class SoapTagger

Overview

Flags SOAP / XML web-service endpoints. SOAP surfaces warrant XML- specific review (XXE, SOAP-action spoofing, WS-Security handling) that differs from a typical REST/JSON route, so calling them out helps a reviewer pick the right lens.

Defined in:

tagger/taggers/soap.cr

Constant Summary

HEADER_NAMES = Set {"soapaction"}

Request headers that mark a SOAP call. SOAPAction is mandatory in SOAP 1.1; Content-Type: application/soap+xml is the SOAP 1.2 marker.

URL_MARKERS = ["?wsdl", ".wsdl", ".asmx"]

Unambiguous SOAP / XML-web-service URL markers: WSDL documents and the classic ASP.NET (.asmx) handler. A bare soap path segment is deliberately not matched — it collides with non-SOAP routes (e.g. a /products/soap store listing).

Constructors

Instance Method Summary

Instance methods inherited from class Tagger

name : String name, perform(endpoints : Array(Endpoint)) : Array(Endpoint) perform

Constructor methods inherited from class Tagger

new(options : Hash(String, YAML::Any)) new

Constructor Detail

def self.new(options : Hash(String, YAML::Any)) #

[View source]

Instance Method Detail

def perform(endpoints : Array(Endpoint)) #

[View source]