Skip to content

Commit

Permalink
Compress and encode schema information
Browse files Browse the repository at this point in the history
  • Loading branch information
@GustavoCaso
GustavoCaso committed Oct 3, 2023
1 parent 6a3a9e7 commit 8c52213
Show file tree
Hide file tree
Showing 4 changed files with 29 additions and 3 deletions.
1 change: 1 addition & 0 deletions Steepfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -619,6 +619,7 @@ target :ddtrace do
library 'securerandom'
library 'base64'
library 'digest'
library 'zlib'

repo_path 'vendor/rbs'
library 'cucumber'
Expand Down
14 changes: 13 additions & 1 deletion lib/datadog/appsec/event.rb
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
require 'json'
require 'zlib'
require 'base64'

require_relative 'rate_limiter'

Expand Down Expand Up @@ -34,6 +36,8 @@ module Event
Content-Language
].map!(&:downcase).freeze

MAX_ENCODED_SCHEMA_SIZE = 25000

# Record events for a trace
#
# This is expected to be called only once per trace for the rate limiter
Expand Down Expand Up @@ -110,7 +114,15 @@ def self.build_service_entry_tags(event_group)
tags['_dd.appsec.triggers'] += waf_result.events

waf_result.derivatives.each do |key, value|
tags[key] = JSON.dump(value)
data = Base64.encode64(Zlib.gzip(JSON.dump(value)))

if data.size >= MAX_ENCODED_SCHEMA_SIZE
Datadog.logger.debug do
"Schema key: #{key} exceed max size value. We do not include it as part of the span tags"
end
next
end
tags[key] = data
end

tags
Expand Down
2 changes: 2 additions & 0 deletions sig/datadog/appsec/event.rbs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@ module Datadog

ALLOWED_RESPONSE_HEADERS: untyped

MAX_ENCODED_SCHEMA_SIZE: Numeric

def self.record: (Datadog::Tracing::SpanOperation, *untyped events) -> (nil | untyped)

def self.record_via_span: (Datadog::Tracing::SpanOperation, *untyped events) -> untyped
Expand Down
15 changes: 13 additions & 2 deletions spec/datadog/appsec/event_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -112,9 +112,20 @@
}
end

it 'adds derivatives to the top level span meta' do
it 'adds derivatives after comporessing and encode to Base64 to the top level span meta' do
meta = top_level_span.meta
expect(meta['_dd.appsec.s.req.headers']).to eq JSON.dump([{ 'host' => [8], 'version' => [8] }])
result = Base64.encode64(Zlib.gzip(JSON.dump([{ 'host' => [8], 'version' => [8] }])))

expect(meta['_dd.appsec.s.req.headers']).to eq result
end

context 'derivative values exceed Event::MAX_ENCODED_SCHEMA_SIZE value' do
it 'do not add derivative key to meta' do
stub_const('Datadog::AppSec::Event::MAX_ENCODED_SCHEMA_SIZE', 1)
meta = top_level_span.meta

expect(meta['_dd.appsec.s.req.headers']).to be_nil
end
end
end
end
Expand Down

0 comments on commit 8c52213

Please sign in to comment.