UNPKG

dd-trace

Version:

Datadog APM tracing client for JavaScript

github.com/DataDog/dd-trace-js

DataDog/dd-trace-js

90 lines (74 loc) 2.55 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
'use strict' const { storage } = require('../../../../../datadog-core') const iastContextFunctions = require('../iast-context') const overheadController = require('../overhead-controller') const { IastPlugin } = require('../iast-plugin') const { IAST_ENABLED_TAG_KEY } = require('../tags') const { createTransaction, removeTransaction } = require('../taint-tracking/operations') const vulnerabilityReporter = require('../vulnerability-reporter') const { TagKey } = require('../telemetry/iast-metric') class IastContextPlugin extends IastPlugin { startCtxOn (channelName, tag) { super.addSub(channelName, (message) => this.startContext(message?.currentStore)) this._getAndRegisterSubscription({ channelName, tag, tagKey: TagKey.SOURCE_TYPE }) } finishCtxOn (channelName) { super.addSub(channelName, (message) => this.finishContext()) } getRootSpan (store) { return store?.span } getTopContext () { return {} } newIastContext (rootSpan) { return { rootSpan } } addIastEnabledTag (isRequestAcquired, rootSpan) { if (rootSpan?.addTags) { rootSpan.addTags({ [IAST_ENABLED_TAG_KEY]: isRequestAcquired ? 1 : 0 }) } } startContext (store = storage('legacy').getStore()) { let isRequestAcquired = false let iastContext if (store) { const topContext = this.getTopContext() const rootSpan = this.getRootSpan(store) isRequestAcquired = overheadController.acquireRequest(rootSpan) if (isRequestAcquired) { iastContext = iastContextFunctions.saveIastContext(store, topContext, this.newIastContext(rootSpan)) createTransaction(rootSpan.context().toSpanId(), iastContext) overheadController.initializeRequestContext(iastContext) } this.addIastEnabledTag(isRequestAcquired, rootSpan) } return { isRequestAcquired, iastContext, store } } finishContext () { const store = storage('legacy').getStore() if (store) { const topContext = this.getTopContext() const iastContext = iastContextFunctions.getIastContext(store, topContext) const rootSpan = iastContext?.rootSpan if (iastContext && rootSpan) { vulnerabilityReporter.sendVulnerabilities(iastContext.vulnerabilities, rootSpan) removeTransaction(iastContext) } if (iastContextFunctions.cleanIastContext(store, topContext, iastContext)) { overheadController.releaseRequest() } } } } module.exports = IastContextPlugin