dd-trace 3.36.0 → 3.37.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE-3rdparty.csv +1 -0
- package/ext/tags.d.ts +1 -0
- package/ext/tags.js +1 -0
- package/index.d.ts +1 -0
- package/package.json +6 -4
- package/packages/datadog-esbuild/index.js +30 -25
- package/packages/datadog-instrumentations/src/body-parser.js +2 -2
- package/packages/datadog-instrumentations/src/cookie-parser.js +37 -0
- package/packages/datadog-instrumentations/src/express.js +1 -1
- package/packages/datadog-instrumentations/src/graphql.js +5 -0
- package/packages/datadog-instrumentations/src/helpers/hooks.js +3 -0
- package/packages/datadog-instrumentations/src/http/server.js +1 -1
- package/packages/datadog-instrumentations/src/next.js +22 -80
- package/packages/datadog-instrumentations/src/pg.js +14 -15
- package/packages/datadog-instrumentations/src/playwright.js +15 -3
- package/packages/datadog-plugin-mysql/src/index.js +2 -2
- package/packages/datadog-plugin-next/src/index.js +14 -5
- package/packages/datadog-plugin-pg/src/index.js +2 -2
- package/packages/dd-trace/src/appsec/channels.js +1 -0
- package/packages/dd-trace/src/appsec/index.js +18 -5
- package/packages/dd-trace/src/appsec/recommended.json +549 -24
- package/packages/dd-trace/src/appsec/remote_config/capabilities.js +2 -1
- package/packages/dd-trace/src/appsec/remote_config/index.js +2 -0
- package/packages/dd-trace/src/appsec/reporter.js +7 -5
- package/packages/dd-trace/src/appsec/telemetry.js +2 -2
- package/packages/dd-trace/src/appsec/waf/waf_context_wrapper.js +4 -4
- package/packages/dd-trace/src/appsec/waf/waf_manager.js +5 -4
- package/packages/dd-trace/src/ci-visibility/intelligent-test-runner/get-itr-configuration.js +1 -14
- package/packages/dd-trace/src/ci-visibility/intelligent-test-runner/get-skippable-suites.js +1 -13
- package/packages/dd-trace/src/datastreams/processor.js +6 -2
- package/packages/dd-trace/src/format.js +6 -1
- package/packages/dd-trace/src/opentracing/propagation/text_map.js +2 -2
- package/packages/dd-trace/src/opentracing/tracer.js +0 -2
- package/packages/dd-trace/src/plugin_manager.js +1 -2
- package/packages/dd-trace/src/plugins/database.js +14 -4
- package/packages/dd-trace/src/plugins/index.js +1 -0
- package/packages/dd-trace/src/plugins/outbound.js +4 -3
- package/packages/dd-trace/src/telemetry/index.js +10 -1
|
@@ -5,6 +5,7 @@ const RuleManager = require('./rule_manager')
|
|
|
5
5
|
const remoteConfig = require('./remote_config')
|
|
6
6
|
const {
|
|
7
7
|
bodyParser,
|
|
8
|
+
cookieParser,
|
|
8
9
|
graphqlFinishExecute,
|
|
9
10
|
incomingHttpRequestStart,
|
|
10
11
|
incomingHttpRequestEnd,
|
|
@@ -43,6 +44,7 @@ function enable (_config) {
|
|
|
43
44
|
incomingHttpRequestEnd.subscribe(incomingHttpEndTranslator)
|
|
44
45
|
bodyParser.subscribe(onRequestBodyParsed)
|
|
45
46
|
queryParser.subscribe(onRequestQueryParsed)
|
|
47
|
+
cookieParser.subscribe(onRequestCookieParser)
|
|
46
48
|
graphqlFinishExecute.subscribe(onGraphqlFinishExecute)
|
|
47
49
|
|
|
48
50
|
if (_config.appsec.eventTracking.enabled) {
|
|
@@ -110,12 +112,9 @@ function incomingHttpEndTranslator ({ req, res }) {
|
|
|
110
112
|
payload[addresses.HTTP_INCOMING_PARAMS] = req.params
|
|
111
113
|
}
|
|
112
114
|
|
|
115
|
+
// we need to keep this to support other cookie parsers
|
|
113
116
|
if (req.cookies && typeof req.cookies === 'object') {
|
|
114
|
-
payload[addresses.HTTP_INCOMING_COOKIES] =
|
|
115
|
-
|
|
116
|
-
for (const k of Object.keys(req.cookies)) {
|
|
117
|
-
payload[addresses.HTTP_INCOMING_COOKIES][k] = [req.cookies[k]]
|
|
118
|
-
}
|
|
117
|
+
payload[addresses.HTTP_INCOMING_COOKIES] = req.cookies
|
|
119
118
|
}
|
|
120
119
|
|
|
121
120
|
waf.run(payload, req)
|
|
@@ -151,6 +150,19 @@ function onRequestQueryParsed ({ req, res, abortController }) {
|
|
|
151
150
|
handleResults(results, req, res, rootSpan, abortController)
|
|
152
151
|
}
|
|
153
152
|
|
|
153
|
+
function onRequestCookieParser ({ req, res, abortController, cookies }) {
|
|
154
|
+
const rootSpan = web.root(req)
|
|
155
|
+
if (!rootSpan) return
|
|
156
|
+
|
|
157
|
+
if (!cookies || typeof cookies !== 'object') return
|
|
158
|
+
|
|
159
|
+
const results = waf.run({
|
|
160
|
+
[addresses.HTTP_INCOMING_COOKIES]: cookies
|
|
161
|
+
}, req)
|
|
162
|
+
|
|
163
|
+
handleResults(results, req, res, rootSpan, abortController)
|
|
164
|
+
}
|
|
165
|
+
|
|
154
166
|
function onPassportVerify ({ credentials, user }) {
|
|
155
167
|
const store = storage.getStore()
|
|
156
168
|
const rootSpan = store && store.req && web.root(store.req)
|
|
@@ -201,6 +213,7 @@ function disable () {
|
|
|
201
213
|
if (incomingHttpRequestStart.hasSubscribers) incomingHttpRequestStart.unsubscribe(incomingHttpStartTranslator)
|
|
202
214
|
if (incomingHttpRequestEnd.hasSubscribers) incomingHttpRequestEnd.unsubscribe(incomingHttpEndTranslator)
|
|
203
215
|
if (queryParser.hasSubscribers) queryParser.unsubscribe(onRequestQueryParsed)
|
|
216
|
+
if (cookieParser.hasSubscribers) cookieParser.unsubscribe(onRequestCookieParser)
|
|
204
217
|
if (passportVerify.hasSubscribers) passportVerify.unsubscribe(onPassportVerify)
|
|
205
218
|
}
|
|
206
219
|
|