dd-trace 4.28.0 → 4.30.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CONTRIBUTING.md +98 -0
- package/README.md +8 -99
- package/ci/cypress/after-run.js +1 -0
- package/ci/cypress/after-spec.js +1 -0
- package/index.d.ts +1499 -1486
- package/package.json +3 -3
- package/packages/datadog-core/src/utils/src/get.js +11 -0
- package/packages/datadog-core/src/utils/src/has.js +14 -0
- package/packages/datadog-core/src/utils/src/set.js +16 -0
- package/packages/datadog-instrumentations/src/amqplib.js +1 -1
- package/packages/datadog-instrumentations/src/cucumber.js +157 -42
- package/packages/datadog-instrumentations/src/grpc/server.js +3 -1
- package/packages/datadog-instrumentations/src/jest.js +80 -40
- package/packages/datadog-instrumentations/src/mocha.js +4 -1
- package/packages/datadog-instrumentations/src/mongodb-core.js +34 -3
- package/packages/datadog-instrumentations/src/playwright.js +78 -16
- package/packages/datadog-plugin-amqplib/src/consumer.js +8 -4
- package/packages/datadog-plugin-amqplib/src/producer.js +3 -4
- package/packages/datadog-plugin-aws-sdk/src/base.js +3 -2
- package/packages/datadog-plugin-aws-sdk/src/services/kinesis.js +60 -57
- package/packages/datadog-plugin-aws-sdk/src/services/sns.js +42 -22
- package/packages/datadog-plugin-aws-sdk/src/services/sqs.js +64 -30
- package/packages/datadog-plugin-cucumber/src/index.js +25 -9
- package/packages/datadog-plugin-cypress/src/after-run.js +3 -0
- package/packages/datadog-plugin-cypress/src/after-spec.js +3 -0
- package/packages/datadog-plugin-cypress/src/cypress-plugin.js +625 -0
- package/packages/datadog-plugin-cypress/src/plugin.js +6 -549
- package/packages/datadog-plugin-cypress/src/support.js +50 -3
- package/packages/datadog-plugin-graphql/src/index.js +1 -1
- package/packages/datadog-plugin-graphql/src/resolve.js +10 -8
- package/packages/datadog-plugin-grpc/src/util.js +1 -1
- package/packages/datadog-plugin-jest/src/index.js +11 -2
- package/packages/datadog-plugin-kafkajs/src/consumer.js +4 -3
- package/packages/datadog-plugin-kafkajs/src/producer.js +3 -5
- package/packages/datadog-plugin-playwright/src/index.js +34 -3
- package/packages/datadog-plugin-rhea/src/consumer.js +8 -3
- package/packages/datadog-plugin-rhea/src/producer.js +3 -4
- package/packages/dd-trace/src/appsec/iast/index.js +10 -0
- package/packages/dd-trace/src/appsec/iast/taint-tracking/rewriter.js +18 -5
- package/packages/dd-trace/src/appsec/recommended.json +67 -27
- package/packages/dd-trace/src/appsec/remote_config/index.js +1 -1
- package/packages/dd-trace/src/ci-visibility/early-flake-detection/get-known-tests.js +1 -3
- package/packages/dd-trace/src/config.js +451 -459
- package/packages/dd-trace/src/data_streams_context.js +1 -1
- package/packages/dd-trace/src/datastreams/pathway.js +58 -1
- package/packages/dd-trace/src/datastreams/processor.js +3 -5
- package/packages/dd-trace/src/format.js +0 -1
- package/packages/dd-trace/src/opentracing/propagation/text_map.js +2 -2
- package/packages/dd-trace/src/opentracing/span.js +4 -4
- package/packages/dd-trace/src/plugins/util/test.js +2 -0
- package/packages/dd-trace/src/plugins/util/web.js +1 -1
- package/packages/dd-trace/src/profiling/exporters/agent.js +77 -32
- package/packages/dd-trace/src/telemetry/index.js +22 -34
- package/packages/dd-trace/src/tracer.js +3 -3
- package/register.js +4 -0
- /package/packages/{utils → datadog-core/src/utils}/src/kebabcase.js +0 -0
- /package/packages/{utils → datadog-core/src/utils}/src/pick.js +0 -0
- /package/packages/{utils → datadog-core/src/utils}/src/uniq.js +0 -0
|
@@ -18,7 +18,8 @@ const {
|
|
|
18
18
|
TEST_SOURCE_FILE,
|
|
19
19
|
TEST_IS_NEW,
|
|
20
20
|
TEST_EARLY_FLAKE_IS_RETRY,
|
|
21
|
-
TEST_EARLY_FLAKE_IS_ENABLED
|
|
21
|
+
TEST_EARLY_FLAKE_IS_ENABLED,
|
|
22
|
+
JEST_DISPLAY_NAME
|
|
22
23
|
} = require('../../dd-trace/src/plugins/util/test')
|
|
23
24
|
const { COMPONENT } = require('../../dd-trace/src/constants')
|
|
24
25
|
const id = require('../../dd-trace/src/id')
|
|
@@ -144,7 +145,7 @@ class JestPlugin extends CiPlugin {
|
|
|
144
145
|
})
|
|
145
146
|
})
|
|
146
147
|
|
|
147
|
-
this.addSub('ci:jest:test-suite:start', ({ testSuite, testEnvironmentOptions, frameworkVersion }) => {
|
|
148
|
+
this.addSub('ci:jest:test-suite:start', ({ testSuite, testEnvironmentOptions, frameworkVersion, displayName }) => {
|
|
148
149
|
const {
|
|
149
150
|
_ddTestSessionId: testSessionId,
|
|
150
151
|
_ddTestCommand: testCommand,
|
|
@@ -179,6 +180,9 @@ class JestPlugin extends CiPlugin {
|
|
|
179
180
|
if (itrCorrelationId) {
|
|
180
181
|
testSuiteMetadata[ITR_CORRELATION_ID] = itrCorrelationId
|
|
181
182
|
}
|
|
183
|
+
if (displayName) {
|
|
184
|
+
testSuiteMetadata[JEST_DISPLAY_NAME] = displayName
|
|
185
|
+
}
|
|
182
186
|
|
|
183
187
|
this.testSuiteSpan = this.tracer.startSpan('jest.test_suite', {
|
|
184
188
|
childOf: testSessionSpanContext,
|
|
@@ -308,6 +312,7 @@ class JestPlugin extends CiPlugin {
|
|
|
308
312
|
suite,
|
|
309
313
|
name,
|
|
310
314
|
runner,
|
|
315
|
+
displayName,
|
|
311
316
|
testParameters,
|
|
312
317
|
frameworkVersion,
|
|
313
318
|
testStartLine,
|
|
@@ -327,6 +332,10 @@ class JestPlugin extends CiPlugin {
|
|
|
327
332
|
// If for whatever we don't have the source file, we'll fall back to the suite name
|
|
328
333
|
extraTags[TEST_SOURCE_FILE] = testSourceFile || suite
|
|
329
334
|
|
|
335
|
+
if (displayName) {
|
|
336
|
+
extraTags[JEST_DISPLAY_NAME] = displayName
|
|
337
|
+
}
|
|
338
|
+
|
|
330
339
|
if (isNew) {
|
|
331
340
|
extraTags[TEST_IS_NEW] = 'true'
|
|
332
341
|
if (isEfdRetry) {
|
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
'use strict'
|
|
2
2
|
|
|
3
3
|
const dc = require('dc-polyfill')
|
|
4
|
-
const { getMessageSize
|
|
4
|
+
const { getMessageSize } = require('../../dd-trace/src/datastreams/processor')
|
|
5
|
+
const { DsmPathwayCodec } = require('../../dd-trace/src/datastreams/pathway')
|
|
5
6
|
const ConsumerPlugin = require('../../dd-trace/src/plugins/consumer')
|
|
6
7
|
|
|
7
8
|
const afterStartCh = dc.channel('dd-trace:kafkajs:consumer:afterStart')
|
|
@@ -77,9 +78,9 @@ class KafkajsConsumerPlugin extends ConsumerPlugin {
|
|
|
77
78
|
'kafka.partition': partition
|
|
78
79
|
}
|
|
79
80
|
})
|
|
80
|
-
if (this.config.dsmEnabled) {
|
|
81
|
+
if (this.config.dsmEnabled && message?.headers && DsmPathwayCodec.contextExists(message.headers)) {
|
|
81
82
|
const payloadSize = getMessageSize(message)
|
|
82
|
-
this.tracer.decodeDataStreamsContext(message.headers
|
|
83
|
+
this.tracer.decodeDataStreamsContext(message.headers)
|
|
83
84
|
this.tracer
|
|
84
85
|
.setCheckpoint(['direction:in', `group:${groupId}`, `topic:${topic}`, 'type:kafka'], span, payloadSize)
|
|
85
86
|
}
|
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
'use strict'
|
|
2
2
|
|
|
3
3
|
const ProducerPlugin = require('../../dd-trace/src/plugins/producer')
|
|
4
|
-
const {
|
|
5
|
-
const { getMessageSize
|
|
4
|
+
const { DsmPathwayCodec } = require('../../dd-trace/src/datastreams/pathway')
|
|
5
|
+
const { getMessageSize } = require('../../dd-trace/src/datastreams/processor')
|
|
6
6
|
|
|
7
7
|
const BOOTSTRAP_SERVERS_KEY = 'messaging.kafka.bootstrap.servers'
|
|
8
8
|
|
|
@@ -67,7 +67,6 @@ class KafkajsProducerPlugin extends ProducerPlugin {
|
|
|
67
67
|
}
|
|
68
68
|
|
|
69
69
|
start ({ topic, messages, bootstrapServers }) {
|
|
70
|
-
let pathwayCtx
|
|
71
70
|
const span = this.startSpan({
|
|
72
71
|
resource: topic,
|
|
73
72
|
meta: {
|
|
@@ -88,8 +87,7 @@ class KafkajsProducerPlugin extends ProducerPlugin {
|
|
|
88
87
|
const payloadSize = getMessageSize(message)
|
|
89
88
|
const dataStreamsContext = this.tracer
|
|
90
89
|
.setCheckpoint(['direction:out', `topic:${topic}`, 'type:kafka'], span, payloadSize)
|
|
91
|
-
|
|
92
|
-
message.headers[CONTEXT_PROPAGATION_KEY] = pathwayCtx
|
|
90
|
+
DsmPathwayCodec.encode(dataStreamsContext, message.headers)
|
|
93
91
|
}
|
|
94
92
|
}
|
|
95
93
|
}
|
|
@@ -30,11 +30,23 @@ class PlaywrightPlugin extends CiPlugin {
|
|
|
30
30
|
super(...args)
|
|
31
31
|
|
|
32
32
|
this._testSuites = new Map()
|
|
33
|
+
this.numFailedTests = 0
|
|
34
|
+
this.numFailedSuites = 0
|
|
33
35
|
|
|
34
36
|
this.addSub('ci:playwright:session:finish', ({ status, onDone }) => {
|
|
35
37
|
this.testModuleSpan.setTag(TEST_STATUS, status)
|
|
36
38
|
this.testSessionSpan.setTag(TEST_STATUS, status)
|
|
37
39
|
|
|
40
|
+
if (this.numFailedSuites > 0) {
|
|
41
|
+
let errorMessage = `Test suites failed: ${this.numFailedSuites}.`
|
|
42
|
+
if (this.numFailedTests > 0) {
|
|
43
|
+
errorMessage += ` Tests failed: ${this.numFailedTests}`
|
|
44
|
+
}
|
|
45
|
+
const error = new Error(errorMessage)
|
|
46
|
+
this.testModuleSpan.setTag('error', error)
|
|
47
|
+
this.testSessionSpan.setTag('error', error)
|
|
48
|
+
}
|
|
49
|
+
|
|
38
50
|
this.testModuleSpan.finish()
|
|
39
51
|
this.telemetry.ciVisEvent(TELEMETRY_EVENT_FINISHED, 'module')
|
|
40
52
|
this.testSessionSpan.finish()
|
|
@@ -42,6 +54,7 @@ class PlaywrightPlugin extends CiPlugin {
|
|
|
42
54
|
finishAllTraceSpans(this.testSessionSpan)
|
|
43
55
|
appClosingTelemetry()
|
|
44
56
|
this.tracer._exporter.flush(onDone)
|
|
57
|
+
this.numFailedTests = 0
|
|
45
58
|
})
|
|
46
59
|
|
|
47
60
|
this.addSub('ci:playwright:test-suite:start', (testSuiteAbsolutePath) => {
|
|
@@ -69,11 +82,21 @@ class PlaywrightPlugin extends CiPlugin {
|
|
|
69
82
|
this._testSuites.set(testSuite, testSuiteSpan)
|
|
70
83
|
})
|
|
71
84
|
|
|
72
|
-
this.addSub('ci:playwright:test-suite:finish', (status) => {
|
|
85
|
+
this.addSub('ci:playwright:test-suite:finish', ({ status, error }) => {
|
|
73
86
|
const store = storage.getStore()
|
|
74
87
|
const span = store && store.span
|
|
75
88
|
if (!span) return
|
|
76
|
-
|
|
89
|
+
if (error) {
|
|
90
|
+
span.setTag('error', error)
|
|
91
|
+
span.setTag(TEST_STATUS, 'fail')
|
|
92
|
+
} else {
|
|
93
|
+
span.setTag(TEST_STATUS, status)
|
|
94
|
+
}
|
|
95
|
+
|
|
96
|
+
if (status === 'fail' || error) {
|
|
97
|
+
this.numFailedSuites++
|
|
98
|
+
}
|
|
99
|
+
|
|
77
100
|
span.finish()
|
|
78
101
|
this.telemetry.ciVisEvent(TELEMETRY_EVENT_FINISHED, 'suite')
|
|
79
102
|
})
|
|
@@ -114,11 +137,19 @@ class PlaywrightPlugin extends CiPlugin {
|
|
|
114
137
|
if (step.error) {
|
|
115
138
|
stepSpan.setTag('error', step.error)
|
|
116
139
|
}
|
|
117
|
-
|
|
140
|
+
let stepDuration = step.duration
|
|
141
|
+
if (stepDuration <= 0 || isNaN(stepDuration)) {
|
|
142
|
+
stepDuration = 0
|
|
143
|
+
}
|
|
144
|
+
stepSpan.finish(stepStartTime + stepDuration)
|
|
118
145
|
})
|
|
119
146
|
|
|
120
147
|
span.finish()
|
|
121
148
|
|
|
149
|
+
if (testStatus === 'fail') {
|
|
150
|
+
this.numFailedTests++
|
|
151
|
+
}
|
|
152
|
+
|
|
122
153
|
this.telemetry.ciVisEvent(
|
|
123
154
|
TELEMETRY_EVENT_FINISHED,
|
|
124
155
|
'test',
|
|
@@ -2,7 +2,8 @@
|
|
|
2
2
|
|
|
3
3
|
const ConsumerPlugin = require('../../dd-trace/src/plugins/consumer')
|
|
4
4
|
const { storage } = require('../../datadog-core')
|
|
5
|
-
const { getAmqpMessageSize
|
|
5
|
+
const { getAmqpMessageSize } = require('../../dd-trace/src/datastreams/processor')
|
|
6
|
+
const { DsmPathwayCodec } = require('../../dd-trace/src/datastreams/pathway')
|
|
6
7
|
|
|
7
8
|
class RheaConsumerPlugin extends ConsumerPlugin {
|
|
8
9
|
static get id () { return 'rhea' }
|
|
@@ -31,11 +32,15 @@ class RheaConsumerPlugin extends ConsumerPlugin {
|
|
|
31
32
|
}
|
|
32
33
|
})
|
|
33
34
|
|
|
34
|
-
if (
|
|
35
|
+
if (
|
|
36
|
+
this.config.dsmEnabled &&
|
|
37
|
+
msgObj?.message?.delivery_annotations &&
|
|
38
|
+
DsmPathwayCodec.contextExists(msgObj.message.delivery_annotations)
|
|
39
|
+
) {
|
|
35
40
|
const payloadSize = getAmqpMessageSize(
|
|
36
41
|
{ headers: msgObj.message.delivery_annotations, content: msgObj.message.body }
|
|
37
42
|
)
|
|
38
|
-
this.tracer.decodeDataStreamsContext(msgObj.message.delivery_annotations
|
|
43
|
+
this.tracer.decodeDataStreamsContext(msgObj.message.delivery_annotations)
|
|
39
44
|
this.tracer
|
|
40
45
|
.setCheckpoint(['direction:in', `topic:${name}`, 'type:rabbitmq'], span, payloadSize)
|
|
41
46
|
}
|
|
@@ -2,8 +2,8 @@
|
|
|
2
2
|
|
|
3
3
|
const { CLIENT_PORT_KEY } = require('../../dd-trace/src/constants')
|
|
4
4
|
const ProducerPlugin = require('../../dd-trace/src/plugins/producer')
|
|
5
|
-
const {
|
|
6
|
-
const { getAmqpMessageSize
|
|
5
|
+
const { DsmPathwayCodec } = require('../../dd-trace/src/datastreams/pathway')
|
|
6
|
+
const { getAmqpMessageSize } = require('../../dd-trace/src/datastreams/processor')
|
|
7
7
|
|
|
8
8
|
class RheaProducerPlugin extends ProducerPlugin {
|
|
9
9
|
static get id () { return 'rhea' }
|
|
@@ -44,8 +44,7 @@ function addDeliveryAnnotations (msg, tracer, span) {
|
|
|
44
44
|
const payloadSize = getAmqpMessageSize({ content: msg.body, headers: msg.delivery_annotations })
|
|
45
45
|
const dataStreamsContext = tracer
|
|
46
46
|
.setCheckpoint(['direction:out', `exchange:${targetName}`, 'type:rabbitmq'], span, payloadSize)
|
|
47
|
-
|
|
48
|
-
msg.delivery_annotations[CONTEXT_PROPAGATION_KEY] = pathwayCtx
|
|
47
|
+
DsmPathwayCodec.encode(dataStreamsContext, msg.delivery_annotations)
|
|
49
48
|
}
|
|
50
49
|
}
|
|
51
50
|
}
|
|
@@ -21,7 +21,11 @@ const requestStart = dc.channel('dd-trace:incomingHttpRequestStart')
|
|
|
21
21
|
const requestClose = dc.channel('dd-trace:incomingHttpRequestEnd')
|
|
22
22
|
const iastResponseEnd = dc.channel('datadog:iast:response-end')
|
|
23
23
|
|
|
24
|
+
let isEnabled = false
|
|
25
|
+
|
|
24
26
|
function enable (config, _tracer) {
|
|
27
|
+
if (isEnabled) return
|
|
28
|
+
|
|
25
29
|
iastTelemetry.configure(config, config.iast?.telemetryVerbosity)
|
|
26
30
|
enableAllAnalyzers(config)
|
|
27
31
|
enableTaintTracking(config.iast, iastTelemetry.verbosity)
|
|
@@ -30,9 +34,15 @@ function enable (config, _tracer) {
|
|
|
30
34
|
overheadController.configure(config.iast)
|
|
31
35
|
overheadController.startGlobalContext()
|
|
32
36
|
vulnerabilityReporter.start(config, _tracer)
|
|
37
|
+
|
|
38
|
+
isEnabled = true
|
|
33
39
|
}
|
|
34
40
|
|
|
35
41
|
function disable () {
|
|
42
|
+
if (!isEnabled) return
|
|
43
|
+
|
|
44
|
+
isEnabled = false
|
|
45
|
+
|
|
36
46
|
iastTelemetry.stop()
|
|
37
47
|
disableAllAnalyzers()
|
|
38
48
|
disableTaintTracking()
|
|
@@ -65,16 +65,18 @@ function getRewriter (telemetryVerbosity) {
|
|
|
65
65
|
return rewriter
|
|
66
66
|
}
|
|
67
67
|
|
|
68
|
-
let originalPrepareStackTrace
|
|
68
|
+
let originalPrepareStackTrace
|
|
69
|
+
let actualPrepareStackTrace
|
|
69
70
|
function getPrepareStackTraceAccessor () {
|
|
70
|
-
|
|
71
|
+
originalPrepareStackTrace = Error.prepareStackTrace
|
|
72
|
+
actualPrepareStackTrace = getPrepareStackTrace(originalPrepareStackTrace)
|
|
71
73
|
return {
|
|
72
74
|
configurable: true,
|
|
73
75
|
get () {
|
|
74
|
-
return
|
|
76
|
+
return actualPrepareStackTrace
|
|
75
77
|
},
|
|
76
78
|
set (value) {
|
|
77
|
-
|
|
79
|
+
actualPrepareStackTrace = getPrepareStackTrace(value)
|
|
78
80
|
originalPrepareStackTrace = value
|
|
79
81
|
}
|
|
80
82
|
}
|
|
@@ -121,7 +123,18 @@ function enableRewriter (telemetryVerbosity) {
|
|
|
121
123
|
|
|
122
124
|
function disableRewriter () {
|
|
123
125
|
shimmer.unwrap(Module.prototype, '_compile')
|
|
124
|
-
|
|
126
|
+
|
|
127
|
+
if (!actualPrepareStackTrace) return
|
|
128
|
+
|
|
129
|
+
try {
|
|
130
|
+
delete Error.prepareStackTrace
|
|
131
|
+
|
|
132
|
+
Error.prepareStackTrace = originalPrepareStackTrace
|
|
133
|
+
|
|
134
|
+
actualPrepareStackTrace = undefined
|
|
135
|
+
} catch (e) {
|
|
136
|
+
iastLog.warn(e)
|
|
137
|
+
}
|
|
125
138
|
}
|
|
126
139
|
|
|
127
140
|
function getOriginalPathAndLineFromSourceMap ({ path, line, column }) {
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": "2.2",
|
|
3
3
|
"metadata": {
|
|
4
|
-
"rules_version": "1.
|
|
4
|
+
"rules_version": "1.11.0"
|
|
5
5
|
},
|
|
6
6
|
"rules": [
|
|
7
7
|
{
|
|
@@ -141,7 +141,10 @@
|
|
|
141
141
|
"appscan_fingerprint",
|
|
142
142
|
"w00tw00t.at.isc.sans.dfind",
|
|
143
143
|
"w00tw00t.at.blackhats.romanian.anti-sec"
|
|
144
|
-
]
|
|
144
|
+
],
|
|
145
|
+
"options": {
|
|
146
|
+
"enforce_word_boundary": true
|
|
147
|
+
}
|
|
145
148
|
},
|
|
146
149
|
"operator": "phrase_match"
|
|
147
150
|
}
|
|
@@ -1778,7 +1781,10 @@
|
|
|
1778
1781
|
"windows\\win.ini",
|
|
1779
1782
|
"default\\ntuser.dat",
|
|
1780
1783
|
"/var/run/secrets/kubernetes.io/serviceaccount"
|
|
1781
|
-
]
|
|
1784
|
+
],
|
|
1785
|
+
"options": {
|
|
1786
|
+
"enforce_word_boundary": true
|
|
1787
|
+
}
|
|
1782
1788
|
},
|
|
1783
1789
|
"operator": "phrase_match"
|
|
1784
1790
|
}
|
|
@@ -1895,6 +1901,9 @@
|
|
|
1895
1901
|
"address": "graphql.server.resolver"
|
|
1896
1902
|
}
|
|
1897
1903
|
],
|
|
1904
|
+
"options": {
|
|
1905
|
+
"enforce_word_boundary": true
|
|
1906
|
+
},
|
|
1898
1907
|
"list": [
|
|
1899
1908
|
"${cdpath}",
|
|
1900
1909
|
"${dirstack}",
|
|
@@ -2471,7 +2480,10 @@
|
|
|
2471
2480
|
"settings.local.php",
|
|
2472
2481
|
"local.xml",
|
|
2473
2482
|
".env"
|
|
2474
|
-
]
|
|
2483
|
+
],
|
|
2484
|
+
"options": {
|
|
2485
|
+
"enforce_word_boundary": true
|
|
2486
|
+
}
|
|
2475
2487
|
},
|
|
2476
2488
|
"operator": "phrase_match"
|
|
2477
2489
|
}
|
|
@@ -2567,6 +2579,9 @@
|
|
|
2567
2579
|
"address": "graphql.server.resolver"
|
|
2568
2580
|
}
|
|
2569
2581
|
],
|
|
2582
|
+
"options": {
|
|
2583
|
+
"enforce_word_boundary": true
|
|
2584
|
+
},
|
|
2570
2585
|
"list": [
|
|
2571
2586
|
"$globals",
|
|
2572
2587
|
"$_cookie",
|
|
@@ -2765,7 +2780,10 @@
|
|
|
2765
2780
|
"wp_safe_remote_post",
|
|
2766
2781
|
"wp_safe_remote_request",
|
|
2767
2782
|
"zlib_decode"
|
|
2768
|
-
]
|
|
2783
|
+
],
|
|
2784
|
+
"options": {
|
|
2785
|
+
"enforce_word_boundary": true
|
|
2786
|
+
}
|
|
2769
2787
|
},
|
|
2770
2788
|
"operator": "phrase_match"
|
|
2771
2789
|
}
|
|
@@ -2980,9 +2998,6 @@
|
|
|
2980
2998
|
{
|
|
2981
2999
|
"address": "server.request.path_params"
|
|
2982
3000
|
},
|
|
2983
|
-
{
|
|
2984
|
-
"address": "grpc.server.request.message"
|
|
2985
|
-
},
|
|
2986
3001
|
{
|
|
2987
3002
|
"address": "graphql.server.all_resolvers"
|
|
2988
3003
|
},
|
|
@@ -3037,9 +3052,6 @@
|
|
|
3037
3052
|
{
|
|
3038
3053
|
"address": "server.request.path_params"
|
|
3039
3054
|
},
|
|
3040
|
-
{
|
|
3041
|
-
"address": "grpc.server.request.message"
|
|
3042
|
-
},
|
|
3043
3055
|
{
|
|
3044
3056
|
"address": "graphql.server.all_resolvers"
|
|
3045
3057
|
},
|
|
@@ -3271,6 +3283,9 @@
|
|
|
3271
3283
|
"address": "graphql.server.resolver"
|
|
3272
3284
|
}
|
|
3273
3285
|
],
|
|
3286
|
+
"options": {
|
|
3287
|
+
"enforce_word_boundary": true
|
|
3288
|
+
},
|
|
3274
3289
|
"list": [
|
|
3275
3290
|
"document.cookie",
|
|
3276
3291
|
"document.write",
|
|
@@ -3546,9 +3561,6 @@
|
|
|
3546
3561
|
{
|
|
3547
3562
|
"address": "server.request.path_params"
|
|
3548
3563
|
},
|
|
3549
|
-
{
|
|
3550
|
-
"address": "grpc.server.request.message"
|
|
3551
|
-
},
|
|
3552
3564
|
{
|
|
3553
3565
|
"address": "graphql.server.all_resolvers"
|
|
3554
3566
|
},
|
|
@@ -3863,9 +3875,6 @@
|
|
|
3863
3875
|
{
|
|
3864
3876
|
"address": "server.request.path_params"
|
|
3865
3877
|
},
|
|
3866
|
-
{
|
|
3867
|
-
"address": "grpc.server.request.message"
|
|
3868
|
-
},
|
|
3869
3878
|
{
|
|
3870
3879
|
"address": "graphql.server.all_resolvers"
|
|
3871
3880
|
},
|
|
@@ -4454,7 +4463,10 @@
|
|
|
4454
4463
|
"org.apache.struts2",
|
|
4455
4464
|
"org.omg.corba",
|
|
4456
4465
|
"java.beans.xmldecode"
|
|
4457
|
-
]
|
|
4466
|
+
],
|
|
4467
|
+
"options": {
|
|
4468
|
+
"enforce_word_boundary": true
|
|
4469
|
+
}
|
|
4458
4470
|
},
|
|
4459
4471
|
"operator": "phrase_match"
|
|
4460
4472
|
}
|
|
@@ -4581,9 +4593,6 @@
|
|
|
4581
4593
|
{
|
|
4582
4594
|
"address": "server.request.path_params"
|
|
4583
4595
|
},
|
|
4584
|
-
{
|
|
4585
|
-
"address": "grpc.server.request.message"
|
|
4586
|
-
},
|
|
4587
4596
|
{
|
|
4588
4597
|
"address": "graphql.server.all_resolvers"
|
|
4589
4598
|
},
|
|
@@ -5342,6 +5351,40 @@
|
|
|
5342
5351
|
],
|
|
5343
5352
|
"transformers": []
|
|
5344
5353
|
},
|
|
5354
|
+
{
|
|
5355
|
+
"id": "dog-920-001",
|
|
5356
|
+
"name": "JWT authentication bypass",
|
|
5357
|
+
"tags": {
|
|
5358
|
+
"type": "http_protocol_violation",
|
|
5359
|
+
"category": "attack_attempt",
|
|
5360
|
+
"cwe": "287",
|
|
5361
|
+
"capec": "1000/225/115",
|
|
5362
|
+
"confidence": "0"
|
|
5363
|
+
},
|
|
5364
|
+
"conditions": [
|
|
5365
|
+
{
|
|
5366
|
+
"parameters": {
|
|
5367
|
+
"inputs": [
|
|
5368
|
+
{
|
|
5369
|
+
"address": "server.request.cookies"
|
|
5370
|
+
},
|
|
5371
|
+
{
|
|
5372
|
+
"address": "server.request.headers.no_cookies",
|
|
5373
|
+
"key_path": [
|
|
5374
|
+
"authorization"
|
|
5375
|
+
]
|
|
5376
|
+
}
|
|
5377
|
+
],
|
|
5378
|
+
"regex": "^(?:Bearer )?ey[A-Za-z0-9+_\\-/]*([QY][UW]x[Hn]Ij([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gOiAi[Tb][km]9[Ou][RZ][Q-Za-f]|[QY][UW]x[Hn]Ij([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ciID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]IDogI[km]5[Pv][Tb][km][U-X]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[QY][UW]x[Hn]IiA6ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]IDoi[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]Ij([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gOiAi[Tb][km]9[Ou][RZ][Q-Za-f]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ciOiAi[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*IDogI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]IDogI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]yIgO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ciIDoi[Tb][km]9[Ou][RZ][Q-Za-f]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*IDogI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]yIgOiJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ciO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]IDoi[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ciID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]IDogI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]yI6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]yI6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]IiA6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*IDogI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]yIgO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]Ij([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ciOiJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*IDoi[Tb][km]9[Ou][RZ][Q-Za-f]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gOiJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ciO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]yIgOiAi[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]IDoi[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ciID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]IjogI[km]5[Pv][Tb][km][U-X]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ciO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[QY][UW]x[Hn]IiA6I[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ciID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6I[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]yI6I[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]yI6ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ciIDogI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[QY][UW]x[Hn]IiA6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]IiA6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*IDoi[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ciO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6I[km]5[Pv][Tb][km][U-X]|[QY][UW]x[Hn]IiA6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]yI6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]yIgO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gOiJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]yIgO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*IDoi[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6I[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gOiJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]Ijoi[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gOiAi[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]yI6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f])[A-Za-z0-9+-/]*\\.[A-Za-z0-9+_\\-/]+\\.(?:[A-Za-z0-9+_\\-/]+)?$",
|
|
5379
|
+
"options": {
|
|
5380
|
+
"case_sensitive": true
|
|
5381
|
+
}
|
|
5382
|
+
},
|
|
5383
|
+
"operator": "match_regex"
|
|
5384
|
+
}
|
|
5385
|
+
],
|
|
5386
|
+
"transformers": []
|
|
5387
|
+
},
|
|
5345
5388
|
{
|
|
5346
5389
|
"id": "dog-931-001",
|
|
5347
5390
|
"name": "RFI: URL Payload to well known RFI target",
|
|
@@ -5603,6 +5646,9 @@
|
|
|
5603
5646
|
{
|
|
5604
5647
|
"operator": "phrase_match",
|
|
5605
5648
|
"parameters": {
|
|
5649
|
+
"options": {
|
|
5650
|
+
"enforce_word_boundary": true
|
|
5651
|
+
},
|
|
5606
5652
|
"inputs": [
|
|
5607
5653
|
{
|
|
5608
5654
|
"address": "server.request.uri.raw"
|
|
@@ -6606,9 +6652,6 @@
|
|
|
6606
6652
|
{
|
|
6607
6653
|
"address": "server.request.headers.no_cookies"
|
|
6608
6654
|
},
|
|
6609
|
-
{
|
|
6610
|
-
"address": "grpc.server.request.message"
|
|
6611
|
-
},
|
|
6612
6655
|
{
|
|
6613
6656
|
"address": "graphql.server.all_resolvers"
|
|
6614
6657
|
},
|
|
@@ -6654,9 +6697,6 @@
|
|
|
6654
6697
|
{
|
|
6655
6698
|
"address": "server.request.headers.no_cookies"
|
|
6656
6699
|
},
|
|
6657
|
-
{
|
|
6658
|
-
"address": "grpc.server.request.message"
|
|
6659
|
-
},
|
|
6660
6700
|
{
|
|
6661
6701
|
"address": "graphql.server.all_resolvers"
|
|
6662
6702
|
},
|
|
@@ -60,7 +60,7 @@ function enableOrDisableAppsec (action, rcConfig, config) {
|
|
|
60
60
|
}
|
|
61
61
|
|
|
62
62
|
function enableWafUpdate (appsecConfig) {
|
|
63
|
-
if (rc && appsecConfig && !appsecConfig.
|
|
63
|
+
if (rc && appsecConfig && !appsecConfig.rules) {
|
|
64
64
|
// dirty require to make startup faster for serverless
|
|
65
65
|
const RuleManager = require('../rule_manager')
|
|
66
66
|
|
|
@@ -1,6 +1,5 @@
|
|
|
1
1
|
const request = require('../../exporters/common/request')
|
|
2
2
|
const id = require('../../id')
|
|
3
|
-
const log = require('../../log')
|
|
4
3
|
|
|
5
4
|
function getKnownTests ({
|
|
6
5
|
url,
|
|
@@ -70,8 +69,7 @@ function getKnownTests ({
|
|
|
70
69
|
done(err)
|
|
71
70
|
} else {
|
|
72
71
|
try {
|
|
73
|
-
const { data: { attributes: {
|
|
74
|
-
log.debug(() => `Number of received known tests: ${Object.keys(knownTests).length}`)
|
|
72
|
+
const { data: { attributes: { tests: knownTests } } } = JSON.parse(res)
|
|
75
73
|
done(null, knownTests)
|
|
76
74
|
} catch (err) {
|
|
77
75
|
done(err)
|