You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The dimfeld/httptreemux router has logic to handle trailing slashes which redirects to the URL without the trailing slash. This happens without the URL parameterized and sanitized of any sensitive information. This results in a second request being done, which is parameterized, but more importantly, it means that the first request is traced with its raw URL rather than the parametrized one. This happens because while looking up the resource with a trailing slash, the parameters are not detected.
Screenshot demonstrating this issue
Describe what you expected:
Both requests should be parametrized as shown in the screenshot below
Steps to reproduce the issue:
Call an endpoint with a trailing slash, while using the dimfeld/httptreemux.v5 router
Additional environment details (Version of Go, Operating System, etc.):
this issue is not related to an environment.
The text was updated successfully, but these errors were encountered:
laughingman-hass
changed the title
[BUG] dimfeld/httptreemux.v5: trailing slash requests are redirected with raw URL being tracked
[BUG] contrib/dimfeld/httptreemux.v5: trailing slash requests are redirected with raw URL being tracked
Oct 25, 2023
Hi @laughingman-hass! Thanks for filing this. I'm looking into this now, and will read over your PR very soon. Appreciate the details and the fix, and I'm sorry for the delay.
Version of dd-trace-go
v1.56.1
Describe what happened:
The dimfeld/httptreemux router has logic to handle trailing slashes which redirects to the URL without the trailing slash. This happens without the URL parameterized and sanitized of any sensitive information. This results in a second request being done, which is parameterized, but more importantly, it means that the first request is traced with its raw URL rather than the parametrized one. This happens because while looking up the resource with a trailing slash, the parameters are not detected.
Screenshot demonstrating this issue
Describe what you expected:
Both requests should be parametrized as shown in the screenshot below
Steps to reproduce the issue:
Call an endpoint with a trailing slash, while using the dimfeld/httptreemux.v5 router
Additional environment details (Version of Go, Operating System, etc.):
this issue is not related to an environment.
The text was updated successfully, but these errors were encountered: