fix(iast): cookie vulnerability cardinality issues

avara1986 · avara1986 · commit 2d8fabd01d2a · 2025-02-07T08:44:02.000+01:00
diff --git a/ddtrace/appsec/_iast/_overhead_control_engine.py b/ddtrace/appsec/_iast/_overhead_control_engine.py
@@ -67,11 +67,12 @@ def has_quota(cls) -> bool:
 
     @classmethod
     def is_not_reported(cls, filename: Text, lineno: int) -> bool:
-        vulnerability_id = (filename, lineno)
-        if vulnerability_id in cls._reported_vulnerabilities:
-            return False
+        if asm_config._iast_deduplication_enabled:
+            vulnerability_id = (filename, lineno)
+            if vulnerability_id in cls._reported_vulnerabilities:
+                return False
 
-        cls._reported_vulnerabilities.add(vulnerability_id)
+            cls._reported_vulnerabilities.add(vulnerability_id)
         return True
 
 
diff --git a/docs/spelling_wordlist.txt b/docs/spelling_wordlist.txt
@@ -318,3 +318,4 @@ xfail
 yaaredis
 csrftoken
 session
+sessionid
