Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(links): scan for threats with Cloudmersive #351

Merged
merged 1 commit into from
Aug 5, 2020

Conversation

LoneRifle
Copy link
Contributor

Problem

Links submitted by users are not checked for threats, and may be malicious

Solution

Use Cloudmersive's Virus Scan API to check URLs submitted by users through
a new controller

  • Rename CloudmersiveVirusScanService to CloudmersiveScanService
  • Declare UrlThreatScanServiceInterface and provide
    CloudmersiveScanService as an implementation, delegating to the
    Virus Scan API client
  • Declare and implement UrlCheckController and interface, along with
    scaffolding to drop into Express
  • Rework inversify config so that a single CloudmersiveScanService is
    injected both as a virus scan service and a url threat scan service

src/server/constants.ts Outdated Show resolved Hide resolved
- Rename CloudmersiveVirusScanService to CloudmersiveScanService
- Declare UrlThreatScanServiceInterface and provide
  CloudmersiveScanService as an implementation, delegating to the
  Virus Scan API client
- Declare and implement UrlCheckController and interface, along with
  scaffolding to drop into Express
- Rework inversify config so that a single CloudmersiveScanService is
  injected both as a virus scan service and a url threat scan service
@LoneRifle LoneRifle force-pushed the feat/links/url-threat-scan branch from 9a274e1 to d793493 Compare August 4, 2020 08:00
@LoneRifle LoneRifle requested a review from yong-jie August 4, 2020 09:55
Copy link
Member

@yong-jie yong-jie left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm!

@LoneRifle LoneRifle merged commit 38b4e9f into develop Aug 5, 2020
@LoneRifle LoneRifle deleted the feat/links/url-threat-scan branch August 5, 2020 00:58
xming13 pushed a commit to xming13/GoGovSG that referenced this pull request Aug 21, 2020
- Rename CloudmersiveVirusScanService to CloudmersiveScanService
- Declare UrlThreatScanServiceInterface and provide
  CloudmersiveScanService as an implementation, delegating to the
  Virus Scan API client
- Declare and implement UrlCheckController and interface, along with
  scaffolding to drop into Express
- Rework inversify config so that a single CloudmersiveScanService is
  injected both as a virus scan service and a url threat scan service
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants