WAF: redaction and misc changes #3498

cataphract · 2022-04-13T01:33:09Z

Implements redaction of sensitive data in the WAF reports
Changes the type of the cookie data to be a map, so that redaction can work properly on the keys.
Reports _dd.appsec.waf.version once
Reports _dd.appsec.event_rules.version on every request, rather than once.
Fixes the names of a couple of tag names.

luhenry

Approving for the changes in dd-java-agent/agent-profiling/profiling-context/src/test/java/com/datadog/profiling/context/AllocatorsTest.java.

cataphract added 6 commits April 12, 2022 16:26

WAF redaction of sensitive data

599bf04

WAF: report rules version on every request

865d3a5

Appsec: cookies are stored as map

fb94189

Spotless

8c6aea9

Report _dd.appsec.waf.version

175ecb7

Fix name of _dd.appsec.event_rules.* tags

1a08667

cataphract requested review from a team and ValentinZakharov as code owners April 13, 2022 01:33

cataphract added the comp: asm waf Application Security Management (WAF) label Apr 13, 2022

bantonsson approved these changes Apr 13, 2022

View reviewed changes

luhenry approved these changes Apr 13, 2022

View reviewed changes

ValentinZakharov approved these changes Apr 13, 2022

View reviewed changes

cataphract added 2 commits April 13, 2022 14:11

Appsec: pass transient status of data to the modules

3f0b551

Do not submit null cookies map

f3d9e2b

ValentinZakharov approved these changes Apr 14, 2022

View reviewed changes

cataphract merged commit 8d425c8 into master Apr 14, 2022

cataphract deleted the glopes/waf-misc branch April 14, 2022 11:34

github-actions bot added this to the 0.100.0 milestone Apr 14, 2022

Provide feedback