diff --git a/dd-java-agent/agent-iast/src/main/java/com/datadog/iast/sink/HstsMissingHeaderModuleImpl.java b/dd-java-agent/agent-iast/src/main/java/com/datadog/iast/sink/HstsMissingHeaderModuleImpl.java index a09e20895be..c96247c8870 100644 --- a/dd-java-agent/agent-iast/src/main/java/com/datadog/iast/sink/HstsMissingHeaderModuleImpl.java +++ b/dd-java-agent/agent-iast/src/main/java/com/datadog/iast/sink/HstsMissingHeaderModuleImpl.java @@ -9,7 +9,6 @@ import datadog.trace.api.iast.IastContext; import datadog.trace.api.iast.sink.HstsMissingHeaderModule; import datadog.trace.bootstrap.instrumentation.api.AgentSpan; -import datadog.trace.bootstrap.instrumentation.api.AgentTracer; import java.util.Locale; import java.util.Map; import java.util.regex.Matcher; @@ -49,7 +48,7 @@ public void onRequestEnd(final IastContext ctx, final IGSpanInfo igSpanInfo) { if (!isHttps(urlString, iastRequestContext.getxForwardedProto())) { return; } - final AgentSpan span = AgentTracer.activeSpan(); + final AgentSpan span = (AgentSpan) igSpanInfo; report( span, new Vulnerability(VulnerabilityType.HSTS_HEADER_MISSING, Location.forSpan(span))); } catch (Throwable e) { diff --git a/dd-java-agent/agent-iast/src/main/java/com/datadog/iast/sink/XContentTypeModuleImpl.java b/dd-java-agent/agent-iast/src/main/java/com/datadog/iast/sink/XContentTypeModuleImpl.java index 8bc416b91f1..d9815bfd5e6 100644 --- a/dd-java-agent/agent-iast/src/main/java/com/datadog/iast/sink/XContentTypeModuleImpl.java +++ b/dd-java-agent/agent-iast/src/main/java/com/datadog/iast/sink/XContentTypeModuleImpl.java @@ -9,7 +9,6 @@ import datadog.trace.api.iast.IastContext; import datadog.trace.api.iast.sink.XContentTypeModule; import datadog.trace.bootstrap.instrumentation.api.AgentSpan; -import datadog.trace.bootstrap.instrumentation.api.AgentTracer; import java.util.Locale; import java.util.Map; import javax.annotation.Nullable; @@ -38,7 +37,7 @@ public void onRequestEnd(final IastContext ctx, final IGSpanInfo igSpanInfo) { if (isIgnorableResponseCode((Integer) tags.get("http.status_code"))) { return; } - final AgentSpan span = AgentTracer.activeSpan(); + final AgentSpan span = (AgentSpan) igSpanInfo; report( span, new Vulnerability(