newrelic_security 0.2.0 → 0.4.0

data/lib/newrelic_security/instrumentation-security/curb/instrumentation.rb

@@ -12,20 +12,7 @@ module NewRelic::Security
         self.requests.each {
           |key, req|
           uri = NewRelic::Security::Instrumentation::InstrumentationUtils.parse_uri(req.url)
-          ob = {}
-          if uri
-            ob[:Method]  = nil
-            ob[:scheme]  = uri.scheme
-            ob[:host]    = uri.host
-            ob[:port]    = uri.port
-            ob[:URI]     = uri.to_s
-            ob[:path]    = uri.path
-            ob[:query]   = uri.query
-            ob[:Body]    = req.post_body
-            ob[:Headers] = req.headers
-            ob.each { |_, value| value.dup.force_encoding(ISO_8859_1).encode(UTF_8) if value.is_a?(String) }
-            ic_args.push(ob)
-          end
+          ic_args.push(uri.to_s) if uri
         }
         event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, ic_args)
         self.requests.each { |key, req| NewRelic::Security::Instrumentation::InstrumentationUtils.add_tracing_data(req.headers, event) } if event

data/lib/newrelic_security/instrumentation-security/ethon/chain.rb

@@ -7,12 +7,6 @@ module NewRelic::Security
             ::Ethon::Easy.class_eval do
               include NewRelic::Security::Instrumentation::Ethon::Easy
 
-              alias_method :fabricate_without_security, :fabricate
-    
-              def fabricate(url, action_name, options)
-                fabricate_on_enter(url, action_name, options) { return fabricate_without_security(url, action_name, options) }
-              end
-
               alias_method(:headers_equals_without_security, :headers=)
     
               def headers=(headers)

data/lib/newrelic_security/instrumentation-security/ethon/instrumentation.rb

@@ -7,46 +7,25 @@ module NewRelic::Security
     module Ethon
       module Easy
 
-        def fabricate_on_enter(url, action_name, options)
-          NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
-          NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[self.object_id] = { :method => action_name } if NewRelic::Security::Agent::Control::HTTPContext.get_context
-          NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[self.object_id][:body] = options[:body] if NewRelic::Security::Agent::Control::HTTPContext.get_context
-        rescue => exception
-          NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
-        ensure
-          yield
-        end
-
         def headers_equals_on_enter(headers)
           NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
-          NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[self.object_id][:headers] = headers if NewRelic::Security::Agent::Control::HTTPContext.get_context && NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[self.object_id]
+          NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[object_id][:headers] = headers if NewRelic::Security::Agent::Control::HTTPContext.get_context && NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[object_id]
         rescue => exception
           NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
         ensure
           yield
         end
 
-        def perform_on_enter(*args)
+        def perform_on_enter(*_args)
           event = nil
           NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
-          context = NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[self.object_id] if NewRelic::Security::Agent::Control::HTTPContext.get_context
+          context = NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[object_id] if NewRelic::Security::Agent::Control::HTTPContext.get_context
           uri = ::URI.parse(url)
-          ob = {}
-          ob[:Method] = context[:method] if context
-          ob[:scheme] = uri.scheme
-          ob[:host] = uri.host
-          ob[:port] = uri.port
-          ob[:URI] = uri.to_s
-          ob[:path] = uri.path
-          ob[:query] = uri.query
-          ob[:Body] = context[:body] if context
-          ob[:Headers] = context[:headers] if context
-          ob.each { |_, value| value.dup.force_encoding(ISO_8859_1).encode(UTF_8) if value.is_a?(String) }
-          event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [ob])
+          event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [uri.to_s])
           headers_copy = {}
           headers_copy.merge!(context[:headers]) if context&.key?(:headers)
           NewRelic::Security::Instrumentation::InstrumentationUtils.add_tracing_data(headers_copy, event) if event
-          self.headers = headers_copy if self.headers 
+          self.headers = headers_copy if headers 
           event
         rescue => exception
           NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
@@ -67,27 +46,13 @@ module NewRelic::Security
 
       module Multi
 
-        def perform_on_enter(*args)
+        def perform_on_enter(*_args)
           event = nil
           NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
           ic_args = []
           easy_handles.each do |easy|
-            context = NewRelic::Security::Agent::Control::HTTPContext.get_context.cache[easy.object_id] if NewRelic::Security::Agent::Control::HTTPContext.get_context
             uri = NewRelic::Security::Instrumentation::InstrumentationUtils.parse_uri(easy.url)
-            if uri
-              ob = {}
-              ob[:Method] = context[:method] if context
-              ob[:scheme] = uri.scheme
-              ob[:host] = uri.host
-              ob[:port] = uri.port
-              ob[:URI] = easy.url.to_s
-              ob[:path] = uri.path
-              ob[:query] = uri.query
-              ob[:Body] = context[:body] if context
-              ob[:Headers] = context[:headers] if context
-              ob.each { |_, value| value.dup.force_encoding(ISO_8859_1).encode(UTF_8) if value.is_a?(String) }
-              ic_args << ob
-            end
+            ic_args << easy.url.to_s if uri
           end
           event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, ic_args) unless ic_args.empty?
           easy_handles.each do |easy|

data/lib/newrelic_security/instrumentation-security/ethon/prepend.rb

@@ -4,10 +4,6 @@ module NewRelic::Security
       module Easy
         module Prepend
           include NewRelic::Security::Instrumentation::Ethon::Easy
-
-          def fabricate(url, action_name, options)
-            fabricate_on_enter(url, action_name, options) { return super }
-          end
   
           def headers=(headers)
             headers_equals_on_enter(headers) { return super }

data/lib/newrelic_security/instrumentation-security/excon/instrumentation.rb

@@ -5,21 +5,11 @@ module NewRelic::Security
   module Instrumentation
     module Excon::Connection
 
-      def request_on_enter(params)
+      def request_on_enter(_params)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
-        ob = {}
-        ob[:Method] = params[:method]
-        ob[:scheme]  = self.data[:scheme]
-        ob[:host]    = self.data[:host]
-        ob[:port]    = self.data[:port]
-        ob[:URI]     = self.data[:query].nil? ? "#{self.data[:host]}#{self.data[:path]}" : "#{self.data[:host]}#{self.data[:path]}?#{self.data[:query]}"
-        ob[:path]    = self.data[:path]
-        ob[:query]   = self.data[:query]
-        ob[:Body] = self.data[:body]
-        ob[:Headers] = self.data[:headers]
-        ob.each { |_, value| value.dup.force_encoding(ISO_8859_1).encode(UTF_8) if value.is_a?(String) }
-        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [ob])
+        uri = "#{self.data[:scheme]}://#{self.data[:host]}#{self.data[:path]}"
+        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [uri])
         NewRelic::Security::Instrumentation::InstrumentationUtils.add_tracing_data(self.data[:headers], event) if event
         event
       rescue => exception

data/lib/newrelic_security/instrumentation-security/grape/instrumentation.rb

@@ -8,6 +8,7 @@ module NewRelic::Security
       def call_on_enter(env)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
+        return unless NewRelic::Security::Agent.config[:enabled]
         NewRelic::Security::Agent.config.update_port = NewRelic::Security::Agent::Utils.app_port(env) unless NewRelic::Security::Agent.config[:listen_port]
         NewRelic::Security::Agent::Utils.get_app_routes(:grape) if NewRelic::Security::Agent.agent.route_map.empty?
         NewRelic::Security::Agent::Control::HTTPContext.set_context(env)

data/lib/newrelic_security/instrumentation-security/graphql/chain.rb

@@ -0,0 +1,26 @@
+module NewRelic::Security
+  module Instrumentation
+    module GraphQL
+      module Query
+        module Executor
+          module Chain
+            def self.instrument!
+              ::GraphQL::Query::Executor.class_eval do
+                class << self
+                  include NewRelic::Security::Instrumentation::GraphQL::Query::Executor
+    
+                  alias_method :execute_without_security, :execute
+    
+                  def execute
+                    execute_on_enter { return execute_without_security }
+                  end
+    
+                end
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/newrelic_security/instrumentation-security/graphql/instrumentation.rb

@@ -0,0 +1,28 @@
+require_relative 'prepend'
+require_relative 'chain'
+
+module NewRelic::Security
+  module Instrumentation
+    module GraphQL::Query::Executor
+      
+      GRAPHQL_QUERY = 'GRAPHQL_QUERY'.freeze
+      GRAPHQL_VARIABLE = 'GRAPHQL_VARIABLE'.freeze
+      STAR_DOT_QUERY = '*.query'.freeze
+      STAR_DOT_VARIABLES = '*.variables'.freeze
+
+      def execute_on_enter
+        NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
+        ctxt = NewRelic::Security::Agent::Control::HTTPContext.get_context
+        ctxt.custom_data_type[STAR_DOT_QUERY] = GRAPHQL_QUERY if query.query_string
+        ctxt.custom_data_type[STAR_DOT_VARIABLES] = GRAPHQL_VARIABLE if query.instance_variable_get(:@provided_variables)
+      rescue => exception
+        NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
+      ensure
+        yield
+      end
+
+    end
+  end
+end
+
+NewRelic::Security::Instrumentation::InstrumentationLoader.install_instrumentation(:graphql, ::GraphQL::Query::Executor, ::NewRelic::Security::Instrumentation::GraphQL::Query::Executor)

data/lib/newrelic_security/instrumentation-security/graphql/prepend.rb

@@ -0,0 +1,18 @@
+module NewRelic::Security
+  module Instrumentation
+    module GraphQL
+      module Query
+        module Executor
+          module Prepend
+            include NewRelic::Security::Instrumentation::GraphQL::Query::Executor
+
+            def execute
+              execute_on_enter { return super }
+            end
+
+          end
+        end
+      end
+    end
+  end
+end

data/lib/newrelic_security/instrumentation-security/grpc/server/instrumentation.rb

@@ -6,7 +6,7 @@ module NewRelic::Security
   module Instrumentation
     module GRPC
       module RpcDesc
-        def grpc_server_on_enter(active_call, mth, inter_ctx, is_grpc_client_stream, is_grpc_server_stream)
+        def grpc_server_on_enter(active_call, mth, _inter_ctx, is_grpc_client_stream, is_grpc_server_stream)
           event = nil
           NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
           grpc_request = {}
@@ -14,10 +14,11 @@ module NewRelic::Security
           grpc_request[:peer] = active_call.peer
           # puts "mth : #{mth.class} #{mth.methods}"
           # puts "mth :#{mth.original_name}, #{mth.to_s}, #{mth.name}, #{mth.receiver}, #{mth.parameters}, #{mth.owner}, #{mth.unbind}, #{mth.super_method},, #{mth.instance_variables}"
+          NewRelic::Security::Agent::Utils.get_app_routes(:grpc, mth) if NewRelic::Security::Agent.agent.route_map.empty?
           grpc_request[:method] = "#{mth.owner}/#{mth.original_name}"
           grpc_request[:is_grpc_client_stream] = is_grpc_client_stream
           grpc_request[:is_grpc_server_stream] = is_grpc_server_stream
-          is_grpc_client_stream ? grpc_request[:body] = [] : grpc_request[:body] = ::String.new
+          grpc_request[:body] = is_grpc_client_stream ? [] : ::String.new
           NewRelic::Security::Agent::Control::GRPCContext.set_context(grpc_request)
           NewRelic::Security::Agent::Utils.parse_fuzz_header(NewRelic::Security::Agent::Control::GRPCContext.get_context)
         rescue => exception

data/lib/newrelic_security/instrumentation-security/httpclient/instrumentation.rb

@@ -8,20 +8,8 @@ module NewRelic::Security
       def do_request_on_enter(method, uri, query, body, header)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
-        ob = {}
-        ob[:Method] = method
-        unless uri.nil?
-          ob[:scheme]  = uri.scheme
-          ob[:host]    = uri.host
-          ob[:port]    = uri.port
-          ob[:URI]     = uri.to_s
-          ob[:path]    = uri.path
-          ob[:query]   = uri.query
-        end
-        ob[:Body] = body
-        ob[:Headers] = header
-        ob.each { |_, value| value.dup.force_encoding(ISO_8859_1).encode(UTF_8) if value.is_a?(String) }
-        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [ob])
+        uri_s = uri.to_s unless uri.nil?
+        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [uri_s])
         NewRelic::Security::Instrumentation::InstrumentationUtils.add_tracing_data(header, event) if event
         event
       rescue => exception
@@ -43,20 +31,8 @@ module NewRelic::Security
       def do_request_async_on_enter(method, uri, query, body, header)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
-        ob = {}
-        ob[:Method] = method
-        unless uri.nil?
-          ob[:scheme]  = uri.scheme
-          ob[:host]    = uri.host
-          ob[:port]    = uri.port
-          ob[:URI]     = uri.to_s
-          ob[:path]    = uri.path
-          ob[:query]   = uri.query
-        end
-        ob[:Body] = body
-        ob[:Headers] = header
-        ob.each { |_, value| value.dup.force_encoding(ISO_8859_1).encode(UTF_8) if value.is_a?(String) }
-        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [ob])
+        uri_s = uri.to_s unless uri.nil?
+        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [uri_s])
         NewRelic::Security::Instrumentation::InstrumentationUtils.add_tracing_data(header, event) if event
         event
       rescue => exception

data/lib/newrelic_security/instrumentation-security/httprb/instrumentation.rb

@@ -8,19 +8,8 @@ module NewRelic::Security
       def perform_on_enter(request, options)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
-        ob = {}
-				ob[:Method] = request.verb
-        ob[:scheme] = request.scheme
-        ob[:host] = request.uri.host
-        ob[:port] = request.uri.port
-        ob[:URI] = request.uri.to_s
-        ob[:path] = request.uri.path
-        ob[:query] = request.uri.query
-        ob[:Body] = request.body.source.to_s
-        ob[:Headers] = options.headers.to_h
-        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [ob])
+        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [request.uri.to_s])
         NewRelic::Security::Instrumentation::InstrumentationUtils.add_tracing_data(options.headers, event) if event
-        ob = nil
         event
       rescue => exception
         NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"

data/lib/newrelic_security/instrumentation-security/httpx/instrumentation.rb

@@ -9,21 +9,7 @@ module NewRelic::Security
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
         ic_args = []
-        args.each do |arg|
-          ob = {}
-          ob[:Method] = arg.verb
-          uri = arg.uri
-          ob[:scheme]  = uri.scheme
-          ob[:host]    = uri.host
-          ob[:port]    = uri.port
-          ob[:URI]     = uri.to_s
-          ob[:path]    = uri.path
-          ob[:query]   = uri.query
-          ob[:Body]    = arg.body.bytesize.positive? ? arg.body.to_s : ""
-          ob[:Headers] = arg.headers
-          ob.each { |_, value| value.dup.force_encoding(ISO_8859_1).encode(UTF_8) if value.is_a?(String) }
-          ic_args << ob
-        end
+        args.each { |arg| ic_args << arg.uri.to_s }
         event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, ic_args)
         args.each do |arg|
           NewRelic::Security::Instrumentation::InstrumentationUtils.add_tracing_data(arg.headers, event) if event

data/lib/newrelic_security/instrumentation-security/instrumentation_utils.rb

@@ -143,23 +143,6 @@ module NewRelic::Security
         return nil
       end
 
-      def parse_typhoeus_request(request)
-        ob = {}
-        ob[:Method] = request.options[:method].nil? ? :get : request.options[:method]
-        ob[:URI] = request.base_url
-        ob[:Body] = request.options[:body]
-        ob[:Headers] = request.options[:headers]
-        uri_parsed = parse_uri(request.base_url)
-        if !uri_parsed.nil?
-          ob[:scheme] = uri_parsed.scheme
-          ob[:host] = uri_parsed.host
-          ob[:port] = uri_parsed.port
-          ob[:path] = uri_parsed.path
-          ob[:query] = uri_parsed.query
-        end
-        ob
-      end
-
     end
   end
 end

data/lib/newrelic_security/instrumentation-security/io/chain.rb

@@ -99,9 +99,9 @@ module NewRelic::Security
 
               alias_method :popen_without_security, :popen
               
-              def popen(*var)
+              def popen(*var, &block)
                 retval = nil
-                event = popen_on_enter(*var) { retval = popen_without_security(*var) }
+                event = popen_on_enter(*var) { retval = popen_without_security(*var, &block) }
                 popen_on_exit(event) { return retval }
               end
             end

data/lib/newrelic_security/instrumentation-security/io/prepend.rb

@@ -75,7 +75,7 @@ module NewRelic::Security
           binwrite_on_exit(event, retval) { return retval }
         end
 
-        def popen(*var)
+        def popen(*var, &block)
           retval = nil
           event = popen_on_enter(*var) { retval = super }
           popen_on_exit(event) { return retval }

data/lib/newrelic_security/instrumentation-security/net_http/instrumentation.rb

@@ -13,30 +13,13 @@ module NewRelic::Security
       def transport_request_on_enter(req)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
-        ob = {}
-				ob[:Method] = req.method
-				if req.uri != nil && URI === req.uri
-					uri = req.uri
-					ob[:scheme]  = uri.scheme
-					ob[:host]    = uri.host
-					ob[:port]    = uri.port
-					ob[:URI]     = uri.to_s
-					ob[:path]    = uri.path
-					ob[:query]   = uri.query
-				else
-					ob[:scheme]  = self.use_ssl? ? HTTPS : HTTP
-					ob[:host]    = self.address
-					ob[:port]    = self.port
-					ob[:path]    = req.path
-					ob[:query]   = nil
-					ob[:URI] = "#{self.use_ssl? ? HTTPS_COLON_SLASH_SLAH : HTTP_COLON_SLASH_SLAH }#{self.address}:#{self.port}#{req.path}"
-				end
-				ob[:Body] = req.body
-				ob[:Headers] = req.to_hash.transform_values! { |v| v.join}
-        ob.each { |_, value| value.dup.force_encoding(ISO_8859_1).encode(UTF_8) if value.is_a?(String) }
-        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [ob])
+				uri = if req.uri && URI === req.uri
+          req.uri.to_s
+				      else
+                "#{self.use_ssl? ? HTTPS_COLON_SLASH_SLAH : HTTP_COLON_SLASH_SLAH }#{self.address}:#{self.port}#{req.path}"
+          end
+        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [uri])
         NewRelic::Security::Instrumentation::InstrumentationUtils.add_tracing_data(req, event) if event
-        ob = nil
         event
       rescue => exception
         NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"

data/lib/newrelic_security/instrumentation-security/net_ldap/instrumentation.rb

@@ -18,7 +18,7 @@ module NewRelic::Security
           # to know the capabilities of Ldap server. In these
           # situations they don't provide the query parameter, so we filter
           # this event
-          NewRelic::Security::Agent.logger.info "Filtered #{self.class}.#{__method__} because of insufficient args. args : #{args}\n"
+          NewRelic::Security::Agent.logger.debug "Filtered #{self.class}.#{__method__} because of insufficient args. args : #{args}\n"
         end
       rescue => exception
         NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"

data/lib/newrelic_security/instrumentation-security/padrino/instrumentation.rb

@@ -8,6 +8,7 @@ module NewRelic::Security
       def call_on_enter(env)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
+        return unless NewRelic::Security::Agent.config[:enabled]
         NewRelic::Security::Agent.config.update_port = NewRelic::Security::Agent::Utils.app_port(env) unless NewRelic::Security::Agent.config[:listen_port]
         NewRelic::Security::Agent::Utils.get_app_routes(:padrino, self) if NewRelic::Security::Agent.agent.route_map.empty?
         extracted_env = env.instance_variable_get(:@env)

data/lib/newrelic_security/instrumentation-security/patron/instrumentation.rb

@@ -7,25 +7,12 @@ module NewRelic::Security
   module Instrumentation
     module Patron::Session
 
-      def request_on_enter(action, url, headers, options)
+      def request_on_enter(_action, url, headers, _options)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
-        ob = {}
-        ob[:Method] = action
         final_url = self.base_url.nil? ? url : "#{self.base_url}#{url}"
         uri = NewRelic::Security::Instrumentation::InstrumentationUtils.parse_uri(final_url)
-        if uri
-          ob[:scheme]  = uri.scheme
-          ob[:host]    = uri.host
-          ob[:port]    = uri.port
-          ob[:URI]     = uri.to_s
-          ob[:path]    = uri.path
-          ob[:query]   = uri.query
-          ob[:Body] = options[:data]
-          ob[:Headers] = headers
-          ob.each { |_, value| value.dup.force_encoding(ISO_8859_1).encode(UTF_8) if value.is_a?(String) }
-          event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [ob])
-        end
+        event = NewRelic::Security::Agent::Control::Collector.collect(HTTP_REQUEST, [uri.to_s]) if uri
         NewRelic::Security::Instrumentation::InstrumentationUtils.add_tracing_data(headers, event) if event
         event
       rescue => exception

data/lib/newrelic_security/instrumentation-security/rack/chain.rb

@@ -0,0 +1,24 @@
+module NewRelic::Security
+  module Instrumentation
+    module Rack
+      module Builder
+        module Chain
+          def self.instrument!
+            ::Rack::Builder.class_eval do 
+              include NewRelic::Security::Instrumentation::Rack::Builder
+
+              alias_method :call_without_security, :call
+
+              def call(env)
+                retval = nil
+                event = call_on_enter(env) { retval = call_without_security(env) }
+                call_on_exit(event, retval) { return retval }
+              end
+            end
+          end
+        end
+      end
+    end
+    
+  end
+end

data/lib/newrelic_security/instrumentation-security/rack/instrumentation.rb

@@ -0,0 +1,44 @@
+require_relative 'prepend'
+require_relative 'chain'
+
+module NewRelic::Security
+  module Instrumentation
+    module Rack::Builder
+
+      def call_on_enter(env)
+        event = nil
+        NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
+        return unless NewRelic::Security::Agent.config[:enabled]
+        NewRelic::Security::Agent.config.update_port = NewRelic::Security::Agent::Utils.app_port(env) unless NewRelic::Security::Agent.config[:listen_port]
+        NewRelic::Security::Agent::Utils.get_app_routes(:rack) if NewRelic::Security::Agent.agent.route_map.empty?
+        NewRelic::Security::Agent::Control::HTTPContext.set_context(env)
+        ctxt = NewRelic::Security::Agent::Control::HTTPContext.get_context
+        ctxt.route = "#{env[REQUEST_METHOD]}@#{env[PATH_INFO]}" if ctxt
+        NewRelic::Security::Agent::Utils.parse_fuzz_header(NewRelic::Security::Agent::Control::HTTPContext.get_context)
+      rescue => exception
+        NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
+      ensure
+        yield
+        return event
+      end
+      
+      def call_on_exit(event, retval)
+        NewRelic::Security::Agent.logger.debug "OnExit :  #{self.class}.#{__method__}"
+        # NewRelic::Security::Agent.logger.debug "\n\nHTTP Context : #{::NewRelic::Agent::Tracer.current_transaction.instance_variable_get(:@security_context_data).inspect}\n\n"
+        NewRelic::Security::Agent::Control::ReflectedXSS.check_xss(NewRelic::Security::Agent::Control::HTTPContext.get_context, retval) if NewRelic::Security::Agent.config[:'security.detection.rxss.enabled']
+        NewRelic::Security::Agent::Utils.delete_created_files(NewRelic::Security::Agent::Control::HTTPContext.get_context)
+        NewRelic::Security::Agent.agent.error_reporting&.report_unhandled_or_5xx_exceptions(NewRelic::Security::Agent::Control::HTTPContext.get_current_transaction, NewRelic::Security::Agent::Control::HTTPContext.get_context, retval[0])
+        NewRelic::Security::Agent::Control::HTTPContext.reset_context
+        NewRelic::Security::Agent.logger.debug "Exit event : #{event}"
+      rescue => exception
+        NewRelic::Security::Agent.logger.error "Exception in hook in #{self.class}.#{__method__}, #{exception.inspect}, #{exception.backtrace}"
+      ensure
+        yield
+      end
+      
+    end
+
+  end
+end
+
+NewRelic::Security::Instrumentation::InstrumentationLoader.install_instrumentation(:rack, NewRelic::Security::Agent.config[:app_class].class, ::NewRelic::Security::Instrumentation::Rack::Builder) if NewRelic::Security::Agent.config[:framework] == :rack

data/lib/newrelic_security/instrumentation-security/rack/prepend.rb

@@ -0,0 +1,18 @@
+module NewRelic::Security
+  module Instrumentation
+    module Rack
+      module Builder
+        module Prepend
+          include NewRelic::Security::Instrumentation::Rack::Builder
+
+          def call(env, &block)
+            retval = nil
+            event = call_on_enter(env) { retval = super }
+            call_on_exit(event, retval) { return retval }
+          end
+
+        end
+      end
+    end
+  end
+end

data/lib/newrelic_security/instrumentation-security/rails/instrumentation.rb

@@ -8,6 +8,7 @@ module NewRelic::Security
       def call_on_enter(env)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
+        return unless NewRelic::Security::Agent.config[:enabled]
         NewRelic::Security::Agent.config.update_port = NewRelic::Security::Agent::Utils.app_port(env) unless NewRelic::Security::Agent.config[:listen_port]
         NewRelic::Security::Agent::Utils.get_app_routes(:rails) if NewRelic::Security::Agent.agent.route_map.empty?
         NewRelic::Security::Agent::Control::HTTPContext.set_context(env)

data/lib/newrelic_security/instrumentation-security/roda/instrumentation.rb

@@ -8,6 +8,7 @@ module NewRelic::Security
       def _roda_handle_main_route_on_enter(env)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
+        return unless NewRelic::Security::Agent.config[:enabled]
         NewRelic::Security::Agent.config.update_port = NewRelic::Security::Agent::Utils.app_port(env) unless NewRelic::Security::Agent.config[:listen_port]
         NewRelic::Security::Agent::Utils.get_app_routes(:roda) if NewRelic::Security::Agent.agent.route_map.empty?
         NewRelic::Security::Agent::Control::HTTPContext.set_context(env)

data/lib/newrelic_security/instrumentation-security/sinatra/instrumentation.rb

@@ -8,6 +8,7 @@ module NewRelic::Security
       def call_on_enter(env)
         event = nil
         NewRelic::Security::Agent.logger.debug "OnEnter : #{self.class}.#{__method__}"
+        return unless NewRelic::Security::Agent.config[:enabled]
         NewRelic::Security::Agent.config.update_port = NewRelic::Security::Agent::Utils.app_port(env) unless NewRelic::Security::Agent.config[:listen_port]
         NewRelic::Security::Agent::Utils.get_app_routes(:sinatra) if NewRelic::Security::Agent.agent.route_map.empty?
         NewRelic::Security::Agent::Control::HTTPContext.set_context(env)

data/lib/newrelic_security/newrelic-security-api/api.rb

@@ -14,7 +14,7 @@ module NewRelic::Security
     # @api public
     # 
     def is_security_active?
-      NewRelic::Security::Agent.config[:'agent.enabled'] && NewRelic::Security::Agent.config[:enabled]
+      NewRelic::Security::Agent.config[:'agent.enabled'] && NewRelic::Security::Agent.config[:'security.enabled'] && NewRelic::Security::Agent.config[:enabled]
     end
 
     #