Raxol.Security.Auditor (Raxol v2.0.1)
View SourceSecurity auditing and validation module for Raxol.
Provides comprehensive security checks and validations including:
- Input validation and sanitization
- Authentication and authorization checks
- SQL injection prevention
- XSS protection
- CSRF protection
- Rate limiting
- Security headers validation
Summary
Functions
Performs comprehensive security audit.
Checks authorization for a specific action.
Implements rate limiting for API endpoints.
Sanitizes HTML content to prevent XSS.
Validates authentication credentials.
Validates CSRF tokens.
Validates file uploads for security.
Validates and sanitizes user input.
Checks security headers.
Validates SQL queries for injection attempts.
Types
@type audit_result() :: {:ok, :passed} | {:error, security_risk(), String.t()}
@type security_risk() :: :low | :medium | :high | :critical
Functions
Performs comprehensive security audit.
Checks authorization for a specific action.
Implements rate limiting for API endpoints.
Sanitizes HTML content to prevent XSS.
Validates authentication credentials.
Validates CSRF tokens.
Validates file uploads for security.
Validates and sanitizes user input.
Examples
iex> validate_input("normal input", :text)
{:ok, "normal input"}
iex> validate_input("<script>alert('xss')</script>", :text)
{:error, :high, "Potential XSS attack detected"}Checks security headers.
Validates SQL queries for injection attempts.