Suspicious request blocking - Express Path Parameters

[CarlesDD]

What does this PR do?

Subscribe to express process_param in order to report express path parameters to the WAF and block malicious incoming requests.

Motivation

To extend suspicious request blocking feature, blocking malicious payloads coming in express path parameters.

Plugin Checklist

• Unit tests.

Additional Notes

Based on @simon-id previous work #3666

System Test PR

APPSEC-8367

[github-actions]

Overall package size

Self size: 7.48 MB
Deduped: 63.33 MB
No deduping: 63.61 MB

Dependency sizes

| name | version | self size | total size | |------|---------|-----------|------------| | @datadog/native-appsec | 8.1.1 | 18.67 MB | 18.68 MB | | @datadog/native-iast-taint-tracking | 3.1.0 | 12.27 MB | 12.28 MB | | @datadog/pprof | 5.3.0 | 9.85 MB | 10.22 MB | | protobufjs | 7.2.5 | 2.77 MB | 5.16 MB | | @datadog/native-iast-rewriter | 2.5.0 | 2.51 MB | 2.59 MB | | @opentelemetry/core | 1.14.0 | 872.87 kB | 1.47 MB | | @datadog/native-metrics | 2.0.0 | 898.77 kB | 1.3 MB | | @opentelemetry/api | 1.8.0 | 1.21 MB | 1.21 MB | | jsonpath-plus | 10.0.0 | 659.84 kB | 1.12 MB | | import-in-the-middle | 1.11.2 | 112.74 kB | 826.22 kB | | msgpack-lite | 0.1.26 | 201.16 kB | 281.59 kB | | opentracing | 0.14.7 | 194.81 kB | 194.81 kB | | pprof-format | 2.1.0 | 111.69 kB | 111.69 kB | | @datadog/sketches-js | 2.1.0 | 109.9 kB | 109.9 kB | | semver | 7.6.3 | 95.82 kB | 95.82 kB | | lodash.sortby | 4.7.0 | 75.76 kB | 75.76 kB | | lru-cache | 7.14.0 | 74.95 kB | 74.95 kB | | ignore | 5.3.1 | 51.46 kB | 51.46 kB | | int64-buffer | 0.1.10 | 49.18 kB | 49.18 kB | | shell-quote | 1.8.1 | 44.96 kB | 44.96 kB | | istanbul-lib-coverage | 3.2.0 | 29.34 kB | 29.34 kB | | rfdc | 1.3.1 | 25.21 kB | 25.21 kB | | tlhunter-sorted-set | 0.1.0 | 24.94 kB | 24.94 kB | | limiter | 1.1.5 | 23.17 kB | 23.17 kB | | dc-polyfill | 0.1.4 | 23.1 kB | 23.1 kB | | retry | 0.13.1 | 18.85 kB | 18.85 kB | | jest-docblock | 29.7.0 | 8.99 kB | 12.76 kB | | crypto-randomuuid | 1.0.0 | 11.18 kB | 11.18 kB | | koalas | 1.0.2 | 6.47 kB | 6.47 kB | | path-to-regexp | 0.1.10 | 6.38 kB | 6.38 kB | | module-details-from-path | 1.0.3 | 4.47 kB | 4.47 kB |

_{🤖 This report was automatically generated by heaviest-objects-in-the-universe}

[codecov]

Codecov Report

Attention: Patch coverage is 0% with 11 lines in your changes missing coverage. Please review.

Project coverage is 70.15%. Comparing base (7f93d36) to head (2b5543c).
Report is 9 commits behind head on master.

Files with missing lines	Patch %	Lines
packages/dd-trace/src/appsec/index.js	0.00%	7 Missing ⚠️
packages/datadog-instrumentations/src/express.js	0.00%	4 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #4769      +/-   ##
==========================================
+ Coverage   69.19%   70.15%   +0.96%     
==========================================
  Files           1      307     +306     
  Lines         198    12992   +12794     
  Branches       33        0      -33     
==========================================
+ Hits          137     9115    +8978     
- Misses         61     3877    +3816     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[pr-commenter]

Benchmarks

Benchmark execution time: 2024-10-15 15:28:04

Comparing candidate commit 522edcb in PR branch ccapell/path-params-blocking with baseline commit f62cbfa in branch master.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 260 metrics, 6 unstable metrics.

[uurien]

😮 you replaced all the expect by assert in this file, thanks for it :-D

[uurien]

minor comments, related with test spacing, optional to fix. But I like when our tests have this spacing:

it('test', () => {
  code.preparing.the.test()

  execute.the.test()

  assert(thistest).hasEmptyLinesAfterPreparationAndAfterExecution()
})