dd-trace 2.4.1 → 2.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/package.json +2 -2
  2. package/packages/datadog-instrumentations/src/amqplib.js +1 -1
  3. package/packages/datadog-instrumentations/src/http/client.js +10 -10
  4. package/packages/datadog-plugin-elasticsearch/src/index.js +4 -2
  5. package/packages/datadog-plugin-http/src/client.js +4 -1
  6. package/packages/datadog-plugin-http/src/server.js +7 -2
  7. package/packages/datadog-plugin-jest/src/jest-environment.js +3 -3
  8. package/packages/dd-trace/lib/version.js +1 -1
  9. package/packages/dd-trace/src/appsec/recommended.json +105 -206
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "dd-trace",
3
- "version": "2.4.1",
3
+ "version": "2.4.2",
4
4
  "description": "Datadog APM tracing client for JavaScript",
5
5
  "main": "index.js",
6
6
  "typings": "index.d.ts",
@@ -61,7 +61,7 @@
61
61
  "node": ">=12"
62
62
  },
63
63
  "dependencies": {
64
- "@datadog/native-appsec": "^0.8.3",
64
+ "@datadog/native-appsec": "^1.0.0",
65
65
  "@datadog/native-metrics": "^1.1.0",
66
66
  "@datadog/pprof": "^0.3.0",
67
67
  "@datadog/sketches-js": "^1.0.4",
package/packages/datadog-instrumentations/src/amqplib.js CHANGED
@@ -38,7 +38,7 @@ addHook({ name: 'amqplib', file: 'lib/channel.js', versions: ['>=0.5'] }, channe
38
38
 
39
39
  function instrument (send, channel, args, method, fields, message) {
40
40
  if (!startCh.hasSubscribers) {
41
- return send.apply(this, arguments)
41
+ return send.apply(channel, args)
42
42
  }
43
43
  startCh.publish({ channel, method, fields, message })
44
44
 
package/packages/datadog-instrumentations/src/http/client.js CHANGED
@@ -50,6 +50,7 @@ function patch (http, methodName) {
50
50
 
51
51
  const ar = new AsyncResource('bound-anonymous-fn')
52
52
 
53
+ let finished = false
53
54
  let callback = args.callback
54
55
 
55
56
  if (callback) {
@@ -60,34 +61,33 @@ function patch (http, methodName) {
60
61
  const req = ar.bind(request).call(this, options, callback)
61
62
  const emit = req.emit
62
63
 
63
- req.emit = function (eventName, arg) {
64
- const finished = false
65
- const finish = (finished, req, res) => {
66
- if (!finished) {
67
- finished = true
68
- asyncEndClientCh.publish({ req, res })
69
- }
64
+ const finish = (req, res) => {
65
+ if (!finished) {
66
+ finished = true
67
+ asyncEndClientCh.publish({ req, res })
70
68
  }
69
+ }
71
70
 
71
+ req.emit = function (eventName, arg) {
72
72
  ar.runInAsyncScope(() => {
73
73
  switch (eventName) {
74
74
  case 'response': {
75
75
  const res = arg
76
- const listener = ar.bind(() => finish(finished, req, res))
76
+ const listener = ar.bind(() => finish(req, res))
77
77
  res.on('end', listener)
78
78
  res.on('error', listener)
79
79
  break
80
80
  }
81
81
  case 'connect':
82
82
  case 'upgrade':
83
- finish(finished, req, arg)
83
+ finish(req, arg)
84
84
  break
85
85
  case 'error':
86
86
  errorClientCh.publish(arg)
87
87
  case 'abort': // deprecated and replaced by `close` in node 17
88
88
  case 'timeout':
89
89
  case 'close':
90
- finish(finished, req)
90
+ finish(req)
91
91
  }
92
92
  })
93
93
 
package/packages/datadog-plugin-elasticsearch/src/index.js CHANGED
@@ -13,8 +13,6 @@ class ElasticsearchPlugin extends Plugin {
13
13
  super(...args)
14
14
 
15
15
  this.addSub('apm:elasticsearch:query:start', ({ params }) => {
16
- this.config = normalizeConfig(this.config)
17
-
18
16
  const store = storage.getStore()
19
17
  const childOf = store ? store.span : store
20
18
  const body = getBody(params.body || params.bulkBody)
@@ -51,6 +49,10 @@ class ElasticsearchPlugin extends Plugin {
51
49
  span.finish()
52
50
  })
53
51
  }
52
+
53
+ configure (config) {
54
+ return super.configure(normalizeConfig(config))
55
+ }
54
56
  }
55
57
 
56
58
  function normalizeConfig (config) {
package/packages/datadog-plugin-http/src/client.js CHANGED
@@ -24,7 +24,6 @@ class HttpClientPlugin extends Plugin {
24
24
 
25
25
  this.addSub('apm:http:client:request:start', ({ args, http }) => {
26
26
  const store = storage.getStore()
27
- this.config = normalizeClientConfig(this.config)
28
27
  const options = args.options
29
28
  const agent = options.agent || options._defaultAgent || http.globalAgent
30
29
  const protocol = options.protocol || agent.protocol || 'http:'
@@ -79,6 +78,10 @@ class HttpClientPlugin extends Plugin {
79
78
 
80
79
  this.addSub('apm:http:client:request:error', errorHandler)
81
80
  }
81
+
82
+ configure (config) {
83
+ return super.configure(normalizeClientConfig(config))
84
+ }
82
85
  }
83
86
 
84
87
  function errorHandler (err) {
package/packages/datadog-plugin-http/src/server.js CHANGED
@@ -18,8 +18,6 @@ class HttpServerPlugin extends Plugin {
18
18
 
19
19
  this.addSub('apm:http:server:request:start', ({ req, res }) => {
20
20
  const store = storage.getStore()
21
- this.config = web.normalizeConfig(this.config)
22
-
23
21
  const span = web.startSpan(this.tracer, this.config, req, res, 'http.request')
24
22
 
25
23
  if (this.config.service) {
@@ -56,9 +54,16 @@ class HttpServerPlugin extends Plugin {
56
54
 
57
55
  this.addSub('apm:http:server:request:async-end', ({ req }) => {
58
56
  const context = web.getContext(req)
57
+
58
+ if (!context) return // Not created by a http.Server instance.
59
+
59
60
  web.wrapRes(context, context.req, context.res, context.res.end)()
60
61
  })
61
62
  }
63
+
64
+ configure (config) {
65
+ return super.configure(web.normalizeConfig(config))
66
+ }
62
67
  }
63
68
 
64
69
  module.exports = HttpServerPlugin
package/packages/datadog-plugin-jest/src/jest-environment.js CHANGED
@@ -56,10 +56,10 @@ function createWrapTeardown (tracer, instrumenter) {
56
56
  }
57
57
 
58
58
  instrumenter.unwrap(this.global.test, 'each')
59
- await new Promise((resolve) => {
60
- tracer._exporter._writer.flush(resolve)
59
+
60
+ return teardown.apply(this, arguments).finally(() => {
61
+ return new Promise(resolve => tracer._exporter._writer.flush(resolve))
61
62
  })
62
- return teardown.apply(this, arguments)
63
63
  }
64
64
  }
65
65
  }
package/packages/dd-trace/lib/version.js CHANGED
@@ -1 +1 @@
1
- module.exports = '2.4.1'
1
+ module.exports = '2.4.2'
package/packages/dd-trace/src/appsec/recommended.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": "2.2",
3
3
  "metadata": {
4
- "rules_version": "1.2.6"
4
+ "rules_version": "1.3.0"
5
5
  },
6
6
  "rules": [
7
7
  {
@@ -280,9 +280,6 @@
280
280
  {
281
281
  "parameters": {
282
282
  "inputs": [
283
- {
284
- "address": "server.request.cookies"
285
- },
286
283
  {
287
284
  "address": "server.request.query"
288
285
  },
@@ -297,53 +294,54 @@
297
294
  }
298
295
  ],
299
296
  "list": [
300
- ".htaccess",
301
- ".htdigest",
302
- ".htpasswd",
303
- ".addressbook",
304
- ".aptitude/config",
305
- ".bash_config",
306
- ".bash_history",
307
- ".bash_logout",
308
- ".bash_profile",
309
- ".bashrc",
297
+ "/.htaccess",
298
+ "/.htdigest",
299
+ "/.htpasswd",
300
+ "/.addressbook",
301
+ "/.aptitude/config",
302
+ "/.bash_config",
303
+ "/.bash_history",
304
+ "/.bash_logout",
305
+ "/.bash_profile",
306
+ "/.bashrc",
310
307
  ".cache/notify-osd.log",
311
308
  ".config/odesk/odesk team.conf",
312
- ".cshrc",
313
- ".dockerignore",
309
+ "/.cshrc",
310
+ "/.dockerignore",
314
311
  ".drush/",
315
- ".eslintignore",
316
- ".fbcindex",
317
- ".forward",
318
- ".git",
319
- ".gitattributes",
320
- ".gitconfig",
312
+ "/.eslintignore",
313
+ "/.fbcindex",
314
+ "/.forward",
315
+ "/.git",
316
+ ".git/",
317
+ "/.gitattributes",
318
+ "/.gitconfig",
321
319
  ".gnupg/",
322
320
  ".hplip/hplip.conf",
323
- ".ksh_history",
324
- ".lesshst",
321
+ "/.ksh_history",
322
+ "/.lesshst",
325
323
  ".lftp/",
326
- ".lhistory",
327
- ".lldb-history",
324
+ "/.lhistory",
325
+ "/.lldb-history",
328
326
  ".local/share/mc/",
329
- ".lynx_cookies",
330
- ".my.cnf",
331
- ".mysql_history",
332
- ".nano_history",
333
- ".node_repl_history",
334
- ".pearrc",
335
- ".php_history",
336
- ".pinerc",
327
+ "/.lynx_cookies",
328
+ "/.my.cnf",
329
+ "/.mysql_history",
330
+ "/.nano_history",
331
+ "/.node_repl_history",
332
+ "/.pearrc",
333
+ "/.php_history",
334
+ "/.pinerc",
337
335
  ".pki/",
338
- ".proclog",
339
- ".procmailrc",
340
- ".psql_history",
341
- ".python_history",
342
- ".rediscli_history",
343
- ".rhistory",
344
- ".rhosts",
345
- ".sh_history",
346
- ".sqlite_history",
336
+ "/.proclog",
337
+ "/.procmailrc",
338
+ "/.psql_history",
339
+ "/.python_history",
340
+ "/.rediscli_history",
341
+ "/.rhistory",
342
+ "/.rhosts",
343
+ "/.sh_history",
344
+ "/.sqlite_history",
347
345
  ".ssh/authorized_keys",
348
346
  ".ssh/config",
349
347
  ".ssh/id_dsa",
@@ -357,17 +355,17 @@
357
355
  ".subversion/config",
358
356
  ".subversion/servers",
359
357
  ".tconn/tconn.conf",
360
- ".tcshrc",
358
+ "/.tcshrc",
361
359
  ".vidalia/vidalia.conf",
362
- ".viminfo",
363
- ".vimrc",
364
- ".www_acl",
365
- ".wwwacl",
366
- ".xauthority",
367
- ".zhistory",
368
- ".zshrc",
369
- ".zsh_history",
370
- ".nsconfig",
360
+ "/.viminfo",
361
+ "/.vimrc",
362
+ "/.www_acl",
363
+ "/.wwwacl",
364
+ "/.xauthority",
365
+ "/.zhistory",
366
+ "/.zshrc",
367
+ "/.zsh_history",
368
+ "/.nsconfig",
371
369
  "etc/redis.conf",
372
370
  "etc/redis-sentinel.conf",
373
371
  "etc/php.ini",
@@ -1349,26 +1347,26 @@
1349
1347
  "etc/vmware-tools/vmware-tools-libraries.conf",
1350
1348
  "var/log/vmware/hostd.log",
1351
1349
  "var/log/vmware/hostd-1.log",
1352
- "wp-config.php",
1353
- "wp-config.bak",
1354
- "wp-config.old",
1355
- "wp-config.temp",
1356
- "wp-config.tmp",
1357
- "wp-config.txt",
1358
- "config.yml",
1359
- "config_dev.yml",
1360
- "config_prod.yml",
1361
- "config_test.yml",
1362
- "parameters.yml",
1363
- "routing.yml",
1364
- "security.yml",
1365
- "services.yml",
1350
+ "/wp-config.php",
1351
+ "/wp-config.bak",
1352
+ "/wp-config.old",
1353
+ "/wp-config.temp",
1354
+ "/wp-config.tmp",
1355
+ "/wp-config.txt",
1356
+ "/config.yml",
1357
+ "/config_dev.yml",
1358
+ "/config_prod.yml",
1359
+ "/config_test.yml",
1360
+ "/parameters.yml",
1361
+ "/routing.yml",
1362
+ "/security.yml",
1363
+ "/services.yml",
1366
1364
  "sites/default/default.settings.php",
1367
1365
  "sites/default/settings.php",
1368
1366
  "sites/default/settings.local.php",
1369
1367
  "app/etc/local.xml",
1370
- "sftp-config.json",
1371
- "web.config",
1368
+ "/sftp-config.json",
1369
+ "/web.config",
1372
1370
  "includes/config.php",
1373
1371
  "includes/configure.php",
1374
1372
  "config.inc.php",
@@ -1392,14 +1390,14 @@
1392
1390
  "system32/config/system",
1393
1391
  "system32/config/software",
1394
1392
  "winnt/repair/sam._",
1395
- "package.json",
1396
- "package-lock.json",
1397
- "gruntfile.js",
1398
- "npm-debug.log",
1399
- "ormconfig.json",
1400
- "tsconfig.json",
1401
- "webpack.config.js",
1402
- "yarn.lock"
1393
+ "/package.json",
1394
+ "/package-lock.json",
1395
+ "/gruntfile.js",
1396
+ "/npm-debug.log",
1397
+ "/ormconfig.json",
1398
+ "/tsconfig.json",
1399
+ "/webpack.config.js",
1400
+ "/yarn.lock"
1403
1401
  ]
1404
1402
  },
1405
1403
  "operator": "phrase_match"
@@ -1481,9 +1479,6 @@
1481
1479
  {
1482
1480
  "parameters": {
1483
1481
  "inputs": [
1484
- {
1485
- "address": "server.request.cookies"
1486
- },
1487
1482
  {
1488
1483
  "address": "server.request.query"
1489
1484
  },
@@ -1781,9 +1776,6 @@
1781
1776
  {
1782
1777
  "parameters": {
1783
1778
  "inputs": [
1784
- {
1785
- "address": "server.request.cookies"
1786
- },
1787
1779
  {
1788
1780
  "address": "server.request.query"
1789
1781
  },
@@ -1838,9 +1830,6 @@
1838
1830
  {
1839
1831
  "parameters": {
1840
1832
  "inputs": [
1841
- {
1842
- "address": "server.request.cookies"
1843
- },
1844
1833
  {
1845
1834
  "address": "server.request.query"
1846
1835
  },
@@ -1877,9 +1866,6 @@
1877
1866
  {
1878
1867
  "parameters": {
1879
1868
  "inputs": [
1880
- {
1881
- "address": "server.request.cookies"
1882
- },
1883
1869
  {
1884
1870
  "address": "server.request.query"
1885
1871
  },
@@ -1915,9 +1901,6 @@
1915
1901
  {
1916
1902
  "parameters": {
1917
1903
  "inputs": [
1918
- {
1919
- "address": "server.request.cookies"
1920
- },
1921
1904
  {
1922
1905
  "address": "server.request.query"
1923
1906
  },
@@ -1997,9 +1980,6 @@
1997
1980
  {
1998
1981
  "parameters": {
1999
1982
  "inputs": [
2000
- {
2001
- "address": "server.request.cookies"
2002
- },
2003
1983
  {
2004
1984
  "address": "server.request.query"
2005
1985
  },
@@ -2035,9 +2015,6 @@
2035
2015
  {
2036
2016
  "parameters": {
2037
2017
  "inputs": [
2038
- {
2039
- "address": "server.request.cookies"
2040
- },
2041
2018
  {
2042
2019
  "address": "server.request.headers.no_cookies"
2043
2020
  },
@@ -2077,9 +2054,6 @@
2077
2054
  {
2078
2055
  "parameters": {
2079
2056
  "inputs": [
2080
- {
2081
- "address": "server.request.cookies"
2082
- },
2083
2057
  {
2084
2058
  "address": "server.request.query"
2085
2059
  },
@@ -2118,9 +2092,6 @@
2118
2092
  {
2119
2093
  "parameters": {
2120
2094
  "inputs": [
2121
- {
2122
- "address": "server.request.cookies"
2123
- },
2124
2095
  {
2125
2096
  "address": "server.request.query"
2126
2097
  },
@@ -2157,9 +2128,6 @@
2157
2128
  {
2158
2129
  "parameters": {
2159
2130
  "inputs": [
2160
- {
2161
- "address": "server.request.cookies"
2162
- },
2163
2131
  {
2164
2132
  "address": "server.request.headers.no_cookies",
2165
2133
  "key_path": [
@@ -2205,9 +2173,6 @@
2205
2173
  {
2206
2174
  "parameters": {
2207
2175
  "inputs": [
2208
- {
2209
- "address": "server.request.cookies"
2210
- },
2211
2176
  {
2212
2177
  "address": "server.request.headers.no_cookies",
2213
2178
  "key_path": [
@@ -2257,9 +2222,6 @@
2257
2222
  {
2258
2223
  "parameters": {
2259
2224
  "inputs": [
2260
- {
2261
- "address": "server.request.cookies"
2262
- },
2263
2225
  {
2264
2226
  "address": "server.request.headers.no_cookies",
2265
2227
  "key_path": [
@@ -2309,9 +2271,6 @@
2309
2271
  {
2310
2272
  "parameters": {
2311
2273
  "inputs": [
2312
- {
2313
- "address": "server.request.cookies"
2314
- },
2315
2274
  {
2316
2275
  "address": "server.request.headers.no_cookies",
2317
2276
  "key_path": [
@@ -2361,9 +2320,6 @@
2361
2320
  {
2362
2321
  "parameters": {
2363
2322
  "inputs": [
2364
- {
2365
- "address": "server.request.cookies"
2366
- },
2367
2323
  {
2368
2324
  "address": "server.request.query"
2369
2325
  },
@@ -2407,9 +2363,6 @@
2407
2363
  {
2408
2364
  "parameters": {
2409
2365
  "inputs": [
2410
- {
2411
- "address": "server.request.cookies"
2412
- },
2413
2366
  {
2414
2367
  "address": "server.request.query"
2415
2368
  },
@@ -2448,9 +2401,6 @@
2448
2401
  {
2449
2402
  "parameters": {
2450
2403
  "inputs": [
2451
- {
2452
- "address": "server.request.cookies"
2453
- },
2454
2404
  {
2455
2405
  "address": "server.request.query"
2456
2406
  },
@@ -2489,9 +2439,6 @@
2489
2439
  {
2490
2440
  "parameters": {
2491
2441
  "inputs": [
2492
- {
2493
- "address": "server.request.cookies"
2494
- },
2495
2442
  {
2496
2443
  "address": "server.request.query"
2497
2444
  },
@@ -2530,9 +2477,6 @@
2530
2477
  {
2531
2478
  "parameters": {
2532
2479
  "inputs": [
2533
- {
2534
- "address": "server.request.cookies"
2535
- },
2536
2480
  {
2537
2481
  "address": "server.request.query"
2538
2482
  },
@@ -2570,9 +2514,6 @@
2570
2514
  {
2571
2515
  "parameters": {
2572
2516
  "inputs": [
2573
- {
2574
- "address": "server.request.cookies"
2575
- },
2576
2517
  {
2577
2518
  "address": "server.request.query"
2578
2519
  },
@@ -2612,9 +2553,6 @@
2612
2553
  {
2613
2554
  "parameters": {
2614
2555
  "inputs": [
2615
- {
2616
- "address": "server.request.cookies"
2617
- },
2618
2556
  {
2619
2557
  "address": "server.request.query"
2620
2558
  },
@@ -2652,9 +2590,6 @@
2652
2590
  {
2653
2591
  "parameters": {
2654
2592
  "inputs": [
2655
- {
2656
- "address": "server.request.cookies"
2657
- },
2658
2593
  {
2659
2594
  "address": "server.request.query"
2660
2595
  },
@@ -2692,9 +2627,6 @@
2692
2627
  {
2693
2628
  "parameters": {
2694
2629
  "inputs": [
2695
- {
2696
- "address": "server.request.cookies"
2697
- },
2698
2630
  {
2699
2631
  "address": "server.request.query"
2700
2632
  },
@@ -2732,9 +2664,6 @@
2732
2664
  {
2733
2665
  "parameters": {
2734
2666
  "inputs": [
2735
- {
2736
- "address": "server.request.cookies"
2737
- },
2738
2667
  {
2739
2668
  "address": "server.request.query"
2740
2669
  },
@@ -2772,9 +2701,6 @@
2772
2701
  {
2773
2702
  "parameters": {
2774
2703
  "inputs": [
2775
- {
2776
- "address": "server.request.cookies"
2777
- },
2778
2704
  {
2779
2705
  "address": "server.request.query"
2780
2706
  },
@@ -2811,9 +2737,6 @@
2811
2737
  {
2812
2738
  "parameters": {
2813
2739
  "inputs": [
2814
- {
2815
- "address": "server.request.cookies"
2816
- },
2817
2740
  {
2818
2741
  "address": "server.request.query"
2819
2742
  },
@@ -2850,9 +2773,6 @@
2850
2773
  {
2851
2774
  "parameters": {
2852
2775
  "inputs": [
2853
- {
2854
- "address": "server.request.cookies"
2855
- },
2856
2776
  {
2857
2777
  "address": "server.request.query"
2858
2778
  },
@@ -2886,9 +2806,6 @@
2886
2806
  {
2887
2807
  "parameters": {
2888
2808
  "inputs": [
2889
- {
2890
- "address": "server.request.cookies"
2891
- },
2892
2809
  {
2893
2810
  "address": "server.request.query"
2894
2811
  },
@@ -2925,9 +2842,6 @@
2925
2842
  {
2926
2843
  "parameters": {
2927
2844
  "inputs": [
2928
- {
2929
- "address": "server.request.cookies"
2930
- },
2931
2845
  {
2932
2846
  "address": "server.request.query"
2933
2847
  },
@@ -2963,9 +2877,6 @@
2963
2877
  {
2964
2878
  "parameters": {
2965
2879
  "inputs": [
2966
- {
2967
- "address": "server.request.cookies"
2968
- },
2969
2880
  {
2970
2881
  "address": "server.request.query"
2971
2882
  },
@@ -3001,9 +2912,6 @@
3001
2912
  {
3002
2913
  "parameters": {
3003
2914
  "inputs": [
3004
- {
3005
- "address": "server.request.cookies"
3006
- },
3007
2915
  {
3008
2916
  "address": "server.request.query"
3009
2917
  },
@@ -3040,9 +2948,6 @@
3040
2948
  {
3041
2949
  "parameters": {
3042
2950
  "inputs": [
3043
- {
3044
- "address": "server.request.cookies"
3045
- },
3046
2951
  {
3047
2952
  "address": "server.request.query"
3048
2953
  },
@@ -3078,9 +2983,6 @@
3078
2983
  {
3079
2984
  "parameters": {
3080
2985
  "inputs": [
3081
- {
3082
- "address": "server.request.cookies"
3083
- },
3084
2986
  {
3085
2987
  "address": "server.request.query"
3086
2988
  },
@@ -3116,9 +3018,6 @@
3116
3018
  {
3117
3019
  "parameters": {
3118
3020
  "inputs": [
3119
- {
3120
- "address": "server.request.cookies"
3121
- },
3122
3021
  {
3123
3022
  "address": "server.request.query"
3124
3023
  },
@@ -3155,9 +3054,6 @@
3155
3054
  {
3156
3055
  "parameters": {
3157
3056
  "inputs": [
3158
- {
3159
- "address": "server.request.cookies"
3160
- },
3161
3057
  {
3162
3058
  "address": "server.request.query"
3163
3059
  },
@@ -3193,9 +3089,6 @@
3193
3089
  {
3194
3090
  "parameters": {
3195
3091
  "inputs": [
3196
- {
3197
- "address": "server.request.cookies"
3198
- },
3199
3092
  {
3200
3093
  "address": "server.request.query"
3201
3094
  },
@@ -3232,9 +3125,6 @@
3232
3125
  {
3233
3126
  "parameters": {
3234
3127
  "inputs": [
3235
- {
3236
- "address": "server.request.cookies"
3237
- },
3238
3128
  {
3239
3129
  "address": "server.request.query"
3240
3130
  },
@@ -3277,9 +3167,6 @@
3277
3167
  {
3278
3168
  "address": "server.request.path_params"
3279
3169
  },
3280
- {
3281
- "address": "server.request.cookies"
3282
- },
3283
3170
  {
3284
3171
  "address": "server.request.headers.no_cookies"
3285
3172
  },
@@ -3321,9 +3208,6 @@
3321
3208
  {
3322
3209
  "address": "server.request.path_params"
3323
3210
  },
3324
- {
3325
- "address": "server.request.cookies"
3326
- },
3327
3211
  {
3328
3212
  "address": "server.request.headers.no_cookies"
3329
3213
  },
@@ -3351,9 +3235,6 @@
3351
3235
  {
3352
3236
  "address": "server.request.path_params"
3353
3237
  },
3354
- {
3355
- "address": "server.request.cookies"
3356
- },
3357
3238
  {
3358
3239
  "address": "server.request.headers.no_cookies"
3359
3240
  },
@@ -3395,9 +3276,6 @@
3395
3276
  {
3396
3277
  "address": "server.request.path_params"
3397
3278
  },
3398
- {
3399
- "address": "server.request.cookies"
3400
- },
3401
3279
  {
3402
3280
  "address": "server.request.headers.no_cookies"
3403
3281
  },
@@ -3503,9 +3381,6 @@
3503
3381
  "operator": "match_regex",
3504
3382
  "parameters": {
3505
3383
  "inputs": [
3506
- {
3507
- "address": "server.request.cookies"
3508
- },
3509
3384
  {
3510
3385
  "address": "server.request.query"
3511
3386
  },
@@ -3540,9 +3415,6 @@
3540
3415
  "operator": "match_regex",
3541
3416
  "parameters": {
3542
3417
  "inputs": [
3543
- {
3544
- "address": "server.request.cookies"
3545
- },
3546
3418
  {
3547
3419
  "address": "server.request.query"
3548
3420
  },
@@ -3568,6 +3440,33 @@
3568
3440
  ],
3569
3441
  "transformers": []
3570
3442
  },
3443
+ {
3444
+ "id": "dog-000-004",
3445
+ "name": "Spring4Shell - Attempts to exploit the Spring4shell vulnerability",
3446
+ "tags": {
3447
+ "type": "exploit_detection",
3448
+ "category": "attack_attempt"
3449
+ },
3450
+ "conditions": [
3451
+ {
3452
+ "operator": "match_regex",
3453
+ "parameters": {
3454
+ "inputs": [
3455
+ {
3456
+ "address": "server.request.body"
3457
+ }
3458
+ ],
3459
+ "regex": "^class\\.module\\.classLoader\\.",
3460
+ "options": {
3461
+ "case_sensitive": false
3462
+ }
3463
+ }
3464
+ }
3465
+ ],
3466
+ "transformers": [
3467
+ "keys_only"
3468
+ ]
3469
+ },
3571
3470
  {
3572
3471
  "id": "nfd-000-001",
3573
3472
  "name": "Detect common directory discovery scans",
@@ -4484,9 +4383,9 @@
4484
4383
  },
4485
4384
  {
4486
4385
  "id": "sqr-000-017",
4487
- "name": "JNDI: Attempt to exploit log4j CVE-2021-44228",
4386
+ "name": "Log4shell: Attempt to exploit log4j CVE-2021-44228",
4488
4387
  "tags": {
4489
- "type": "java_code_injection",
4388
+ "type": "exploit_detection",
4490
4389
  "category": "attack_attempt"
4491
4390
  },
4492
4391
  "conditions": [
@@ -5726,4 +5625,4 @@
5726
5625
  "transformers": []
5727
5626
  }
5728
5627
  ]
5729
- }
5628
+ }