Refactor report derivatives

DataDog · Oct 8, 2024 · 767e186 · 767e186
1 parent 36fc6cb
commit 767e186
Show file tree

Hide file tree

Showing 4 changed files with 20 additions and 37 deletions.
diff --git a/packages/dd-trace/src/appsec/reporter.js b/packages/dd-trace/src/appsec/reporter.js
@@ -153,7 +153,7 @@ function reportAttack (attackData) {
   rootSpan.addTags(newTags)
 }
 
-function reportSchemas (derivatives) {
+function reportDerivatives (derivatives) {
   if (!derivatives) return
 
   const req = storage.getStore()?.req
@@ -162,26 +162,11 @@ function reportSchemas (derivatives) {
   if (!rootSpan) return
 
   const tags = {}
-  for (const [tag, value] of Object.entries(derivatives)) {
-    if (isFingerprintDerivative(tag)) continue
-    const gzippedValue = zlib.gzipSync(JSON.stringify(value))
-    tags[tag] = gzippedValue.toString('base64')
-  }
-
-  rootSpan.addTags(tags)
-}
-
-function reportFingerprints (derivatives) {
-  if (!derivatives) return
-
-  const req = storage.getStore()?.req
-  const rootSpan = web.root(req)
-
-  if (!rootSpan) return
-
-  const tags = {}
-  for (const [tag, value] of Object.entries(derivatives)) {
-    if (!isFingerprintDerivative(tag)) continue
+  for (let [tag, value] of Object.entries(derivatives)) {
+    if (!isFingerprintDerivative(tag)) {
+      const gzippedValue = zlib.gzipSync(JSON.stringify(value))
+      value = gzippedValue.toString('base64')
+    }
     tags[tag] = value
   }
 
@@ -270,8 +255,7 @@ module.exports = {
   reportMetrics,
   reportAttack,
   reportWafUpdate: incrementWafUpdatesMetric,
-  reportSchemas,
-  reportFingerprints,
+  reportDerivatives,
   finishRequest,
   setRateLimit,
   mapHeaderAndTags

diff --git a/packages/dd-trace/src/appsec/waf/waf_context_wrapper.js b/packages/dd-trace/src/appsec/waf/waf_context_wrapper.js
@@ -93,8 +93,7 @@ class WAFContextWrapper {
         Reporter.reportAttack(JSON.stringify(result.events))
       }
 
-      Reporter.reportSchemas(result.derivatives)
-      Reporter.reportFingerprints(result.derivatives)
+      Reporter.reportDerivatives(result.derivatives)
 
       if (wafRunFinished.hasSubscribers) {
         wafRunFinished.publish({ payload })

diff --git a/packages/dd-trace/test/appsec/reporter.spec.js b/packages/dd-trace/test/appsec/reporter.spec.js
@@ -316,12 +316,12 @@ describe('reporter', () => {
 
   describe('reportSchemas', () => {
     it('should not call addTags if parameter is undefined', () => {
-      Reporter.reportSchemas(undefined)
+      Reporter.reportDerivatives(undefined)
       expect(span.addTags).not.to.be.called
     })
 
     it('should call addTags with an empty array', () => {
-      Reporter.reportSchemas([])
+      Reporter.reportDerivatives([])
       expect(span.addTags).to.be.calledOnceWithExactly({})
     })
 
@@ -340,10 +340,11 @@ describe('reporter', () => {
         'custom.processor.output': schemaValue
       }
 
-      Reporter.reportSchemas(derivatives)
+      Reporter.reportDerivatives(derivatives)
 
       const schemaEncoded = zlib.gzipSync(JSON.stringify(schemaValue)).toString('base64')
-      expect(span.addTags).to.be.calledOnceWithExactly({
+      expect(span.addTags).to.be.calledOnce
+      expect(span.addTags).to.be.calledWithMatch({
         '_dd.appsec.s.req.headers': schemaEncoded,
         '_dd.appsec.s.req.query': schemaEncoded,
         '_dd.appsec.s.req.params': schemaEncoded,
@@ -356,12 +357,12 @@ describe('reporter', () => {
 
   describe('reportFingerprints', () => {
     it('should not call addTags if parameter is undefined', () => {
-      Reporter.reportFingerprints(undefined)
+      Reporter.reportDerivatives(undefined)
       sinon.assert.notCalled(span.addTags)
     })
 
     it('should call addTags with an empty array', () => {
-      Reporter.reportFingerprints([])
+      Reporter.reportDerivatives([])
       sinon.assert.calledOnceWithExactly(span.addTags, {})
     })
 
@@ -380,9 +381,9 @@ describe('reporter', () => {
         'custom.processor.output': schemaValue
       }
 
-      Reporter.reportFingerprints(derivatives)
+      Reporter.reportDerivatives(derivatives)
 
-      sinon.assert.calledOnceWithExactly(span.addTags, {
+      sinon.assert.calledOnceWithMatch(span.addTags, {
         '_dd.appsec.fp.http.endpoint': 'endpoint_fingerprint',
         '_dd.appsec.fp.http.header': 'header_fingerprint',
         '_dd.appsec.fp.http.network': 'network_fingerprint',

diff --git a/packages/dd-trace/test/appsec/waf/index.spec.js b/packages/dd-trace/test/appsec/waf/index.spec.js
@@ -48,8 +48,7 @@ describe('WAF Manager', () => {
     sinon.stub(Reporter, 'reportMetrics')
     sinon.stub(Reporter, 'reportAttack')
     sinon.stub(Reporter, 'reportWafUpdate')
-    sinon.stub(Reporter, 'reportSchemas')
-    sinon.stub(Reporter, 'reportFingerprints')
+    sinon.stub(Reporter, 'reportDerivatives')
 
     webContext = {}
     sinon.stub(web, 'getContext').returns(webContext)
@@ -405,7 +404,7 @@ describe('WAF Manager', () => {
         ddwafContext.run.returns(result)
 
         wafContextWrapper.run(params)
-        expect(Reporter.reportSchemas).to.be.calledOnceWithExactly(result.derivatives)
+        expect(Reporter.reportDerivatives).to.be.calledOnceWithExactly(result.derivatives)
       })
 
       it('should report fingerprints when ddwafContext returns fingerprints in results derivatives', () => {
@@ -427,7 +426,7 @@ describe('WAF Manager', () => {
             'server.request.body': 'foo'
           }
         })
-        sinon.assert.calledOnceWithExactly(Reporter.reportFingerprints, result.derivatives)
+        sinon.assert.calledOnceWithExactly(Reporter.reportDerivatives, result.derivatives)
       })
     })
   })