tcell_agent 2.7.0 → 2.7.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6e91769037e5364f7091d874a750f24b45ba340baaf71725e13794815ec09de9
-  data.tar.gz: 5773afa03451d699bef82efbd611c12bbfc7383770b140b34ab7be77d012faf2
+  metadata.gz: 60417237022f31c4843ffb12a013c385b35ffc40adc299947e53bb3fb44dcce7
+  data.tar.gz: b6231f1628e83d4f4ead9c277786dc0b8c57160f518e701f58ab357b9fa4b223
 SHA512:
-  metadata.gz: 0fb4d5b36eb03da7e193245a32955e1f140f711d0e757a4aa9c0ead48774e00fb5f9dd8772506f90dea288d20303211a56c67312a2b6df6c583467891d524e7e
-  data.tar.gz: 22f2b41bf88d49f6f4bd3b32cf3d27b734f8488d93f85e1b7f785ee9c03b5b868b4d7b2ad67e3fe3fdbd667fe10d20fd11a94d2c37dc7b1ca5f81e6087177b0e
+  metadata.gz: '08f8ed5ffa676d80512a5ef821aae44bb59037a59c0cf4639acac0ce690805f26c4249f4639780088230d9cd050c3148af0b8de6c797f431f1cec9f4f8e39440'
+  data.tar.gz: 60fe10b0f131c50f2e69e4d27199ba53a8ab5f708e578f51793ef09346b6a965c32b807f3f6aa57eb0b704495e254a6cf16f1df6f9318e1f9db0f4ffa8e0b96f

data/lib/tcell_agent/agent.rb

@@ -89,8 +89,7 @@ module TCellAgent
       policies_and_enablements = result['new_policies_and_enablements'] || {}
 
       @policies_manager.process_policy_json(
-        policies_and_enablements['enablements'],
-        policies_and_enablements['policies']
+        policies_and_enablements['enablements']
       )
 
       @policy_polling = PolicyPolling.new(@policies_manager, @native_agent)

data/lib/tcell_agent/instrumentation.rb

@@ -1,65 +1,11 @@
 # See the file "LICENSE" for the full license governing this code.
 require 'tcell_agent/configuration'
 require 'tcell_agent/version'
-require 'date'
-require 'cgi'
 
 module TCellAgent
   module Instrumentation
     TCELL_ID = 'tcell.request_data'.freeze
 
-    class ContextFilter
-      attr_accessor :type
-      attr_accessor :rule
-      attr_accessor :context
-      attr_accessor :parameter
-      attr_accessor :database
-      attr_accessor :schema
-      attr_accessor :table
-      attr_accessor :field
-
-      DATABASE = 'db'.freeze
-      REQUEST = 'request'.freeze
-
-      def for_request(context, parameter, rule)
-        self.type = ContextFilter::REQUEST
-        self.context = context
-        self.parameter = parameter
-        self.rule = rule
-        self
-      end
-
-      def create_hash_value
-        "#{type}#{context}#{parameter}#{database}#{schema}#{table}#{field}#{rule}".hash
-      end
-
-      def eql?(other)
-        hash == other.hash
-      end
-
-      def hash
-        create_hash_value
-      end
-
-      def for_database(database, schema, table, field, rule)
-        self.type = ContextFilter::DATABASE
-        self.database = database
-        self.schema = schema
-        self.table = table
-        self.field = field
-        self.rule = rule
-        self
-      end
-
-      def for_request(context, parameter, rule) # rubocop:disable Lint/DuplicateMethods
-        self.type = ContextFilter::REQUEST
-        self.context = context
-        self.parameter = parameter
-        self.rule = rule
-        self
-      end
-    end
-
     class TCellData
       attr_accessor :transaction_id, :session_id, :hmac_session_id, :user_id,
                     :password, :route_id, :path, :uri, :fullpath, :context_filters_by_term,
@@ -68,150 +14,12 @@ module TCellAgent
                     :referrer, :csrf_exception_name, :sql_exceptions, :database_result_sizes,
                     :reverse_proxy_header_value
 
-      def self.filterx(sanitize_string, event_flag, replace_flag, term)
-        send_event = false
-        sanitize_string.gsub!(term) do |m|
-          if replace_flag
-            m = '[redacted]'
-            send_event = true
-          elsif event_flag
-            # m = "[hash]"
-            send_event = true
-          end
-          m
-        end
-        send_event
-      end
-
       def initialize
         @patches_blocking_triggered = false
-        @context_filters_by_term = Hash.new { |h, k| h[k] = Set.new }
         @sql_exceptions = []
         @database_result_sizes = []
       end
 
-      def valid_term?(term)
-        return true if !term.nil? && term != '' && term.to_s.length >= 5
-
-        false
-      end
-
-      def add_response_db_filter(term, action_obj, database, schema, table, field)
-        return unless valid_term?(term)
-
-        context_filters_by_term[term.to_s].add(ContextFilter.new.for_database(database, schema, table, field, action_obj))
-      end
-
-      def add_filter_for_request_parameter(term, rule, parameter_name)
-        return unless valid_term?(term)
-
-        context_filters_by_term[term.to_s].add(ContextFilter.new.for_request('form', parameter_name, rule))
-      end
-
-      def add_filter_for_header_value(term, rule, header_name)
-        return unless valid_term?(term)
-
-        context_filters_by_term[term.to_s].add(ContextFilter.new.for_request('header', header_name, rule))
-      end
-
-      def add_filter_for_cookie_value(term, rule, cookie_name)
-        return unless valid_term?(term)
-
-        context_filters_by_term[term.to_s].add(ContextFilter.new.for_request('cookie', cookie_name, rule))
-      end
-
-      def filter_body!(body)
-        dlp_policy = TCellAgent.policy(TCellAgent::PolicyTypes::DATALOSS)
-        if dlp_policy && session_id
-          session_id_actions = dlp_policy.get_actions_for_session_id
-          if session_id_actions
-            send_flag = TCellData.filterx(body, session_id_actions.body_event, session_id_actions.body_redact, session_id)
-            if send_flag
-              TCellAgent.send_event(
-                TCellAgent::SensorEvents::DlpEvent.new(
-                  route_id,
-                  uri,
-                  TCellAgent::SensorEvents::DlpEvent::FOUND_IN_BODY,
-                  session_id_actions.action_id
-                ).for_framework(TCellAgent::SensorEvents::DlpEvent::FRAMEWORK_VARIABLE_SESSION_ID)
-              )
-
-            end
-          end
-        end
-        context_filters_by_term.sort_by { |term, _context_filters| -term.length }.each do |term, context_filters|
-          replace_filters = (context_filters.select { |context_filter| context_filter.rule.body_redact == true })
-          event_filters = (context_filters.select { |context_filter| (context_filter.rule.body_redact != true && context_filter.rule.body_event == true) })
-          send_flag = TCellData.filterx(body, !event_filters.empty?, !replace_filters.empty?, term)
-          send_flag ||= TCellData.filterx(body, !event_filters.empty?, !replace_filters.empty?, CGI.escapeHTML(term))
-          next unless send_flag
-
-          (replace_filters + event_filters).each do |filter|
-            base_event = TCellAgent::SensorEvents::DlpEvent.new(
-              route_id,
-              uri,
-              TCellAgent::SensorEvents::DlpEvent::FOUND_IN_BODY,
-              filter.rule.action_id
-            )
-            if filter.type == ContextFilter::DATABASE
-              TCellAgent.send_event(
-                base_event.for_database(filter.database, filter.schema, filter.table, filter.field)
-              )
-            elsif filter.type == ContextFilter::REQUEST
-              TCellAgent.send_event(
-                base_event.for_request(filter.context, filter.parameter)
-              )
-            end
-          end
-        end
-        body
-      end
-
-      def filter_log(log_msg)
-        dlp_policy = TCellAgent.policy(TCellAgent::PolicyTypes::DATALOSS)
-        if dlp_policy && session_id
-          session_id_actions = dlp_policy.get_actions_for_session_id
-          if session_id_actions
-            send_flag = TCellData.filterx(log_msg, session_id_actions.log_event, session_id_actions.log_redact, session_id)
-            if send_flag
-              TCellAgent.send_event(
-                TCellAgent::SensorEvents::DlpEvent.new(
-                  route_id,
-                  uri,
-                  TCellAgent::SensorEvents::DlpEvent::FOUND_IN_LOG,
-                  session_id_actions.action_id
-                ).for_framework(TCellAgent::SensorEvents::DlpEvent::FRAMEWORK_VARIABLE_SESSION_ID)
-              )
-            end
-          end
-        end
-        context_filters_by_term.sort_by { |term, _context_filters| -term.length }.each do |term, context_filters|
-          replace_filters = (context_filters.select { |context_filter| context_filter.rule.log_redact == true })
-          event_filters = (context_filters.select { |context_filter| (context_filter.rule.log_redact != true && context_filter.rule.log_event == true) })
-          send_flag = TCellData.filterx(log_msg, !event_filters.empty?, !replace_filters.empty?, term)
-          next unless send_flag
-
-          (replace_filters + event_filters).each do |filter|
-            base_event = TCellAgent::SensorEvents::DlpEvent.new(
-              route_id,
-              uri,
-              TCellAgent::SensorEvents::DlpEvent::FOUND_IN_LOG,
-              filter.rule.action_id
-            )
-            if filter.type == ContextFilter::DATABASE
-              TCellAgent.send_event(
-                base_event.for_database(filter.database, filter.schema, filter.table, filter.field)
-              )
-            elsif filter.type == ContextFilter::REQUEST
-              TCellAgent.send_event(
-                base_event.for_request(filter.context, filter.parameter)
-              )
-            end
-          end
-        end
-        log_msg
-      end
-
       def to_s
         "<#{self.class.name} transaction_id: #{transaction_id} session_id: #{session_id} " \
         "hmac_session_id: #{hmac_session_id} user_id: #{user_id} route_id: #{route_id} " \

data/lib/tcell_agent/policies/policies_manager.rb

@@ -4,7 +4,6 @@ require 'tcell_agent/policies/policy_types'
 
 require 'tcell_agent/policies/appfirewall_policy'
 require 'tcell_agent/policies/command_injection_policy'
-require 'tcell_agent/policies/dataloss_policy'
 require 'tcell_agent/policies/headers_policy'
 require 'tcell_agent/policies/http_redirect_policy'
 require 'tcell_agent/policies/js_agent_policy'
@@ -39,22 +38,9 @@ module TCellAgent
           @native_agent, enablements
         )
       end
-
-      set_dataloss_policy({ 'dlp' => {} })
     end
 
-    def set_dataloss_policy(policies_json)
-      TCellAgent::Instrumentation.safe_block('Setting DLP policy') do
-        dlp_api_identifier = TCellAgent::Policies::DataLossPolicy.api_identifier
-        return unless policies_json.key?(dlp_api_identifier)
-
-        @policies[dlp_api_identifier] = TCellAgent::Policies::DataLossPolicy.new(
-          policies_json[dlp_api_identifier]
-        )
-      end
-    end
-
-    def process_policy_json(enablements, policies_json)
+    def process_policy_json(enablements)
       return if enablements.nil? || enablements == {}
 
       RUST_POLICY_CLASSES.each do |policy_class|
@@ -62,8 +48,6 @@ module TCellAgent
           @native_agent, enablements
         )
       end
-
-      set_dataloss_policy(policies_json)
     end
   end
 end

data/lib/tcell_agent/policies/policy_polling.rb

@@ -42,8 +42,7 @@ module TCellAgent
             result = native_agent.poll_new_policies
             policies_and_enablements = result['new_policies_and_enablements'] || {}
             @policies_manager.process_policy_json(
-              policies_and_enablements['enablements'],
-              policies_and_enablements['policies']
+              policies_and_enablements['enablements']
             )
           rescue StandardError => e
             module_logger.error("Error in polling policies: #{e.message}")

data/lib/tcell_agent/policies/policy_types.rb

@@ -2,7 +2,6 @@ module TCellAgent
   class PolicyTypes
     HTTPREDIRECT = 'http-redirect'.freeze
     LOGINFRAUD = 'login'.freeze
-    DATALOSS = 'dlp'.freeze
     APPSENSOR = 'appsensor'.freeze
     PATCHES = 'patches'.freeze
     COMMANDINJECTION = 'cmdi'.freeze

data/lib/tcell_agent/rails/database.rb

@@ -0,0 +1,49 @@
+# See the file "LICENSE" for the full license governing this code.
+
+require 'rails'
+require 'tcell_agent/agent'
+require 'tcell_agent/rails/middleware/context_middleware'
+require 'tcell_agent/instrumentation'
+
+require 'thread'
+
+module TCellAgent
+  module Instrumentation
+    module Rails
+      module Database
+        def self.push_exception(message, result)
+          appfirewall_policy = TCellAgent.policy(TCellAgent::PolicyTypes::APPSENSOR)
+
+          return unless appfirewall_policy.enabled
+
+          request_env = TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS.fetch(
+            Thread.current.object_id, {}
+          )
+
+          tcell_data = request_env[TCellAgent::Instrumentation::TCELL_ID]
+
+          return unless tcell_data && result.is_a?(ActiveRecord::StatementInvalid)
+
+          tcell_data.sql_exceptions.push(
+            { 'exception_name' => result.class.name, 'exception_payload' => message }
+          )
+        end
+
+        def self.inspect_result_size(results)
+          return if results.empty?
+
+          if TCellAgent.configuration.should_instrument? &&
+             TCellAgent.configuration.should_intercept_requests?
+
+            request_env = TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS.fetch(Thread.current.object_id, {})
+            tcell_context = request_env[TCellAgent::Instrumentation::TCELL_ID]
+
+            if tcell_context
+              tcell_context.database_result_sizes.push(results.size)
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/tcell_agent/rails/middleware/headers_middleware.rb

@@ -77,7 +77,7 @@ module TCellAgent
           end
 
           def _handle_appsensor_js_agent(request, response)
-            TCellAgent::Instrumentation.safe_block('Handling AppSensor, JS Agent, and DLP') do
+            TCellAgent::Instrumentation.safe_block('Handling AppSensor and JSAgent') do
               status_code, response_headers, response_body = response
 
               js_agent_handler, script_insert =

data/lib/tcell_agent/rails/railties/tcell_agent_database_railties.rb

@@ -0,0 +1,81 @@
+require 'tcell_agent/rails/database'
+
+class TCellAgentDatabaseRailtie < Rails::Railtie
+  initializer 'activeservice.autoload', :after => :set_autoload_paths do |_app|
+    if defined?(ActiveRecord)
+      ActiveRecord::ConnectionAdapters::AbstractAdapter.class_eval do
+        alias_method :tcell_translate_exception, :translate_exception
+
+        if RUBY_VERSION.start_with?('3') || RUBY_VERSION.start_with?('2.7')
+          def translate_exception(*args, **kwargs, &block)
+            result = tcell_translate_exception(*args, **kwargs, &block)
+
+            TCellAgent::Instrumentation.safe_block('Set sql_exception_detected in meta') do
+              TCellAgent::Instrumentation::Rails::Database.push_exception(kwargs.fetch(:message, ''), result)
+            end
+
+            result
+          end
+        else
+          def translate_exception(*args, &block)
+            result = tcell_translate_exception(*args, &block)
+
+            TCellAgent::Instrumentation.safe_block('Set sql_exception_detected in meta') do
+              args_copy = Array.new(args)
+              _ = args_copy.shift
+              message = args_copy.shift
+
+              if message.is_a? Hash
+                TCellAgent::Instrumentation::Rails::Database.push_exception(message.fetch(:message, ''), result)
+              else
+                TCellAgent::Instrumentation::Rails::Database.push_exception(message, result)
+              end
+            end
+
+            result
+          end
+        end
+      end
+
+      ActiveRecord::Calculations.module_eval do
+        alias_method :tcell_pluck, :pluck
+        def pluck(*column_names)
+          results = tcell_pluck(*column_names)
+
+          TCellAgent::Instrumentation.safe_block('Checking for unusual database result size on pluck') do
+            TCellAgent::Instrumentation::Rails::Database.inspect_result_size(results)
+          end
+
+          results
+        end
+      end
+
+      ActiveRecord::Querying.module_eval do
+        if RUBY_VERSION.start_with?('3')
+          alias_method :tcell_find_by_sql, :find_by_sql
+          def find_by_sql(*args, **kwargs, &block)
+            results = tcell_find_by_sql(*args, **kwargs, &block)
+
+            TCellAgent::Instrumentation.safe_block('Checking for unusual database result size on find_by_sql') do
+              TCellAgent::Instrumentation::Rails::Database.inspect_result_size(results)
+            end
+
+            results
+          end
+
+        elsif RUBY_VERSION.start_with?('2')
+          alias_method :tcell_find_by_sql, :find_by_sql
+          def find_by_sql(*args, &block)
+            results = tcell_find_by_sql(*args, &block)
+
+            TCellAgent::Instrumentation.safe_block('Checking for unusual database result size on find_by_sql') do
+              TCellAgent::Instrumentation::Rails::Database.inspect_result_size(results)
+            end
+
+            results
+          end
+        end
+      end
+    end
+  end
+end

data/lib/tcell_agent/rails/railties/tcell_agent_railties.rb

@@ -9,7 +9,6 @@ require 'tcell_agent/rails/middleware/context_middleware'
 
 require 'tcell_agent/rails/routes'
 require 'tcell_agent/rails/settings_reporter'
-require 'tcell_agent/rails/dlp'
 require 'tcell_agent/rails/csrf_exception'
 
 require 'cgi'

data/lib/tcell_agent/rails/routes.rb

@@ -1,8 +1,6 @@
 require 'tcell_agent/patches'
 require 'tcell_agent/rails/routes/grape'
 require 'tcell_agent/rails/routes/route_id'
-require 'tcell_agent/rails/dlp/process_request'
-
 require 'json'
 
 module TCellAgent
@@ -146,8 +144,6 @@ module TCellAgent
                 if TCellAgent::Instrumentation::Patches.block?(request)
                   return head(403)
                 end
-
-                TCellAgent::DLP.handle_request_dlp_parameters(request)
               end
 
               yield
@@ -201,8 +197,6 @@ module TCellAgent
               if TCellAgent::Instrumentation::Patches.block?(req)
                 return [403, {}, []]
               end
-
-              TCellAgent::DLP.handle_request_dlp_parameters(req)
             end
 
             tcell_serve(req)
@@ -230,8 +224,6 @@ module TCellAgent
               if TCellAgent::Instrumentation::Patches.block?(tcell_request)
                 return [403, {}, []]
               end
-
-              TCellAgent::DLP.handle_request_dlp_parameters(tcell_request)
             end
 
             tcell_call(env)

data/lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb

@@ -15,23 +15,6 @@ module TCellAgent
         h[0...h.length / 2]
       end
 
-      def self.strip_values_query_string(query)
-        params = CGI.parse(query)
-        params.each do |param_name, param_values|
-          next if param_values.nil? || param_values.empty?
-
-          params[param_name] = ['']
-        end
-        params.map { |k, v| "#{k}=#{v.join(',')}" }.join('&')
-      end
-
-      def self.strip_uri_values(uri_string)
-        uri = URI(uri_string)
-        query = uri.query
-        uri.query = strip_values_query_string(query) if query
-        uri.to_s
-      end
-
       def self.get_hmac_key
         return TCellAgent.configuration.hmac_key if TCellAgent.configuration.hmac_key
         return TCellAgent.configuration.app_id if TCellAgent.configuration.app_id

data/lib/tcell_agent/version.rb

@@ -1,5 +1,5 @@
 # See the file "LICENSE" for the full license governing this code.
 
 module TCellAgent
-  VERSION = '2.7.0'.freeze
+  VERSION = '2.7.1'.freeze
 end

data/lib/tcell_agent.rb

@@ -12,7 +12,9 @@ unless TCellAgent.configuration.disable_all
 
   require 'tcell_agent/instrument_servers'
   require 'tcell_agent/hooks/login_fraud'
-  require 'tcell_agent/rails/railties/tcell_agent_railties' if defined?(Rails)
-  # sinatra used to be supported, but dropped support due to no customers using it
-  # require 'tcell_agent/sinatra' if defined?(Sinatra)
+
+  if defined?(Rails)
+    require 'tcell_agent/rails/railties/tcell_agent_railties' if defined?(Rails)
+    require 'tcell_agent/rails/railties/tcell_agent_database_railties'
+  end
 end

data/spec/lib/tcell_agent/policies/policies_manager_spec.rb

@@ -4,7 +4,7 @@ module TCellAgent
   describe PoliciesManager do
     before(:all) do
       assert_policy_state = proc do |policies, state|
-        expect(policies.keys.size).to eq(10)
+        expect(policies.keys.size).to eq(9)
 
         policies.each_value do |policy|
           next if policy.instance_of?(TCellAgent::Policies::LoginPolicy)
@@ -51,21 +51,21 @@ module TCellAgent
 
         context 'nil enablements' do
           it 'all policies should remain disabled' do
-            @policies_manager.process_policy_json(nil, {})
+            @policies_manager.process_policy_json(nil)
             @assert_all_policies_disabled.call(@policies_manager.policies)
           end
         end
 
         context 'empty enablements' do
           it 'all policies should remain disabled' do
-            @policies_manager.process_policy_json({}, {})
+            @policies_manager.process_policy_json({})
             @assert_all_policies_disabled.call(@policies_manager.policies)
           end
         end
 
         context 'empty enablements' do
           it 'all policies should remain disabled' do
-            @policies_manager.process_policy_json({}, {})
+            @policies_manager.process_policy_json({})
             @assert_all_policies_disabled.call(@policies_manager.policies)
           end
         end
@@ -83,18 +83,7 @@ module TCellAgent
               'login_success_enabled' => true,
               'login_failed_enabled' => true
             }
-            policies_json = {
-              'dlp' => {
-                'policy_id' => 'policy-id',
-                'version' => 1,
-                'data' => {
-                  'data_discovery' => {
-                    'database_enabled' => true
-                  }
-                }
-              }
-            }
-            @policies_manager.process_policy_json(enablements, policies_json)
+            @policies_manager.process_policy_json(enablements)
             @assert_all_policies_enabled.call(@policies_manager.policies)
           end
         end

data/spec/lib/tcell_agent/rails/database.rb

@@ -0,0 +1,60 @@
+require 'spec_helper'
+
+require 'active_record'
+require 'tcell_agent/rails/railties/tcell_agent_database_railties'
+
+describe '.find_by_sql' do
+  before(:all) do
+    TCellAgentDatabaseRailtie.initializers[0].run
+  end
+
+  context 'testing function arguments' do
+    it 'accepts args' do
+      klass = Class.new.extend(ActiveRecord::Querying)
+
+      expect(klass).to receive(:find_by_sql).and_call_original
+      expect(klass).to receive(:find_by_sql).and_call_original
+      expect(klass).to receive(:tcell_find_by_sql).and_call_original
+      expect(klass).to receive(:tcell_find_by_sql).and_call_original
+
+      expect do
+        klass.find_by_sql('SELECT * FROM table')
+      end.to raise_error(NameError)
+
+      expect do
+        klass.find_by_sql('SELECT * FROM table', [1])
+      end.to raise_error(NameError)
+    end
+
+    context 'ruby 2' do
+      it 'accepts args and kwargs', :if => RUBY_VERSION.start_with?('2') do
+        klass = Class.new.extend(ActiveRecord::Querying)
+
+        expect(klass).to receive(:find_by_sql).and_call_original
+        expect(klass).to receive(:tcell_find_by_sql).and_call_original
+
+        expect do
+          klass.find_by_sql('SELECT * FROM table', [1], { :preparable => true })
+        end.to raise_error(NameError)
+      end
+    end
+
+    context 'ruby 3' do
+      it 'accepts args and kwargs', :if => RUBY_VERSION.start_with?('3') do
+        klass = Class.new.extend(ActiveRecord::Querying)
+
+        expect(klass).to receive(:find_by_sql).and_call_original
+        expect(klass).to receive(:find_by_sql).and_call_original
+        expect(klass).to receive(:tcell_find_by_sql).and_call_original
+        expect(klass).to receive(:tcell_find_by_sql).and_call_original
+
+        expect do
+          klass.find_by_sql('SELECT * FROM table', [1], :preparable => true)
+        end.to raise_error(NameError)
+        expect do
+          klass.find_by_sql('SELECT * FROM table', [1], **{ :preparable => true })
+        end.to raise_error(NameError)
+      end
+    end
+  end
+end

data/spec/lib/tcell_agent/rails/middleware/tcell_body_proxy_spec.rb

@@ -121,7 +121,7 @@ module TCellAgent
               end
 
               context 'that should be processed' do
-                it 'should call js and dlp procs as well as calculate content length' do
+                it 'should call js procs as well as calculate content length' do
                   js_agent_insertion_proc = double('js_agent_insertion_proc')
                   tcell_body_proxy = TCellBodyProxy.new(
                     Rack::BodyProxy.new(['some content']) {},
@@ -168,7 +168,7 @@ module TCellAgent
             end
 
             context 'that should be processed' do
-              it 'should call js and dlp procs as well as calculate content length' do
+              it 'should call js procs as well as calculate content length' do
                 body_chunk = 'some content'
                 js_agent_insertion_proc = double('js_agent_insertion_proc')
                 tcell_body_proxy = TCellBodyProxy.new(