Rename RequestPatch to RequestSSRFDetectionPatch

y9v · y9v · commit 49978b97738e · 2025-02-24T12:33:12.000+01:00
diff --git a/gemfiles/ruby_3.3_rest_client_latest.gemfile.lock b/gemfiles/ruby_3.3_rest_client_latest.gemfile.lock
diff --git a/lib/datadog/appsec/contrib/rest_client/patcher.rb b/lib/datadog/appsec/contrib/rest_client/patcher.rb
@@ -17,9 +17,9 @@ def target_version
           end
 
           def patch
-            require_relative 'request_patch'
+            require_relative 'request_ssrf_detection_patch'
 
-            ::RestClient::Request.prepend(RequestPatch)
+            ::RestClient::Request.prepend(RequestSSRFDetectionPatch)
           end
         end
       end
diff --git a/lib/datadog/appsec/contrib/rest_client/request_ssrf_detection_patch.rb b/lib/datadog/appsec/contrib/rest_client/request_ssrf_detection_patch.rb
@@ -5,7 +5,7 @@ module AppSec
     module Contrib
       module RestClient
         # Module that adds SSRF detection to RestClient::Request#execute
-        module RequestPatch
+        module RequestSSRFDetectionPatch
           def execute(&block)
             return super unless AppSec.rasp_enabled? && AppSec.active_context
 
diff --git a/sig/datadog/appsec/contrib/rest_client/request_ssrf_detection_patch.rbs b/sig/datadog/appsec/contrib/rest_client/request_ssrf_detection_patch.rbs
@@ -2,7 +2,7 @@ module Datadog
   module AppSec
     module Contrib
       module RestClient
-        module RequestPatch
+        module RequestSSRFDetectionPatch
           def self?.execute: () -> void
         end
       end
diff --git a/spec/datadog/appsec/contrib/rest_client/request_ssrf_detection_patch_spec.rb b/spec/datadog/appsec/contrib/rest_client/request_ssrf_detection_patch_spec.rb
@@ -7,8 +7,6 @@
   let(:context) { instance_double(Datadog::AppSec::Context, run_rasp: waf_response) }
   let(:waf_response) { instance_double(Datadog::AppSec::SecurityEngine::Result::Ok, match?: false) }
 
-  let(:request_url) { 'http://example.com/success' }
-
   before do
     Datadog.configure do |c|
       c.appsec.enabled = true
@@ -20,7 +18,7 @@
     WebMock.disable_net_connect!(allow: agent_url)
     WebMock.enable!(allow: agent_url)
 
-    stub_request(:get, request_url).to_return(status: 200, body: 'OK')
+    stub_request(:get, 'http://example.com/success').to_return(status: 200, body: 'OK')
   end
 
   after do
@@ -35,7 +33,7 @@
     it 'does not call waf when making a request' do
       expect(Datadog::AppSec.active_context).not_to receive(:run_rasp)
 
-      RestClient.get(request_url)
+      RestClient.get('http://example.com/success')
     end
   end
 
@@ -45,7 +43,7 @@
     it 'does not call waf when making a request' do
       expect(Datadog::AppSec.active_context).not_to receive(:run_rasp)
 
-      RestClient.get(request_url)
+      RestClient.get('http://example.com/success')
     end
   end
 
@@ -64,11 +62,11 @@
         )
       )
 
-      RestClient.get(request_url)
+      RestClient.get('http://example.com/success')
     end
 
     it 'returns the http response' do
-      response = RestClient.get(request_url)
+      response = RestClient.get('http://example.com/success')
 
       expect(response.code).to eq(200)
       expect(response.body).to eq('OK')
