Skip to content

Commit

Permalink
Add option to disable http.route in symfony
Browse files Browse the repository at this point in the history
  • Loading branch information
@cataphract
cataphract committed Jan 15, 2025
1 parent 7010b37 commit 04884ce
Show file tree
Hide file tree
Showing 6 changed files with 105 additions and 81 deletions.
1 change: 1 addition & 0 deletions appsec/tests/integration/build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -438,6 +438,7 @@ task loadCaches(type: Exec) {

commandLine 'docker', 'run', '--rm',
'-v', 'php-tracer-cargo-cache:/caches/php-tracer-cargo-cache',
'-v', 'php-tracer-cargo-cache-git:/caches/php-tracer-cargo-cache-git',
'-v', 'php-appsec-hunter-cache:/caches/php-appsec-hunter-cache',
'-v', "${project.buildDir}:/build",
'busybox',
Expand Down
1 change: 1 addition & 0 deletions appsec/tests/integration/gradle/images.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -234,6 +234,7 @@ task saveCaches(type: Exec) {
commandLine 'docker', 'run', '--rm',
'-e', "UUID=${uuid}",
'-v', 'php-tracer-cargo-cache:/caches/php-tracer-cargo-cache',
'-v', 'php-tracer-cargo-cache-git:/caches/php-tracer-cargo-cache-git',
'-v', 'php-appsec-hunter-cache:/caches/php-appsec-hunter-cache',
'-v', "${project.buildDir}:/build",
'busybox',
Expand Down
2 changes: 1 addition & 1 deletion appsec/tests/integration/src/docker/php/build_dev_php.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -504,7 +504,7 @@ fi

if [[ -d /opt/homebrew/lib ]]; then
export LDFLAGS="${LDFLAGS:-} -L/opt/homebrew/lib"
export CPPFLAGS="${CPPFLAGS:-} -I/opt/homebrew/include"
export CPPFLAGS="${CPPFLAGS:-} -idirafter /opt/homebrew/include"
fi
export CXXFLAGS="${CXXFLAGS:-} -std=c++11"
export CFLAGS="${CFLAGS:-} -Wno-implicit-function-declaration"
Expand Down
33 changes: 26 additions & 7 deletions ...ests/integration/src/test/groovy/com/datadog/appsec/php/integration/Symfony62Tests.groovy
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ import com.datadog.appsec.php.docker.InspectContainerHelper
import com.datadog.appsec.php.model.Span
import com.datadog.appsec.php.model.Trace
import org.junit.jupiter.api.MethodOrderer
import org.junit.jupiter.api.Order
import org.junit.jupiter.api.Test
import org.junit.jupiter.api.TestMethodOrder
import org.junit.jupiter.api.condition.EnabledIf
Expand Down Expand Up @@ -45,12 +44,6 @@ class Symfony62Tests {
www: 'symfony62',
)

@Test
@Order(1)
void 'reported telemetry integrations are not repeated'() {

}

@Test
void 'login success automated event'() {
//The user [email protected] is already on the DB
Expand Down Expand Up @@ -115,4 +108,30 @@ class Symfony62Tests {
assert span.meta."appsec.blocked" == "true"
assert span.meta."http.route" == '/dynamic-path/{param01}'
}

@Test
void 'symfony http route disabled'() {
try {
def res = CONTAINER.execInContainer(
'bash', '-c',
'''echo export DD_TRACE_SYMFONY_HTTP_ROUTE=false >> /etc/apache2/envvars;
service apache2 restart''')
assert res.exitCode == 0

HttpRequest req = container.buildReq('/dynamic-path/someValue').GET().build()
def trace = container.traceFromRequest(req, ofString()) { HttpResponse<String> re ->
assert re.statusCode() == 200
assert re.body().contains('Hi someValue!')
}

Span span = trace.first()
assert span.meta."http.route" != '/dynamic-path/{param01}'
} finally {
def res = CONTAINER.execInContainer(
'bash', '-c',
'''sed -i '/export DD_TRACE_SYMFONY_HTTP_ROUTE=/d' /etc/apache2/envvars;
service apache2 restart''')
assert res.exitCode == 0
}
}
}
1 change: 1 addition & 0 deletions ext/configuration.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -141,6 +141,7 @@ enum ddtrace_sampling_rules_format {
CONFIG(BOOL, DD_TRACE_LARAVEL_QUEUE_DISTRIBUTED_TRACING, "true") \
CONFIG(BOOL, DD_TRACE_SYMFONY_MESSENGER_DISTRIBUTED_TRACING, "true") \
CONFIG(BOOL, DD_TRACE_SYMFONY_MESSENGER_MIDDLEWARES, "false") \
CONFIG(BOOL, DD_TRACE_SYMFONY_HTTP_ROUTE, "true") \
CONFIG(BOOL, DD_TRACE_REMOVE_ROOT_SPAN_LARAVEL_QUEUE, "true") \
CONFIG(BOOL, DD_TRACE_REMOVE_ROOT_SPAN_SYMFONY_MESSENGER, "true") \
CONFIG(BOOL, DD_APPSEC_RASP_ENABLED , "false") \
Expand Down
148 changes: 75 additions & 73 deletions src/DDTrace/Integrations/Symfony/SymfonyIntegration.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -388,88 +388,90 @@ function () use ($integration) {
}
);

$handle_http_route = function($route_name, $request, $rootSpan) use ($integration) {
if ($integration->kernel === null) {
return;
}
/** @var ContainerInterface $container */
$container = $integration->kernel->getContainer();
try {
$cache = $container->get('cache.app');
} catch (\Exception $e) {
return;
}
if (\dd_trace_env_config('DD_TRACE_SYMFONY_HTTP_ROUTE')) {
$handle_http_route = function($route_name, $request, $rootSpan) use ($integration) {
if ($integration->kernel === null) {
return;
}
/** @var ContainerInterface $container */
$container = $integration->kernel->getContainer();
try {
$cache = $container->get('cache.app');
} catch (\Exception $e) {
return;
}

/** @var \Symfony\Bundle\FrameworkBundle\Routing\Router $router */
$router = $container->get('router');
if (!\method_exists($cache, 'getItem')) {
return;
}
$itemName = "_datadog.route.path.$route_name";
$locale = $request->get('_locale');
if ($locale !== null) {
$itemName .= ".$locale";
}
$item = $cache->getItem($itemName);
if ($item->isHit()) {
$route = $item->get();
} else {
$routeCollection = $router->getRouteCollection();
$route = $routeCollection->get($route_name);
if ($route == null && ($locale = $request->get('_locale')) !== null) {
$route = $routeCollection->get($route_name . '.' . $locale);
}
$item->set($route);
$item->expiresAfter(3600);
$cache->save($item);
}
if (isset($route)) {
$rootSpan->meta[Tag::HTTP_ROUTE] = $route->getPath();
}
};
/** @var \Symfony\Bundle\FrameworkBundle\Routing\Router $router */
$router = $container->get('router');
if (!\method_exists($cache, 'getItem')) {
return;
}
$itemName = "_datadog.route.path.$route_name";
$locale = $request->get('_locale');
if ($locale !== null) {
$itemName .= ".$locale";
}
$item = $cache->getItem($itemName);
if ($item->isHit()) {
$route = $item->get();
} else {
$routeCollection = $router->getRouteCollection();
$route = $routeCollection->get($route_name);
if ($route == null && ($locale = $request->get('_locale')) !== null) {
$route = $routeCollection->get($route_name . '.' . $locale);
}
$item->set($route);
$item->expiresAfter(3600);
$cache->save($item);
}
if (isset($route)) {
$rootSpan->meta[Tag::HTTP_ROUTE] = $route->getPath();
}
};

\DDTrace\trace_method(
'Symfony\Component\HttpKernel\HttpKernel',
'handle',
function (SpanData $span, $args, $response) use ($integration, $handle_http_route) {
/** @var Request $request */
list($request) = $args;
\DDTrace\trace_method(
'Symfony\Component\HttpKernel\HttpKernel',
'handle',
function (SpanData $span, $args, $response) use ($integration, $handle_http_route) {
/** @var Request $request */
list($request) = $args;

$span->name = 'symfony.kernel.handle';
$span->service = \ddtrace_config_app_name($integration->frameworkPrefix);
$span->type = Type::WEB_SERVLET;
$span->meta[Tag::COMPONENT] = SymfonyIntegration::NAME;
$span->name = 'symfony.kernel.handle';
$span->service = \ddtrace_config_app_name($integration->frameworkPrefix);
$span->type = Type::WEB_SERVLET;
$span->meta[Tag::COMPONENT] = SymfonyIntegration::NAME;

$rootSpan = \DDTrace\root_span();
$rootSpan->meta[Tag::HTTP_METHOD] = $request->getMethod();
$rootSpan->meta[Tag::COMPONENT] = $integration->frameworkPrefix;
$rootSpan->meta[Tag::SPAN_KIND] = 'server';
$integration->addTraceAnalyticsIfEnabled($rootSpan);
$rootSpan = \DDTrace\root_span();
$rootSpan->meta[Tag::HTTP_METHOD] = $request->getMethod();
$rootSpan->meta[Tag::COMPONENT] = $integration->frameworkPrefix;
$rootSpan->meta[Tag::SPAN_KIND] = 'server';
$integration->addTraceAnalyticsIfEnabled($rootSpan);

if (!array_key_exists(Tag::HTTP_URL, $rootSpan->meta)) {
$rootSpan->meta[Tag::HTTP_URL] = Normalizer::urlSanitize($request->getUri());
}
if (isset($response)) {
$rootSpan->meta[Tag::HTTP_STATUS_CODE] = $response->getStatusCode();
}
if (!array_key_exists(Tag::HTTP_URL, $rootSpan->meta)) {
$rootSpan->meta[Tag::HTTP_URL] = Normalizer::urlSanitize($request->getUri());
}
if (isset($response)) {
$rootSpan->meta[Tag::HTTP_STATUS_CODE] = $response->getStatusCode();
}

$route_name = $request->get('_route');
if ($route_name !== null) {
if (dd_trace_env_config("DD_HTTP_SERVER_ROUTE_BASED_NAMING")) {
$rootSpan->resource = $route_name;
$route_name = $request->get('_route');
if ($route_name !== null) {
if (dd_trace_env_config("DD_HTTP_SERVER_ROUTE_BASED_NAMING")) {
$rootSpan->resource = $route_name;
}
$rootSpan->meta['symfony.route.name'] = $route_name;
$handle_http_route($route_name, $request, $rootSpan);
}
$rootSpan->meta['symfony.route.name'] = $route_name;
$handle_http_route($route_name, $request, $rootSpan);
}

$parameters = $request->get('_route_params');
if (!empty($parameters) &&
is_array($parameters) &&
function_exists('datadog\appsec\push_address')) {
\datadog\appsec\push_address("server.request.path_params", $parameters);
$parameters = $request->get('_route_params');
if (!empty($parameters) &&
is_array($parameters) &&
function_exists('datadog\appsec\push_address')) {
\datadog\appsec\push_address("server.request.path_params", $parameters);
}
}
}
);
);
}

/*
* EventDispatcher v4.3 introduced an arg hack that mutates the arguments.
Expand Down

0 comments on commit 04884ce

Please sign in to comment.