[Docs] api docs

2026-06-04 05:11:52 +09:00 · 2025-06-26 15:35:12 +09:00 · 2025-06-26 15:35:12 +09:00 · 4deb032708
commit 4deb032708
parent 3c5db3c1fd
3 changed files with 33 additions and 7 deletions
--- a/addon/csrf_check.py
+++ b/addon/csrf_check.py
@ -76,10 +76,20 @@ class CsrfChecker:
        resp_nonce = self.get_query_param(loc, param) if param else None

        if resp_nonce is None:
-            report_vuln(title="CSRF Risk", desc="Missing nonce in redirect response", status="CRITICAL", uri=flow.request.url)
+            report_vuln(
+                title="CSRF Risk", 
+                desc="Missing nonce in redirect response", 
+                status="CRITICAL", 
+                uri=flow.request.url
+            )
            return 1
        if orig_nonce != resp_nonce:
-            report_vuln(title="CSRF Risk", desc="Nonce mismatch request↔response", status="HIGH", uri=flow.request.url)
+            report_vuln(
+                title="CSRF Risk", 
+                desc="Nonce mismatch request↔response", 
+                status="HIGH", 
+                uri=flow.request.url
+            )
            return 1

        return 0
@ -103,7 +113,12 @@ class CsrfChecker:
        if new_nonce is None:
            return 0
        if new_nonce == orig_nonce:
-            report_vuln(title="CSRF Risk", desc="Nonce reused without cookies", status="CRITICAL", uri=flow.request.url)
+            report_vuln(
+                title="CSRF Risk", 
+                desc="Nonce reused without cookies", 
+                status="CRITICAL", 
+                uri=flow.request.url
+            )
            return 1

        # (2) 두 번의 리다이렉트 비교
@ -120,7 +135,12 @@ class CsrfChecker:
            and urlparse(req1.headers.get("location", "")).path
            == urlparse(req2.headers.get("location", "")).path
        ):
-            report_vuln(title="CSRF Risk", desc="Identical redirects on nonce swap → potential CSRF", status="NOT-VERIFIED-HIGH", uri=flow.request.url)
+            report_vuln(
+                title="CSRF Risk", 
+                desc="Identical redirects on nonce swap → potential CSRF", 
+                status="NOT-VERIFIED-HIGH", 
+                uri=flow.request.url
+            )
            return 1

        return 0
@ -130,7 +150,12 @@ class CsrfChecker:

            # 1) 요청에 nonce 없으면
            if is_oauth_uri(flow.request.url) and not self.check_nonce_in_request(flow):
-                report_vuln(title="CSRF Risk", desc="Missing nonce in OAuth request", status="CRITICAL", uri=flow.request.url)
+                report_vuln(
+                    title="CSRF Risk", 
+                    desc="Missing nonce in OAuth request", 
+                    status="CRITICAL", 
+                    uri=flow.request.url
+                )
                return

            # 2) 리다이렉트에서 nonce 검사