Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

appsec: early blocking response #2981

Draft
wants to merge 3 commits into
base: main
Choose a base branch
from
Draft

Conversation

eliottness
Copy link
Contributor

What does this PR do?

  • New Block() method in httptrace.responseWriter
  • Remove dangling generator in contrib/net/http
  • Rework blocking actions to use the Block() response writer method
  • Move the call to the blocking handler directly in the OnData for HTTPAction method instead of calling it the end of the user request handler

Motivation

This PR fixes issues we (and users) can encoutered in two cases:

  • if a blocking decision happens too late and the the response writer was already written to. Previously it would create a malformed request, now it does nothing.
  • If after a blocking decision was taken, and for some reason the user code tries to continue writing on the writer;

Reviewer's Checklist

  • Changed code has unit tests for its functionality at or near 100% coverage.
  • System-Tests covering this feature have been added and enabled with the va.b.c-dev version tag.
  • There is a benchmark for any new code, or changes to existing code.
  • If this interacts with the agent in a new way, a system test has been added.
  • Add an appropriate team label so this PR gets put in the right place for the release notes.
  • Non-trivial go.mod changes, e.g. adding new modules, are reviewed by @DataDog/dd-trace-go-guild.

Unsure? Have a question? Request a review!

…s to Write and WriteHeader

Signed-off-by: Eliott Bouhana <eliott.bouhana@datadoghq.com>
@github-actions github-actions bot added the apm:ecosystem contrib/* related feature requests or bugs label Nov 14, 2024
Signed-off-by: Eliott Bouhana <eliott.bouhana@datadoghq.com>
@eliottness eliottness force-pushed the eliottness/better-blocking branch from 8f68d18 to be7d55b Compare November 14, 2024 17:25
@eliottness eliottness marked this pull request as ready for review November 14, 2024 17:25
@eliottness eliottness requested review from a team as code owners November 14, 2024 17:25
@eliottness eliottness marked this pull request as draft November 15, 2024 12:10
Signed-off-by: Eliott Bouhana <eliott.bouhana@datadoghq.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
apm:ecosystem contrib/* related feature requests or bugs appsec
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant