Fix headers collection

Author: Strech

lib/datadog/appsec/contrib/rack/ext.rb

@@ -6,6 +6,20 @@ module Contrib
       module Rack
         # Rack integration constants
         module Ext
+          COLLECTABLE_REQUEST_HEADERS = [
+            'accept',
+            'akamai-user-risk',
+            'cf-ray',
+            'cloudfront-viewer-ja3-fingerprint',
+            'content-type',
+            'user-agent',
+            'x-amzn-trace-Id',
+            'x-appgw-trace-id',
+            'x-cloud-trace-context',
+            'x-sigsci-requestid',
+            'x-sigsci-tags'
+          ].freeze
+
           IDENTITY_COLLECTABLE_REQUEST_HEADERS = [
             'accept-encoding',
             'accept-language',

lib/datadog/appsec/contrib/rack/gateway/watcher.rb

@@ -25,6 +25,18 @@ def watch_request(gateway = Instrumentation.gateway)
                 gateway.watch('rack.request', :appsec) do |stack, gateway_request|
                   context = gateway_request.env[Datadog::AppSec::Ext::CONTEXT_KEY]
 
+                  # NOTE: We don't have a way to subscribe to the event twice and
+                  #       this is the closest place to collect request headers if
+                  #       AppSec is enabled
+                  # WARNING: The Gateway is a subject of refactoring
+                  if context.span
+                    gateway_request.headers.each do |name, value|
+                      next unless Ext::COLLECTABLE_REQUEST_HEADERS.include?(name)
+
+                      context.span["http.request.headers.#{name}"] = value
+                    end
+                  end
+
                   persistent_data = {
                     'server.request.cookies' => gateway_request.cookies,
                     'server.request.query' => gateway_request.query,