New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
appsec: support server.response.headers.no_cookies WAF address #2347
appsec: support server.response.headers.no_cookies WAF address #2347
Conversation
BenchmarksBenchmark execution time: 2023-11-22 09:51:29 Comparing candidate commit e15864a in PR branch Found 0 performance improvements and 0 performance regressions! Performance is the same for 40 metrics, 1 unstable metrics. |
1ac6f7b
to
fa0edaa
Compare
3addde9
to
f911c59
Compare
dbaa2fc
to
2aca4bc
Compare
System Tests Pipeline https://github.com/DataDog/dd-trace-go/actions/runs/6904287826 |
f911c59
to
3502eeb
Compare
3502eeb
to
9dd83eb
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 👍
Signed-off-by: Eliott Bouhana <eliott.bouhana@datadoghq.com>
Signed-off-by: Eliott Bouhana <eliott.bouhana@datadoghq.com>
9dd83eb
to
e15864a
Compare
What does this PR do?
Adds a field to
HandlerOperationRes
inappsec/internal/dyngo/instrumentation/httpsec/http.go
for response headers and send them to the WAF inappsec/internal/waf.go
Motivation
API Security is around the corner and we need to build support schemas for user responses. As such, two new addresses were created:
server.response.headers.no_cookies
server.response.body
This PR does half the job since the second address will be tricker to implement.
Reviewer's Checklist
For Datadog employees:
@DataDog/security-design-and-guidance
.Unsure? Have a question? Request a review!