Skip to content

Commit

Permalink
Replace AppSec contribs handling of WAF result
Browse files Browse the repository at this point in the history
  • Loading branch information
@Strech
Strech committed Oct 28, 2024
1 parent 7d8c8a9 commit bd4c717
Show file tree
Hide file tree
Showing 7 changed files with 26 additions and 116 deletions.
21 changes: 4 additions & 17 deletions lib/datadog/appsec/contrib/graphql/reactive/multiplex.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,23 +32,10 @@ def self.subscribe(op, waf_context)
waf_timeout = Datadog.configuration.appsec.waf_timeout
result = waf_context.run(waf_args, waf_timeout)

Datadog.logger.debug { "WAF TIMEOUT: #{result.inspect}" } if result.timeout

case result.status
when :match
Datadog.logger.debug { "WAF: #{result.inspect}" }

yield result
throw(:block, true) unless result.actions.empty?
when :ok
Datadog.logger.debug { "WAF OK: #{result.inspect}" }
when :invalid_call
Datadog.logger.debug { "WAF CALL ERROR: #{result.inspect}" }
when :invalid_rule, :invalid_flow, :no_rule
Datadog.logger.debug { "WAF RULE ERROR: #{result.inspect}" }
else
Datadog.logger.debug { "WAF UNKNOWN: #{result.status.inspect} #{result.inspect}" }
end
next if result.status != :match

yield result
throw(:block, true) unless result.actions.empty?
end
end
end
Expand Down
20 changes: 4 additions & 16 deletions lib/datadog/appsec/contrib/rack/reactive/request.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ def self.publish(op, gateway_request)
def self.subscribe(op, waf_context)
op.subscribe(*ADDRESSES) do |*values|
Datadog.logger.debug { "reacted to #{ADDRESSES.inspect}: #{values.inspect}" }

headers = values[0]
headers_no_cookies = headers.dup.tap { |h| h.delete('cookie') }
uri_raw = values[1]
Expand All @@ -54,23 +55,10 @@ def self.subscribe(op, waf_context)
waf_timeout = Datadog.configuration.appsec.waf_timeout
result = waf_context.run(waf_args, waf_timeout)

Datadog.logger.debug { "WAF TIMEOUT: #{result.inspect}" } if result.timeout

case result.status
when :match
Datadog.logger.debug { "WAF: #{result.inspect}" }
next if result.status != :match

yield result
throw(:block, true) unless result.actions.empty?
when :ok
Datadog.logger.debug { "WAF OK: #{result.inspect}" }
when :invalid_call
Datadog.logger.debug { "WAF CALL ERROR: #{result.inspect}" }
when :invalid_rule, :invalid_flow, :no_rule
Datadog.logger.debug { "WAF RULE ERROR: #{result.inspect}" }
else
Datadog.logger.debug { "WAF UNKNOWN: #{result.status.inspect} #{result.inspect}" }
end
yield result
throw(:block, true) unless result.actions.empty?
end
end
end
Expand Down
21 changes: 4 additions & 17 deletions lib/datadog/appsec/contrib/rack/reactive/request_body.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,23 +33,10 @@ def self.subscribe(op, waf_context)
waf_timeout = Datadog.configuration.appsec.waf_timeout
result = waf_context.run(waf_args, waf_timeout)

Datadog.logger.debug { "WAF TIMEOUT: #{result.inspect}" } if result.timeout

case result.status
when :match
Datadog.logger.debug { "WAF: #{result.inspect}" }

yield result
throw(:block, true) unless result.actions.empty?
when :ok
Datadog.logger.debug { "WAF OK: #{result.inspect}" }
when :invalid_call
Datadog.logger.debug { "WAF CALL ERROR: #{result.inspect}" }
when :invalid_rule, :invalid_flow, :no_rule
Datadog.logger.debug { "WAF RULE ERROR: #{result.inspect}" }
else
Datadog.logger.debug { "WAF UNKNOWN: #{result.status.inspect} #{result.inspect}" }
end
next if result.status != :match

yield result
throw(:block, true) unless result.actions.empty?
end
end
end
Expand Down
19 changes: 3 additions & 16 deletions lib/datadog/appsec/contrib/rack/reactive/response.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,23 +39,10 @@ def self.subscribe(op, waf_context)
waf_timeout = Datadog.configuration.appsec.waf_timeout
result = waf_context.run(waf_args, waf_timeout)

Datadog.logger.debug { "WAF TIMEOUT: #{result.inspect}" } if result.timeout
next if result.status != :match

case result.status
when :match
Datadog.logger.debug { "WAF: #{result.inspect}" }

yield result
throw(:block, true) unless result.actions.empty?
when :ok
Datadog.logger.debug { "WAF OK: #{result.inspect}" }
when :invalid_call
Datadog.logger.debug { "WAF CALL ERROR: #{result.inspect}" }
when :invalid_rule, :invalid_flow, :no_rule
Datadog.logger.debug { "WAF RULE ERROR: #{result.inspect}" }
else
Datadog.logger.debug { "WAF UNKNOWN: #{result.status.inspect} #{result.inspect}" }
end
yield result
throw(:block, true) unless result.actions.empty?
end
end
end
Expand Down
19 changes: 3 additions & 16 deletions lib/datadog/appsec/contrib/rails/reactive/action.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,23 +39,10 @@ def self.subscribe(op, waf_context)
waf_timeout = Datadog.configuration.appsec.waf_timeout
result = waf_context.run(waf_args, waf_timeout)

Datadog.logger.debug { "WAF TIMEOUT: #{result.inspect}" } if result.timeout
next if result.status != :match

case result.status
when :match
Datadog.logger.debug { "WAF: #{result.inspect}" }

yield result
throw(:block, true) unless result.actions.empty?
when :ok
Datadog.logger.debug { "WAF OK: #{result.inspect}" }
when :invalid_call
Datadog.logger.debug { "WAF CALL ERROR: #{result.inspect}" }
when :invalid_rule, :invalid_flow, :no_rule
Datadog.logger.debug { "WAF RULE ERROR: #{result.inspect}" }
else
Datadog.logger.debug { "WAF UNKNOWN: #{result.status.inspect} #{result.inspect}" }
end
yield result
throw(:block, true) unless result.actions.empty?
end
end
end
Expand Down
21 changes: 4 additions & 17 deletions lib/datadog/appsec/contrib/sinatra/reactive/routed.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,23 +34,10 @@ def self.subscribe(op, waf_context)
waf_timeout = Datadog.configuration.appsec.waf_timeout
result = waf_context.run(waf_args, waf_timeout)

Datadog.logger.debug { "WAF TIMEOUT: #{result.inspect}" } if result.timeout

case result.status
when :match
Datadog.logger.debug { "WAF: #{result.inspect}" }

yield result
throw(:block, true) unless result.actions.empty?
when :ok
Datadog.logger.debug { "WAF OK: #{result.inspect}" }
when :invalid_call
Datadog.logger.debug { "WAF CALL ERROR: #{result.inspect}" }
when :invalid_rule, :invalid_flow, :no_rule
Datadog.logger.debug { "WAF RULE ERROR: #{result.inspect}" }
else
Datadog.logger.debug { "WAF UNKNOWN: #{result.status.inspect} #{result.inspect}" }
end
next if result.status != :match

yield result
throw(:block, true) unless result.actions.empty?
end
end
end
Expand Down
21 changes: 4 additions & 17 deletions lib/datadog/appsec/monitor/reactive/set_user.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,23 +32,10 @@ def self.subscribe(op, waf_context)
waf_timeout = Datadog.configuration.appsec.waf_timeout
result = waf_context.run(waf_args, waf_timeout)

Datadog.logger.debug { "WAF TIMEOUT: #{result.inspect}" } if result.timeout

case result.status
when :match
Datadog.logger.debug { "WAF: #{result.inspect}" }

yield result
throw(:block, true) unless result.actions.empty?
when :ok
Datadog.logger.debug { "WAF OK: #{result.inspect}" }
when :invalid_call
Datadog.logger.debug { "WAF CALL ERROR: #{result.inspect}" }
when :invalid_rule, :invalid_flow, :no_rule
Datadog.logger.debug { "WAF RULE ERROR: #{result.inspect}" }
else
Datadog.logger.debug { "WAF UNKNOWN: #{result.status.inspect} #{result.inspect}" }
end
next if result.status != :match

yield result
throw(:block, true) unless result.actions.empty?
end
end
end
Expand Down

0 comments on commit bd4c717

Please sign in to comment.