Documentation ¶
Overview ¶
Package httpsec defines is the HTTP instrumentation API and contract for AppSec. It defines an abstract representation of HTTP handlers, along with helper functions to wrap (aka. instrument) standard net/http handlers. HTTP integrations must use this package to enable AppSec features for HTTP, which listens to this package's operation events.
Index ¶
- func ClientIP(hdrs map[string][]string, hasCanonicalMIMEHeaderKeys bool, remoteAddr string) (remoteIP, clientIP instrumentation.NetaddrIP)
- func ClientIPTags(hdrs map[string][]string, hasCanonicalMIMEHeaderKeys bool, remoteAddr string) (tags map[string]string, clientIP instrumentation.NetaddrIP)
- func MonitorParsedBody(ctx context.Context, body interface{})
- func NormalizeHTTPHeaders(headers map[string][]string) (normalized map[string]string)
- func SetSecurityEventTags(span instrumentation.TagSetter, events []json.RawMessage, ...)
- func WrapHandler(handler http.Handler, span ddtrace.Span, pathParams map[string]string) http.Handler
- type Action
- type ActionsHandler
- type BlockRequestAction
- type HandlerOperationArgs
- type HandlerOperationRes
- type OnHandlerOperationFinish
- type OnHandlerOperationStart
- type OnSDKBodyOperationFinish
- type OnSDKBodyOperationStart
- type Operation
- type SDKBodyOperation
- type SDKBodyOperationArgs
- type SDKBodyOperationRes
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ClientIP ¶ added in v1.49.0
func ClientIP(hdrs map[string][]string, hasCanonicalMIMEHeaderKeys bool, remoteAddr string) (remoteIP, clientIP instrumentation.NetaddrIP)
ClientIP returns the first public IP address found in the given headers. If none is present, it returns the first valid IP address present, possibly being a local IP address. The remote address, when valid, is used as fallback when no IP address has been found at all.
func ClientIPTags ¶ added in v1.45.0
func ClientIPTags(hdrs map[string][]string, hasCanonicalMIMEHeaderKeys bool, remoteAddr string) (tags map[string]string, clientIP instrumentation.NetaddrIP)
ClientIPTags returns the resulting Datadog span tags `http.client_ip` containing the client IP and `network.client.ip` containing the remote IP. The tags are present only if a valid ip address has been returned by ClientIP().
func MonitorParsedBody ¶ added in v1.37.0
MonitorParsedBody starts and finishes the SDK body operation. This function should not be called when AppSec is disabled in order to get preciser error logs.
func NormalizeHTTPHeaders ¶ added in v1.36.0
NormalizeHTTPHeaders returns the HTTP headers following Datadog's normalization format.
func SetSecurityEventTags ¶ added in v1.36.0
func SetSecurityEventTags(span instrumentation.TagSetter, events []json.RawMessage, headers, respHeaders map[string][]string)
SetSecurityEventTags sets the AppSec-specific span tags when a security event occurred into the service entry span.
Types ¶
type Action ¶ added in v1.45.0
type Action interface {
// contains filtered or unexported methods
}
Action is used to identify any action kind
type ActionsHandler ¶ added in v1.45.0
type ActionsHandler struct {
// contains filtered or unexported fields
}
ActionsHandler handles actions registration and their application to operations
func NewActionsHandler ¶ added in v1.45.0
func NewActionsHandler() *ActionsHandler
NewActionsHandler returns an action handler holding the default ASM actions. Currently, only the default "block" action is supported
func (*ActionsHandler) Apply ¶ added in v1.45.0
func (h *ActionsHandler) Apply(id string, op *Operation) bool
Apply applies the action identified by `id` for the given operation Returns true if the applied action will interrupt the request flow (block, redirect, etc...)
func (*ActionsHandler) RegisterAction ¶ added in v1.45.0
func (h *ActionsHandler) RegisterAction(id string, a Action)
RegisterAction registers a specific action to the handler. If the action kind is unknown the action will not be registered
type BlockRequestAction ¶ added in v1.45.0
type BlockRequestAction struct {
// contains filtered or unexported fields
}
BlockRequestAction is the action that holds the HTTP handler to use to block the request
func NewBlockRequestAction ¶ added in v1.45.0
func NewBlockRequestAction(status int, template string) BlockRequestAction
NewBlockRequestAction creates, initializes and returns a new BlockRequestAction
type HandlerOperationArgs ¶
type HandlerOperationArgs struct { // RequestURI corresponds to the address `server.request.uri.raw` RequestURI string // Headers corresponds to the address `server.request.headers.no_cookies` Headers map[string][]string // Cookies corresponds to the address `server.request.cookies` Cookies map[string][]string // Query corresponds to the address `server.request.query` Query map[string][]string // PathParams corresponds to the address `server.request.path_params` PathParams map[string]string // ClientIP corresponds to the addres `http.client_ip` ClientIP instrumentation.NetaddrIP }
HandlerOperationArgs is the HTTP handler operation arguments.
func MakeHandlerOperationArgs ¶
func MakeHandlerOperationArgs(r *http.Request, clientIP instrumentation.NetaddrIP, pathParams map[string]string) HandlerOperationArgs
MakeHandlerOperationArgs creates the HandlerOperationArgs out of a standard http.Request along with the given current span. It returns an empty structure when appsec is disabled.
type HandlerOperationRes ¶
type HandlerOperationRes struct { // Status corresponds to the address `server.response.status`. Status int }
HandlerOperationRes is the HTTP handler operation results.
type OnHandlerOperationFinish ¶
type OnHandlerOperationFinish func(*Operation, HandlerOperationRes)
OnHandlerOperationFinish function type, called when an HTTP handler operation finishes.
func (OnHandlerOperationFinish) Call ¶
func (f OnHandlerOperationFinish) Call(op dyngo.Operation, v interface{})
Call calls the underlying event listener function by performing the type-assertion on v whose type is the one returned by ListenedType().
func (OnHandlerOperationFinish) ListenedType ¶
func (OnHandlerOperationFinish) ListenedType() reflect.Type
ListenedType returns the type a OnHandlerOperationFinish event listener listens to, which is the HandlerOperationRes type.
type OnHandlerOperationStart ¶
type OnHandlerOperationStart func(*Operation, HandlerOperationArgs)
OnHandlerOperationStart function type, called when an HTTP handler operation starts.
func (OnHandlerOperationStart) Call ¶
func (f OnHandlerOperationStart) Call(op dyngo.Operation, v interface{})
Call calls the underlying event listener function by performing the type-assertion on v whose type is the one returned by ListenedType().
func (OnHandlerOperationStart) ListenedType ¶
func (OnHandlerOperationStart) ListenedType() reflect.Type
ListenedType returns the type a OnHandlerOperationStart event listener listens to, which is the HandlerOperationArgs type.
type OnSDKBodyOperationFinish ¶ added in v1.37.0
type OnSDKBodyOperationFinish func(*SDKBodyOperation, SDKBodyOperationRes)
OnSDKBodyOperationFinish function type, called when an SDK body operation finishes.
func (OnSDKBodyOperationFinish) Call ¶ added in v1.37.0
func (f OnSDKBodyOperationFinish) Call(op dyngo.Operation, v interface{})
Call calls the underlying event listener function by performing the type-assertion on v whose type is the one returned by ListenedType().
func (OnSDKBodyOperationFinish) ListenedType ¶ added in v1.37.0
func (OnSDKBodyOperationFinish) ListenedType() reflect.Type
ListenedType returns the type a OnSDKBodyOperationFinish event listener listens to, which is the SDKBodyOperationRes type.
type OnSDKBodyOperationStart ¶ added in v1.37.0
type OnSDKBodyOperationStart func(*SDKBodyOperation, SDKBodyOperationArgs)
OnSDKBodyOperationStart function type, called when an SDK body operation starts.
func (OnSDKBodyOperationStart) Call ¶ added in v1.37.0
func (f OnSDKBodyOperationStart) Call(op dyngo.Operation, v interface{})
Call calls the underlying event listener function by performing the type-assertion on v whose type is the one returned by ListenedType().
func (OnSDKBodyOperationStart) ListenedType ¶ added in v1.37.0
func (OnSDKBodyOperationStart) ListenedType() reflect.Type
ListenedType returns the type a OnSDKBodyOperationStart event listener listens to, which is the SDKBodyOperationStartArgs type.
type Operation ¶
type Operation struct { dyngo.Operation instrumentation.TagsHolder instrumentation.SecurityEventsHolder // contains filtered or unexported fields }
Operation type representing an HTTP operation. It must be created with StartOperation() and finished with its Finish().
func StartOperation ¶
StartOperation starts an HTTP handler operation, along with the given context and arguments and emits a start event up in the operation stack. The operation is linked to the global root operation since an HTTP operation is always expected to be first in the operation stack.
func (*Operation) ClearActions ¶ added in v1.45.0
func (op *Operation) ClearActions()
ClearActions clears all the actions linked to the operation
func (*Operation) Finish ¶
func (op *Operation) Finish(res HandlerOperationRes) []json.RawMessage
Finish the HTTP handler operation, along with the given results and emits a finish event up in the operation stack.
type SDKBodyOperation ¶ added in v1.37.0
SDKBodyOperation type representing an SDK body. It must be created with StartSDKBodyOperation() and finished with its Finish() method.
func StartSDKBodyOperation ¶ added in v1.37.0
func StartSDKBodyOperation(parent *Operation, args SDKBodyOperationArgs) *SDKBodyOperation
StartSDKBodyOperation starts the SDKBody operation and emits a start event
func (*SDKBodyOperation) Finish ¶ added in v1.37.0
func (op *SDKBodyOperation) Finish()
Finish finishes the SDKBody operation and emits a finish event
type SDKBodyOperationArgs ¶ added in v1.37.0
type SDKBodyOperationArgs struct {
// Body corresponds to the address `server.request.body`.
Body interface{}
}
SDKBodyOperationArgs is the SDK body operation arguments.
type SDKBodyOperationRes ¶ added in v1.37.0
type SDKBodyOperationRes struct{}
SDKBodyOperationRes is the SDK body operation results.