Skip to content

Generalize ASGI Middleware used in Quart to a function #564

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
bitterpanda63 wants to merge 20 commits into
base: main
Choose a base branch
from
+1,477 βˆ’63
Draft

Generalize ASGI Middleware used in Quart to a function #564

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
20 commits
Select commit Hold shift + click to select a range
a2d632e
Create general use asgi middleware
bitterpanda63 Dec 30, 2025
d708e59
Update quart.py to start using this internal middleware
bitterpanda63 Dec 30, 2025
44b28b0
asgi_middleware, write response
bitterpanda63 Dec 30, 2025
dbdd8f7
quart: remove code that otherwise would write the resposne
bitterpanda63 Dec 30, 2025
fc3c5fd
Fix asgi_middleware bugs
bitterpanda63 Dec 30, 2025
3e17be0
quart instead of __call__, use the asgi_app hook
bitterpanda63 Dec 30, 2025
fa05e8d
create a run_with_intercepts for asgi middleware
bitterpanda63 Dec 30, 2025
d86a170
Fix interceptor (add comments), and fix lint issue
bitterpanda63 Dec 30, 2025
706bde2
Fix asgi_middleware.py (use message as default name, explain)
bitterpanda63 Dec 30, 2025
bc6b241
quart.py : remove status code handler
bitterpanda63 Dec 30, 2025
c4d1a53
Linting fix: add extra line for quart.py
bitterpanda63 Dec 30, 2025
b02ecca
remove status_code from quart.py docstring
bitterpanda63 Dec 30, 2025
840b0c5
Rename InterceptorSkeletonClass to InterceptorSkeleton
bitterpanda63 Dec 30, 2025
8448c56
asgi_middleware: add support for legacy
bitterpanda63 Dec 30, 2025
a9818dc
quart: support both legacy and non-legacy
bitterpanda63 Dec 30, 2025
a33f58d
hypercorn_asgi
bitterpanda63 Dec 31, 2025
4959447
hypercorn asgi sample app (WIP)
bitterpanda63 Dec 31, 2025
5e3587a
add cli tool
bitterpanda63 Dec 31, 2025
7f97945
pythonpath try outs
bitterpanda63 Dec 31, 2025
8b80276
Revert "pythonpath try outs"
bitterpanda63 Dec 31, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions aikido_zen/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,7 @@ def protect(mode="daemon", token=""):
import aikido_zen.sources.starlette
import aikido_zen.sources.xml_sources.xml
import aikido_zen.sources.xml_sources.lxml
import aikido_zen.sources.hypercorn_asgi

# Import DB Sinks
import aikido_zen.sinks.pymysql
Expand Down
4 changes: 4 additions & 0 deletions aikido_zen/__main__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
from aikido_zen.cli import main

if __name__ == "__main__":
main()
45 changes: 45 additions & 0 deletions aikido_zen/cli/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
import sys
import subprocess
from typing import List

import aikido_zen


def run_command(args: List[str]) -> int:
"""
Run the provided command as a subprocess.
"""
if not args:
print("Error: No command provided.", file=sys.stderr)
return 1

try:
# Run the command as a subprocess
result = subprocess.run(args, check=False)
return result.returncode
except KeyboardInterrupt:
print("\nCommand interrupted by user.", file=sys.stderr)
return 130 # SIGINT exit code
except Exception as e:
print(f"Error: {e}", file=sys.stderr)
return 1

def main() -> int:
"""
Entry point for aikido_zen cli tool.
"""
if len(sys.argv) < 2:
print("Usage: aikido_zen <command> [args...]", file=sys.stderr)
return 1

# Start background process
aikido_zen.protect(mode="daemon_only")

# The command to run is everything after `aikido_zen`
Copy link

@aikido-pr-checks aikido-pr-checks bot Dec 31, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The inline comment only restates argv slicing. Remove it or replace with a brief 'why' (rationale for passing args to the executed command).

Details

✨ AI Reasoning
​A comment was added that merely restates the code's behavior (how argv is sliced). Such "what" comments add little value and may rot; prefer removing it or replacing with a brief explanation of rationale or edge-cases the slicing addresses.

πŸ”§ How do I fix it?
Write comments that explain the purpose, reasoning, or business logic behind the code using words like 'because', 'so that', or 'in order to'.

More info - Comment @AikidoSec feedback: [FEEDBACK] to get better review comments in the future.

command = sys.argv[1:]
status = run_command(command)

return status

if __name__ == "__main__":
sys.exit(main())
2 changes: 1 addition & 1 deletion aikido_zen/context/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@
current_context = contextvars.ContextVar("current_context", default=None)

WSGI_SOURCES = ["django", "flask"]
ASGI_SOURCES = ["quart", "django_async", "starlette"]
ASGI_SOURCES = ["quart", "django_async", "starlette", "hypercorn_asgi"]


def get_current_context():
Expand Down
93 changes: 93 additions & 0 deletions aikido_zen/sources/functions/asgi_middleware.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,93 @@
import inspect
from aikido_zen.context import Context
from aikido_zen.helpers.get_argument import get_argument
from aikido_zen.sinks import before_async, patch_function
from aikido_zen.sources.functions.request_handler import request_handler, post_response
from aikido_zen.thread.thread_cache import get_cache


class InternalASGIMiddleware:
def __init__(self, app, source: str):
self.client_app = app
self.source = source

async def __call__(self, scope, receive, send):
if not scope or scope.get("type") != "http":
# Zen checks requests coming into HTTP(S) server, ignore other requests (like ws)
return await self.continue_app(scope, receive, send)

context = Context(req=scope, source=self.source)

process_cache = get_cache()
if process_cache and process_cache.is_bypassed_ip(context.remote_address):
Copy link

@aikido-pr-checks aikido-pr-checks bot Dec 30, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

process_cache.is_bypassed_ip(...) short-circuits request handling and skips context setup; avoid silent bypasses or gate them behind explicit config/audit logging.

Details

✨ AI Reasoning
​The change introduces a bypass: when process_cache.is_bypassed_ip(...) is true the middleware returns early and skips setting a context or running any further request handling. This is an intentional short-circuit of request processing introduced in this PR and can silently disable security/validation logic for those IPs. It reduces visibility and may leave requests unobserved by later instrumentation.

πŸ”§ How do I fix it?
Remove debugging statements like console.log, debugger, dd(), or logic bypasses like || true. Keep legitimate logging for monitoring and error handling.

More info - Comment @AikidoSec feedback: [FEEDBACK] to get better review comments in the future.

# IP address is bypassed, for simplicity we do not set a context,
# and we do not do any further handling of the request.
return await self.continue_app(scope, receive, send)

context.set_as_current_context()
if process_cache:
# Since this SHOULD be the highest level of the apps we wrap, this is the safest place
# to increment total hits.
process_cache.stats.increment_total_hits()

intercept_response = request_handler(stage="pre_response")
if intercept_response:
# The request has already been blocked (e.g. IP is on blocklist)
return await send_status_code_and_text(send, intercept_response)

return await self.run_with_intercepts(scope, receive, send)

async def run_with_intercepts(self, scope, receive, send):
# We use a skeleton class so we can use patch_function (and the logic already defined in @before_async)
class InterceptorSkeleton:
@staticmethod
async def send(*args, **kwargs):
return await send(*args, **kwargs)

patch_function(InterceptorSkeleton, "send", send_interceptor)

return await self.continue_app(scope, receive, InterceptorSkeleton.send)

async def continue_app(self, scope, receive, send):
client_app_parameters = len(inspect.signature(self.client_app).parameters)
if client_app_parameters == 2:
# This is possible if the app is still using ASGI v2.0
# See https://asgi.readthedocs.io/en/latest/specs/main.html#legacy-applications
# client_app = coroutine application_instance(receive, send)
await self.client_app(receive, send)
else:
# client_app = coroutine application(scope, receive, send)
await self.client_app(scope, receive, send)


async def send_status_code_and_text(send, pre_response):
await send(
{
"type": "http.response.start",
"status": pre_response[1],
"headers": [(b"content-type", b"text/plain")],
}
)
await send(
{
"type": "http.response.body",
"body": pre_response[0].encode("utf-8"),
"more_body": False,
}
)


@before_async
async def send_interceptor(func, instance, args, kwargs):
# There is no name for the send() comment in the standard, it really depends (quart uses message)
event = get_argument(args, kwargs, 0, name="message")

# https://asgi.readthedocs.io/en/latest/specs/www.html#response-start-send-event
if not event or "http.response.start" not in event.get("type", ""):
# If the event is not of type http.response.start it won't contain the status code.
# And this event is required before sending over a body (so even 200 status codes are intercepted).
return

if "status" in event:
# Handle post response logic (attack waves, route reporting, ...)
post_response(status_code=int(event.get("status")))
24 changes: 24 additions & 0 deletions aikido_zen/sources/hypercorn_asgi.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
from aikido_zen.context import get_current_context
from .functions.asgi_middleware import InternalASGIMiddleware
from ..helpers.get_argument import get_argument
from ..sinks import on_import, patch_function, before_async, after
from aikido_zen.helpers.logging import logger

@before_async
Copy link

@aikido-pr-checks aikido-pr-checks bot Dec 31, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Function '_call_before' name is vague and undocumented; add a clear name and short docstring explaining its role and inputs (it runs prior to ASGI app execution and invokes the InternalASGIMiddleware).

Details

✨ AI Reasoning
​A new async helper function was added that is intended to run before the ASGI app is invoked and invoke InternalASGIMiddleware. The function's name and lack of docstring make its role and intent unclear to readers: it's not obvious what "_call_before" is calling before, what arguments it expects, or why it invokes InternalASGIMiddleware with instance.app. This increases cognitive load for maintainers and makes the hook behavior harder to understand.

πŸ”§ How do I fix it?
Use descriptive verb-noun function names, add docstrings explaining the function's purpose, or provide meaningful return type hints.

More info - Comment @AikidoSec feedback: [FEEDBACK] to get better review comments in the future.

async def _call_before(func, instance, args, kwargs):
scope = get_argument(args, kwargs, 0, "scope")
receive = get_argument(args, kwargs, 1, "receive")
send = get_argument(args, kwargs, 2, "send")
await InternalASGIMiddleware(instance.app, "hypercorn_asgi")(scope, receive, send)


@on_import("hypercorn.app_wrappers", "hypercorn")
def patch(m):
"""
https://github.com/pgjones/hypercorn/blob/0e2311f1ad2ae587aaa590f3824f59aa5dc0e770/src/hypercorn/asyncio/__init__.py#L13
We patch serve(...), which gets the ASGI app.
And we want to be the first middleware to run.
- patches Quart.__call__ (handles internal asgi middleware)
- patches Quart.handle_request (Stores body/cookies)
"""
patch_function(m, "ASGIWrapper.__call__", _call_before)
100 changes: 38 additions & 62 deletions aikido_zen/sources/quart.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,18 +1,32 @@
from aikido_zen.context import Context, get_current_context
from .functions.request_handler import request_handler
import inspect
from aikido_zen.context import get_current_context
from .functions.asgi_middleware import InternalASGIMiddleware
from ..helpers.get_argument import get_argument
from ..sinks import on_import, patch_function, before, before_async
from ..sinks import on_import, patch_function, before_async, after


@before
def _call(func, instance, args, kwargs):
async def _call_coroutine(func, instance, args, kwargs):
Copy link

@aikido-pr-checks aikido-pr-checks bot Dec 30, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Rename _call_coroutine to a descriptive name (e.g., wrap_quart_call_coroutine) or add a docstring explaining it wraps Quart.call and delegates to InternalASGIMiddleware.

Details

✨ AI Reasoning
​A newly introduced function named _call_coroutine is intended to wrap/replace Quart.call for coroutine-style ASGI apps, but the name doesn't describe its role (middleware wrapper, context creation, delegation). A clearer name or docstring would make intent obvious and aid maintenance.

πŸ”§ How do I fix it?
Use descriptive verb-noun function names, add docstrings explaining the function's purpose, or provide meaningful return type hints.

More info - Comment @AikidoSec feedback: [FEEDBACK] to get better review comments in the future.

scope = get_argument(args, kwargs, 0, "scope")
if not scope or scope.get("type") != "http":
return
receive = get_argument(args, kwargs, 1, "receive")
send = get_argument(args, kwargs, 2, "send")

await InternalASGIMiddleware(func, "quart")(scope, receive, send)

new_context = Context(req=scope, source="quart")
new_context.set_as_current_context()
request_handler(stage="init")

@after
def _call(func, instance, args, kwargs, return_value):
"""
Legacy ASGI v2.0
func: application(scope)
return_value: coroutine application_instance(receive, send)
"""
scope = get_argument(args, kwargs, 0, "scope")

async def application_instance(receive, send):
await InternalASGIMiddleware(return_value, "quart")(scope, receive, send)

# Modify return_value
return_value = application_instance
Copy link

@aikido-pr-checks aikido-pr-checks bot Dec 30, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The parameter 'return_value' is reassigned to application_instance. Avoid reassigning function parameters; use a new local variable (e.g., new_return_value) and return that instead.

Details

✨ AI Reasoning
​An after-advice wrapper function receives the original function's return value as a parameter and then assigns a new value to that parameter before returning it. Reassigning an input parameter can confuse readers about the original return value and make reasoning about the wrapper harder. This change introduced the reassignment where the wrapper replaced the incoming return value with a new callable wrapping the original behavior.

πŸ”§ How do I fix it?
Create new local variables instead of reassigning parameters. Use different variable names to clearly distinguish between input and modified values.

More info - Comment @AikidoSec feedback: [FEEDBACK] to get better review comments in the future.



@before_async
Expand All @@ -37,60 +51,22 @@ async def _handle_request_before(func, instance, args, kwargs):
context.set_as_current_context()


async def _handle_request_after(func, instance, args, kwargs):
# pylint:disable=import-outside-toplevel # We don't want to install this by default
from werkzeug.exceptions import HTTPException

try:
response = await func(*args, **kwargs)
if hasattr(response, "status_code"):
request_handler(stage="post_response", status_code=response.status_code)
return response
except HTTPException as e:
request_handler(stage="post_response", status_code=e.code)
raise e


async def _asgi_app(func, instance, args, kwargs):
scope = get_argument(args, kwargs, 0, "scope")
if not scope or scope.get("type") != "http":
return await func(*args, **kwargs)
send = get_argument(args, kwargs, 2, "send")
if not send:
return await func(*args, **kwargs)

pre_response = request_handler(stage="pre_response")
if pre_response:
return await send_status_code_and_text(send, pre_response)
return await func(*args, **kwargs)


async def send_status_code_and_text(send, pre_response):
await send(
{
"type": "http.response.start",
"status": pre_response[1],
"headers": [(b"content-type", b"text/plain")],
}
)
await send(
{
"type": "http.response.body",
"body": pre_response[0].encode("utf-8"),
"more_body": False,
}
)


@on_import("quart.app", "quart")
def patch(m):
"""
patching module quart.app
- patches Quart.__call__ (creates Context)
- patches Quart.handle_request (Stores body/cookies, checks status code)
- patches Quart.asgi_app (Pre-response: puts in messages when request is blocked)
We patch Quart.__call__ instead of asgi_app, because asgi_app itself can be wrapped multiple times
And we want to be the first middleware to run.
- patches Quart.__call__ (handles internal asgi middleware)
- patches Quart.handle_request (Stores body/cookies)
"""
patch_function(m, "Quart.__call__", _call)

if inspect.iscoroutine(m.Quart.__call__):
Copy link

@aikido-pr-checks aikido-pr-checks bot Dec 30, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Using inspect.iscoroutine on Quart.call will not detect coroutine functions, making the coroutine path unreachable and always treating apps as legacy. Use inspect.iscoroutinefunction (or equivalent) for this check.

Details

✨ AI Reasoning
​The conditional that decides whether Quart.call is treated as a coroutine application uses an API that checks coroutine instances instead of coroutine functions. Since the target is a function, this branch will not be taken in normal operation, so the logic for non-legacy ASGI apps will never run and everything will be treated as legacy. This is a clear control-flow bug where the intended branch is unreachable.

πŸ”§ How do I fix it?
Trace execution paths carefully. Ensure precondition checks happen before using values, validate ranges before checking impossible conditions, and don't check for states that the code has already ruled out.

More info - Comment @AikidoSec feedback: [FEEDBACK] to get better review comments in the future.

# coroutine application(scope, receive, send)
patch_function(m, "Quart.__call__", _call_coroutine)
else:
# Legacy ASGI v2.0
# https://asgi.readthedocs.io/en/latest/specs/main.html#legacy-applications
# application(scope): coroutine application_instance(receive, send)
patch_function(m, "Quart.__call__", _call)

patch_function(m, "Quart.handle_request", _handle_request_before)
patch_function(m, "Quart.handle_request", _handle_request_after)
patch_function(m, "Quart.asgi_app", _asgi_app)
3 changes: 3 additions & 0 deletions pyproject.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,9 @@ homepage = "https://www.aikido.dev/runtime/firewall/"
"Homepage" = "https://www.aikido.dev/runtime/firewall"
"Bug Bounty" = "https://app.intigriti.com/programs/aikido"

[tool.poetry.scripts]
aikido_zen = "aikido_zen.__main__:main"

[tool.poetry.dependencies]
python = "^3.8"
regex = "^2024.5.15"
Expand Down
16 changes: 16 additions & 0 deletions sample-apps/quart-postgres-hypercorn/Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
include ../common.mk

PORT = 8096
PORT_DISABLED = 8097

.PHONY: run
run: install
@echo "Running sample app quart-postgres-uvicorn with Zen on port $(PORT)"
$(AIKIDO_ENV_COMMON) \
poetry run aikido_zen hypercorn app:app -b 0.0.0.0:$(PORT) --workers 2

.PHONY: runZenDisabled
runZenDisabled: install
@echo "Running sample app quart-postgres-uvicorn without Zen on port $(PORT_DISABLED)"
$(AIKIDO_ENV_DISABLED) \
poetry run hypercorn app:app -b 0.0.0.0:$(PORT_DISABLED) --workers 2
15 changes: 15 additions & 0 deletions sample-apps/quart-postgres-hypercorn/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
# Quart w/ Postgres and Uvicorn Sample app
It runs **multi-threaded** and **async**

## Getting started
Run :
```bash
make run # Runs app with zen
make runZenDisabled # Runs app with zen disabled.
```

- You'll be able to access the Quart Server at : [localhost:8096](http://localhost:8096)
- To Create a reference test dog use `http://localhost:8096/create/`
- To Create a reference test dog (with executemany) use `http://localhost:8096/create_many/`

- To test a sql injection enter the following dog name : `Malicious dog', TRUE); -- `
Loading
Loading