start the path to rust

2026-02-10 15:54:09 +00:00
parent 237dba3bab
commit 8bd8c295b0
318 changed files with 28352 additions and 428 deletions
--- a/dist_ts/security/classes.contentscanner.d.ts
+++ b/dist_ts/security/classes.contentscanner.d.ts
@@ -0,0 +1,160 @@
+import { Email } from '../mail/core/classes.email.js';
+/**
+ * Scan result information
+ */
+export interface IScanResult {
+    isClean: boolean;
+    threatType?: string;
+    threatDetails?: string;
+    threatScore: number;
+    scannedElements: string[];
+    timestamp: number;
+}
+/**
+ * Options for content scanner configuration
+ */
+export interface IContentScannerOptions {
+    maxCacheSize?: number;
+    cacheTTL?: number;
+    scanSubject?: boolean;
+    scanBody?: boolean;
+    scanAttachments?: boolean;
+    maxAttachmentSizeToScan?: number;
+    scanAttachmentNames?: boolean;
+    blockExecutables?: boolean;
+    blockMacros?: boolean;
+    customRules?: Array<{
+        pattern: string | RegExp;
+        type: string;
+        score: number;
+        description: string;
+    }>;
+    minThreatScore?: number;
+    highThreatScore?: number;
+}
+/**
+ * Threat categories
+ */
+export declare enum ThreatCategory {
+    SPAM = "spam",
+    PHISHING = "phishing",
+    MALWARE = "malware",
+    EXECUTABLE = "executable",
+    SUSPICIOUS_LINK = "suspicious_link",
+    MALICIOUS_MACRO = "malicious_macro",
+    XSS = "xss",
+    SENSITIVE_DATA = "sensitive_data",
+    BLACKLISTED_CONTENT = "blacklisted_content",
+    CUSTOM_RULE = "custom_rule"
+}
+/**
+ * Content Scanner for detecting malicious email content
+ */
+export declare class ContentScanner {
+    private static instance;
+    private scanCache;
+    private options;
+    private static readonly MALICIOUS_PATTERNS;
+    private static readonly EXECUTABLE_EXTENSIONS;
+    private static readonly MACRO_DOCUMENT_EXTENSIONS;
+    /**
+     * Default options for the content scanner
+     */
+    private static readonly DEFAULT_OPTIONS;
+    /**
+     * Constructor for the ContentScanner
+     * @param options Configuration options
+     */
+    constructor(options?: IContentScannerOptions);
+    /**
+     * Get the singleton instance of the scanner
+     * @param options Configuration options
+     * @returns Singleton scanner instance
+     */
+    static getInstance(options?: IContentScannerOptions): ContentScanner;
+    /**
+     * Scan an email for malicious content
+     * @param email The email to scan
+     * @returns Scan result
+     */
+    scanEmail(email: Email): Promise<IScanResult>;
+    /**
+     * Generate a cache key from an email
+     * @param email The email to generate a key for
+     * @returns Cache key
+     */
+    private generateCacheKey;
+    /**
+     * Scan email subject for threats
+     * @param subject The subject to scan
+     * @param result The scan result to update
+     */
+    private scanSubject;
+    /**
+     * Scan plain text content for threats
+     * @param text The text content to scan
+     * @param result The scan result to update
+     */
+    private scanTextContent;
+    /**
+     * Scan HTML content for threats
+     * @param html The HTML content to scan
+     * @param result The scan result to update
+     */
+    private scanHtmlContent;
+    /**
+     * Scan an attachment for threats
+     * @param attachment The attachment to scan
+     * @param result The scan result to update
+     */
+    private scanAttachment;
+    /**
+     * Extract links from HTML content
+     * @param html HTML content
+     * @returns Array of extracted links
+     */
+    private extractLinksFromHtml;
+    /**
+     * Extract plain text from HTML
+     * @param html HTML content
+     * @returns Extracted text
+     */
+    private extractTextFromHtml;
+    /**
+     * Extract text from a binary buffer for scanning
+     * @param buffer Binary content
+     * @returns Extracted text (may be partial)
+     */
+    private extractTextFromBuffer;
+    /**
+     * Check if an Office document likely contains macros
+     * This is a simplified check - real implementation would use specialized libraries
+     * @param attachment The attachment to check
+     * @returns Whether the file likely contains macros
+     */
+    private likelyContainsMacros;
+    /**
+     * Map a pattern category to a threat type
+     * @param category The pattern category
+     * @returns The corresponding threat type
+     */
+    private mapCategoryToThreatType;
+    /**
+     * Log a high threat finding to the security logger
+     * @param email The email containing the threat
+     * @param result The scan result
+     */
+    private logHighThreatFound;
+    /**
+     * Log a threat finding to the security logger
+     * @param email The email containing the threat
+     * @param result The scan result
+     */
+    private logThreatFound;
+    /**
+     * Get threat level description based on score
+     * @param score Threat score
+     * @returns Threat level description
+     */
+    static getThreatLevel(score: number): 'none' | 'low' | 'medium' | 'high';
+}