeHandlerStore";
@@ -37,4 +38,5 @@ export {
   checkUserCanDelete,
   useFeatureFlags,
   getOidFromString,
+  wafIntercept,
 };
diff --git a/src/util/wafIntercept.ts b/src/util/wafIntercept.ts
@@ -0,0 +1,35 @@
+import axios from "axios";
+import DOMPurify from "dompurify";
+
+const wafIntercept = () =>
+  axios.interceptors.response.use(
+    (response) => {
+      return response;
+    },
+    (error) => {
+      // Check for WAF block
+      if (
+        error?.response?.status === 403 &&
+        error?.response?.headers["content-type"].includes("text/html") &&
+        JSON.stringify(error.response.data).includes("[email protected]")
+      ) {
+        // eslint-disable-next-line no-console
+        console.log("WAF Interceptor Triggered");
+
+        const supportID = error.response.data.includes("ID:")
+          ? error.response.data.split("ID:")[1].split("<br>")[0].trim()
+          : "";
+        const body = error.response.data.split("<body>")[1].split("<br>")[0];
+        const purifiedBody = DOMPurify.sanitize(body, { ALLOWED_TAGS: [] });
+
+        const wafEvent = new CustomEvent("wafReject", {
+          detail: { message: purifiedBody, supportId: supportID },
+        });
+        document.dispatchEvent(wafEvent);
+        throw new Error(purifiedBody); // no tags allowed, removes all HTML tags.
+      }
+
+      return Promise.reject(error);
+    }
+  );
+export default wafIntercept;