DD_IAST_USE_ROOT_SPAN disabled by default

florentinl · florentinl · commit c14225e20958 · 2025-08-07T17:01:25.000+02:00
diff --git a/tests/appsec/contrib_appsec/utils.py b/tests/appsec/contrib_appsec/utils.py
@@ -145,18 +145,16 @@ def test_healthcheck(self, interface: Interface, get_entry_span_tag, asm_enabled
             assert get_entry_span_tag("http.status_code") == "200"
             assert self.headers(response)["content-type"] == "text/html; charset=utf-8"
 
-    @pytest.mark.parametrize("rename_service", [True, False])
-    def test_simple_attack(self, interface: Interface, entry_span, get_entry_span_tag, rename_service):
+    def test_simple_attack(self, interface: Interface, entry_span, get_entry_span_tag):
         with override_global_config(dict(_asm_enabled=True)):
             self.update_tracer(interface)
-            response = interface.client.get("/.git?q=1", headers={"x-rename-service": str(rename_service).lower()})
+            response = interface.client.get("/.git?q=1")
             assert response.status_code == 404
             triggers = get_triggers(entry_span())
             assert triggers is not None, "no appsec struct in root span"
             assert get_entry_span_tag("http.response.headers.content-length")
 
-    @pytest.mark.parametrize("rename_service", [True, False])
-    def test_simple_attack_timeout(self, interface: Interface, entry_span, get_entry_span_metric, rename_service):
+    def test_simple_attack_timeout(self, interface: Interface, entry_span, get_entry_span_metric):
         from unittest.mock import MagicMock
         from unittest.mock import patch as mock_patch
 
@@ -170,9 +168,7 @@ def test_simple_attack_timeout(self, interface: Interface, entry_span, get_entry
             self.update_tracer(interface)
             query_params = urlencode({"q": "1"})
             url = f"/?{query_params}"
-            response = interface.client.get(
-                url, headers={"User-Agent": "Arachni/v1.5.1", "x-rename-service": str(rename_service).lower()}
-            )
+            response = interface.client.get(url, headers={"User-Agent": "Arachni/v1.5.1"})
             assert response.status_code == 200
             assert get_entry_span_metric("_dd.appsec.waf.timeouts") > 0, (entry_span()._meta, entry_span()._metrics)
             args_list = [
@@ -896,8 +892,18 @@ def test_request_suspicious_request_block_match_response_status(
             ("/asm/1/a", {"header_name": "NoWorryBeHappy"}, None),
         ],
     )
+    @pytest.mark.parametrize("rename_service", [True, False])
     def test_request_suspicious_request_block_match_response_headers(
-        self, interface: Interface, get_entry_span_tag, asm_enabled, metastruct, entry_span, uri, headers, blocked
+        self,
+        interface: Interface,
+        get_entry_span_tag,
+        asm_enabled,
+        metastruct,
+        entry_span,
+        uri,
+        headers,
+        blocked,
+        rename_service,
     ):
         from ddtrace.ext import http
 
@@ -909,7 +915,7 @@ def test_request_suspicious_request_block_match_response_headers(
             self.update_tracer(interface)
             if headers:
                 uri += "?headers=" + quote(",".join(f"{k}={v}" for k, v in headers.items()))
-            response = interface.client.get(uri)
+            response = interface.client.get(uri, headers={"x-rename-service": "true" if rename_service else "false"})
             # DEV Warning: encoded URL will behave differently
             assert get_entry_span_tag(http.URL) == "http://localhost:8000" + uri
             assert get_entry_span_tag(http.METHOD) == "GET"
