25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
# File 'lib/datadog/appsec/contrib/rack/reactive/response.rb', line 25
def self.subscribe(op, waf_context)
op.subscribe(*ADDRESSES) do |*values|
Datadog.logger.debug { "reacted to #{ADDRESSES.inspect}: #{values.inspect}" }
response_status = values[0]
= values[1]
= .dup.tap { |h| h.delete('set-cookie') }
waf_args = {
'server.response.status' => response_status.to_s,
'server.response.headers' => ,
'server.response.headers.no_cookies' => ,
}
waf_timeout = Datadog.configuration.appsec.waf_timeout
result = waf_context.run(waf_args, waf_timeout)
Datadog.logger.debug { "WAF TIMEOUT: #{result.inspect}" } if result.timeout
case result.status
when :match
Datadog.logger.debug { "WAF: #{result.inspect}" }
yield result
throw(:block, true) unless result.actions.empty?
when :ok
Datadog.logger.debug { "WAF OK: #{result.inspect}" }
when :invalid_call
Datadog.logger.debug { "WAF CALL ERROR: #{result.inspect}" }
when :invalid_rule, :invalid_flow, :no_rule
Datadog.logger.debug { "WAF RULE ERROR: #{result.inspect}" }
else
Datadog.logger.debug { "WAF UNKNOWN: #{result.status.inspect} #{result.inspect}" }
end
end
end
|