diff --git a/tracer/src/Datadog.Trace/AppSec/AppSecRequestContext.cs b/tracer/src/Datadog.Trace/AppSec/AppSecRequestContext.cs index 5d8f4dde6862..7ce294ac2427 100644 --- a/tracer/src/Datadog.Trace/AppSec/AppSecRequestContext.cs +++ b/tracer/src/Datadog.Trace/AppSec/AppSecRequestContext.cs @@ -17,6 +17,7 @@ internal class AppSecRequestContext { private const string StackKey = "_dd.stack"; private const string ExploitStackKey = "exploit"; + private const string VulnerabilityStackKey = "vulnerability"; private const string AppsecKey = "appsec"; private readonly object _sync = new(); private readonly List _wafSecurityEvents = new(); @@ -68,21 +69,31 @@ internal void AddWafSecurityEvents(IReadOnlyCollection events) } internal void AddRaspStackTrace(Dictionary stackTrace, int maxStackTraces) + { + AddStackTrace(ExploitStackKey, stackTrace, maxStackTraces); + } + + internal void AddVulnerabilityStackTrace(Dictionary stackTrace, int maxStackTraces) + { + AddStackTrace(VulnerabilityStackKey, stackTrace, maxStackTraces); + } + + internal void AddStackTrace(string stackCategory, Dictionary stackTrace, int maxStackTraces) { lock (_sync) { _raspStackTraces ??= new(); - if (!_raspStackTraces.ContainsKey(ExploitStackKey)) + if (!_raspStackTraces.ContainsKey(stackCategory)) { - _raspStackTraces.Add(ExploitStackKey, new()); + _raspStackTraces.Add(stackCategory, new()); } - else if (maxStackTraces > 0 && _raspStackTraces[ExploitStackKey].Count >= maxStackTraces) + else if (maxStackTraces > 0 && _raspStackTraces[stackCategory].Count >= maxStackTraces) { return; } - _raspStackTraces[ExploitStackKey].Add(stackTrace); + _raspStackTraces[stackCategory].Add(stackTrace); } } } diff --git a/tracer/src/Datadog.Trace/AppSec/Rasp/RaspModule.cs b/tracer/src/Datadog.Trace/AppSec/Rasp/RaspModule.cs index 5936d3579937..0a5695d19475 100644 --- a/tracer/src/Datadog.Trace/AppSec/Rasp/RaspModule.cs +++ b/tracer/src/Datadog.Trace/AppSec/Rasp/RaspModule.cs @@ -177,7 +177,7 @@ private static void SendStack(Span rootSpan, string id) if (stack is not null) { - rootSpan.Context.TraceContext.AddStackTraceElement(stack, Security.Instance.Settings.MaxStackTraces); + rootSpan.Context.TraceContext.AddRaspStackTraceElement(stack, Security.Instance.Settings.MaxStackTraces); } } diff --git a/tracer/src/Datadog.Trace/Iast/IastModule.cs b/tracer/src/Datadog.Trace/Iast/IastModule.cs index fb87472db8a6..5532cbeb79ea 100644 --- a/tracer/src/Datadog.Trace/Iast/IastModule.cs +++ b/tracer/src/Datadog.Trace/Iast/IastModule.cs @@ -25,6 +25,7 @@ using Datadog.Trace.Iast.Telemetry; using Datadog.Trace.Logging; using Datadog.Trace.Sampling; +using Datadog.Trace.VendoredMicrosoftCode.System; using static Datadog.Trace.Configuration.ConfigurationKeys; using static Datadog.Trace.Telemetry.Metrics.MetricTags; @@ -422,15 +423,6 @@ public static void OnHardcodedSecret(Vulnerability vulnerability) } } - public static void OnHardcodedSecret(List vulnerabilities) - { - if (Iast.Instance.Settings.Enabled) - { - // We provide a hash value for the vulnerability instead of calculating one, following the agreed conventions - AddVulnerabilityAsSingleSpan(Tracer.Instance, IntegrationId.HardcodedSecret, OperationNameHardcodedSecret, vulnerabilities).SingleSpan?.Dispose(); - } - } - public static IastModuleResponse OnInsecureAuthProtocol(string authHeader, IntegrationId integrationId) { OnExecutedSinkTelemetry(IastInstrumentedSinks.InsecureAuthProtocol); @@ -667,7 +659,7 @@ private static IastModuleResponse GetScope(string evidenceValue, IntegrationId i return IastModuleResponse.Empty; } - var location = addLocation ? GetLocation(externalStack, currentSpan?.SpanId) : null; + var location = addLocation ? GetLocation(externalStack, currentSpan) : null; if (addLocation && location is null) { return IastModuleResponse.Empty; @@ -686,6 +678,8 @@ private static IastModuleResponse GetScope(string evidenceValue, IntegrationId i traceContext?.Tags.SetTag(Tags.Propagated.AppSec, "1"); traceContext?.IastRequestContext?.AddVulnerability(vulnerability); + vulnerability.Location?.ReportStack(currentSpan); + return IastModuleResponse.Vulnerable; } else @@ -697,27 +691,29 @@ private static IastModuleResponse GetScope(string evidenceValue, IntegrationId i return IastModuleResponse.Empty; } - private static Location? GetLocation(StackTrace? externalStack = null, ulong? currentSpanId = null) + private static Location? GetLocation(StackTrace? stack = null, Span? currentSpan = null) { - var frameInfo = StackWalker.GetFrame(externalStack); - if (!frameInfo.IsValid) + stack ??= StackWalker.GetStackTrace(); + var stackFrame = StackWalker.GetFrame(stack); + if (stackFrame is null) { return null; } - return new Location(frameInfo.StackFrame, currentSpanId); - } - - private static IastModuleResponse AddVulnerabilityAsSingleSpan(Tracer tracer, IntegrationId integrationId, string operationName, List vulnerabilities) - { - // we either are not in a request or the distributed tracer returned a scope that cannot be casted to Scope and we cannot access the root span. - var batch = GetVulnerabilityBatch(); - foreach (var vulnerability in vulnerabilities) + string? stackId = null; + if (stack != null && Security.Instance.Settings.StackTraceEnabled) { - batch.Add(vulnerability); + if (currentSpan is null) + { + stackId = "1"; + } + else + { + stackId = currentSpan.Context.TraceContext.GetNextVulnerabilityStackTraceId(); + } } - return AddVulnerabilityAsSingleSpan(tracer, integrationId, operationName, batch.ToJson()); + return new Location(stackFrame, stack, stackId, currentSpan?.SpanId); } private static IastModuleResponse AddVulnerabilityAsSingleSpan(Tracer tracer, IntegrationId integrationId, string operationName, Vulnerability vulnerability) @@ -725,22 +721,21 @@ private static IastModuleResponse AddVulnerabilityAsSingleSpan(Tracer tracer, In // we either are not in a request or the distributed tracer returned a scope that cannot be casted to Scope and we cannot access the root span. var batch = GetVulnerabilityBatch(); batch.Add(vulnerability); - return AddVulnerabilityAsSingleSpan(tracer, integrationId, operationName, batch.ToJson()); - } - private static IastModuleResponse AddVulnerabilityAsSingleSpan(Tracer tracer, IntegrationId integrationId, string operationName, string vulnsJson) - { var tags = new IastTags() { - IastJson = vulnsJson, + IastJson = batch.ToJson(), IastEnabled = "1" }; var scope = tracer.StartActiveInternal(operationName, tags: tags); - scope.Span.Type = SpanTypes.IastVulnerability; + var span = scope.Span; + var traceContext = span.Context.TraceContext; + span.Type = SpanTypes.IastVulnerability; tracer.TracerManager.Telemetry.IntegrationGeneratedSpan(integrationId); - scope.Span.Context.TraceContext?.SetSamplingPriority(SamplingPriorityValues.UserKeep, SamplingMechanism.Asm); - scope.Span.Context.TraceContext?.Tags.SetTag(Tags.Propagated.AppSec, "1"); + traceContext?.SetSamplingPriority(SamplingPriorityValues.UserKeep, SamplingMechanism.Asm); + traceContext?.Tags.SetTag(Tags.Propagated.AppSec, "1"); + vulnerability.Location?.ReportStack(span); return new IastModuleResponse(scope); } diff --git a/tracer/src/Datadog.Trace/Iast/IastRequestContext.cs b/tracer/src/Datadog.Trace/Iast/IastRequestContext.cs index d0e8f85ae075..007c3789098f 100644 --- a/tracer/src/Datadog.Trace/Iast/IastRequestContext.cs +++ b/tracer/src/Datadog.Trace/Iast/IastRequestContext.cs @@ -8,6 +8,8 @@ using System; using System.Collections.Generic; using System.Collections.Specialized; +using System.Globalization; +using System.Threading; using System.Web; #if !NETFRAMEWORK using Microsoft.AspNetCore.Http; @@ -31,6 +33,7 @@ internal class IastRequestContext private bool _routedParametersAdded = false; private bool _querySourcesAdded = false; private ExecutedTelemetryHelper? _executedTelemetryHelper = ExecutedTelemetryHelper.Enabled() ? new ExecutedTelemetryHelper() : null; + private int _lastVulnerabilityStackId = 0; internal static void AddIastDisabledFlagToSpan(Span span) { @@ -379,4 +382,9 @@ internal void OnExecutedPropagationTelemetry() { _executedTelemetryHelper?.AddExecutedPropagation(); } + + internal string GetNextVulnerabilityStackId() + { + return Interlocked.Increment(ref _lastVulnerabilityStackId).ToString(CultureInfo.InvariantCulture); + } } diff --git a/tracer/src/Datadog.Trace/Iast/Location.cs b/tracer/src/Datadog.Trace/Iast/Location.cs index eac0901dfb11..3b13efd845b8 100644 --- a/tracer/src/Datadog.Trace/Iast/Location.cs +++ b/tracer/src/Datadog.Trace/Iast/Location.cs @@ -6,12 +6,18 @@ #nullable enable using System; +using System.Collections.Generic; using System.Diagnostics; +using System.Linq; +using Datadog.Trace.AppSec; +using Datadog.Trace.AppSec.Rasp; namespace Datadog.Trace.Iast; internal readonly struct Location { + internal readonly StackTrace? _stack = null; + public Location(string method) { var index = method.LastIndexOf("::", StringComparison.Ordinal); @@ -29,7 +35,7 @@ public Location(string method) } } - public Location(StackFrame? stackFrame, ulong? spanId) + public Location(StackFrame? stackFrame, StackTrace? stack, string? stackId, ulong? spanId) { var method = stackFrame?.GetMethod(); Path = method?.DeclaringType?.FullName; @@ -38,9 +44,12 @@ public Location(StackFrame? stackFrame, ulong? spanId) Line = line > 0 ? line : null; SpanId = spanId == 0 ? null : spanId; + + _stack = stack; + StackId = stackId; } - public Location(string? typeName, string? methodName, int? line, ulong? spanId) + internal Location(string? typeName, string? methodName, int? line, ulong? spanId) // For testing purposes only { this.Path = typeName; this.Method = methodName; @@ -57,9 +66,25 @@ public Location(string? typeName, string? methodName, int? line, ulong? spanId) public int? Line { get; } + public string? StackId { get; } + public override int GetHashCode() { // We do not calculate the hash including the spanId nor the line return IastUtils.GetHashCode(Path, Method); } + + internal void ReportStack(Span? span) + { + if (span is not null && StackId is not null && _stack is not null && _stack.FrameCount > 0) + { +#pragma warning disable CS8620 // Argument cannot be used for parameter due to differences in the nullability of reference types. Some TFMs (pre net 6) don't have null annotations + var stack = StackReporter.GetStack(Security.Instance.Settings.MaxStackTraceDepth, StackId, _stack.GetFrames()); +#pragma warning restore CS8620 // Argument cannot be used for parameter due to differences in the nullability of reference types. + if (stack is not null) + { + span.Context.TraceContext?.AddVulnerabilityStackTraceElement(stack, Security.Instance.Settings.MaxStackTraces); + } + } + } } diff --git a/tracer/src/Datadog.Trace/Iast/StackFrameInfo.cs b/tracer/src/Datadog.Trace/Iast/StackFrameInfo.cs deleted file mode 100644 index e25ec392a10a..000000000000 --- a/tracer/src/Datadog.Trace/Iast/StackFrameInfo.cs +++ /dev/null @@ -1,24 +0,0 @@ -// -// Unless explicitly stated otherwise all files in this repository are licensed under the Apache 2 License. -// This product includes software developed at Datadog (https://www.datadoghq.com/). Copyright 2017 Datadog, Inc. -// - -#nullable enable - -using System.Diagnostics; -using Datadog.Trace.Vendors.MessagePack.Decoders; - -namespace Datadog.Trace.Iast; - -internal readonly struct StackFrameInfo -{ - public StackFrameInfo(StackFrame? stackFrame, bool isValid) - { - StackFrame = stackFrame; - IsValid = isValid; - } - - public StackFrame? StackFrame { get; } - - public bool IsValid { get; } -} diff --git a/tracer/src/Datadog.Trace/Iast/StackWalker.cs b/tracer/src/Datadog.Trace/Iast/StackWalker.cs index 032289924dc7..8d2230fabeb6 100644 --- a/tracer/src/Datadog.Trace/Iast/StackWalker.cs +++ b/tracer/src/Datadog.Trace/Iast/StackWalker.cs @@ -16,7 +16,13 @@ namespace Datadog.Trace.Iast; internal static class StackWalker { private const int DefaultSkipFrames = 2; - private static readonly string[] ExcludeSpanGenerationTypes = { "Datadog.Trace.Debugger.Helpers.StringExtensions", "Microsoft.AspNetCore.Razor.Language.StreamSourceDocument", "System.Security.IdentityHelper" }; + private static readonly string[] ExcludeSpanGenerationTypes = + { + "Datadog.Trace.Debugger.Helpers.StringExtensions", + "Microsoft.AspNetCore.Razor.Language.StreamSourceDocument", + "System.Security.IdentityHelper" + }; + private static readonly string[] AssemblyNamesToSkip = { "Datadog.Trace", @@ -41,10 +47,13 @@ internal static class StackWalker private static readonly ConcurrentDictionary ExcludedAssemblyCache = new ConcurrentDictionary(); - public static StackFrameInfo GetFrame(StackTrace? externalStack = null) + public static StackTrace GetStackTrace() { - var stackTrace = externalStack ?? new StackTrace(DefaultSkipFrames, true); + return new StackTrace(DefaultSkipFrames, true); + } + public static StackFrame? GetFrame(StackTrace stackTrace) + { foreach (var frame in stackTrace.GetFrames()) { var declaringType = frame?.GetMethod()?.DeclaringType; @@ -53,26 +62,21 @@ public static StackFrameInfo GetFrame(StackTrace? externalStack = null) { if (excludeType == declaringType?.FullName) { - return new StackFrameInfo(null, false); + return null; } } - if (ExcludeSpanGenerationTypes.Contains(declaringType?.FullName)) - { - return new StackFrameInfo(null, false); - } - var assembly = declaringType?.Assembly.GetName().Name; - if (assembly != null && !AssemblyExcluded(assembly)) + if (assembly != null && !MustSkipAssembly(assembly)) { - return new StackFrameInfo(frame, true); + return frame; } } - return new StackFrameInfo(null, true); + return null; } - public static bool AssemblyExcluded(string assembly) + public static bool MustSkipAssembly(string assembly) { if (ExcludedAssemblyCache.TryGetValue(assembly, out bool excluded)) { @@ -83,34 +87,34 @@ public static bool AssemblyExcluded(string assembly) ExcludedAssemblyCache[assembly] = excluded; return excluded; - } - // For performance reasons, we are not supporting wildcards fully. We just need to use '.' at the end for now. We can use regular expressions - // if in the future we need a more sophisticated wildcard support - private static bool IsExcluded(string assembly) - { - foreach (var assemblyToSkip in AssemblyNamesToSkip) + // For performance reasons, we are not supporting wildcards fully. We just need to use '.' at the end for now. We can use regular expressions + // if in the future we need a more sophisticated wildcard support + static bool IsExcluded(string assembly) { + foreach (var assemblyToSkip in AssemblyNamesToSkip) + { #if NETCOREAPP3_1_OR_GREATER - if (assemblyToSkip.EndsWith('.')) + if (assemblyToSkip.EndsWith('.')) #else - if (assemblyToSkip.EndsWith(".")) + if (assemblyToSkip.EndsWith(".")) #endif - { - if (assembly.StartsWith(assemblyToSkip, StringComparison.OrdinalIgnoreCase)) { - return true; + if (assembly.StartsWith(assemblyToSkip, StringComparison.OrdinalIgnoreCase)) + { + return true; + } } - } - else - { - if (assembly.Equals(assemblyToSkip, StringComparison.OrdinalIgnoreCase)) + else { - return true; + if (assembly.Equals(assemblyToSkip, StringComparison.OrdinalIgnoreCase)) + { + return true; + } } } - } - return false; + return false; + } } } diff --git a/tracer/src/Datadog.Trace/TraceContext.cs b/tracer/src/Datadog.Trace/TraceContext.cs index 6cfadddf8857..45d5b988a66f 100644 --- a/tracer/src/Datadog.Trace/TraceContext.cs +++ b/tracer/src/Datadog.Trace/TraceContext.cs @@ -6,7 +6,9 @@ #nullable enable using System; +using System.Collections; using System.Collections.Generic; +using System.Runtime.CompilerServices; using System.Threading; using Datadog.Trace.AppSec; using Datadog.Trace.Ci; @@ -106,34 +108,40 @@ public Span? RootSpan spans.Array![spans.Offset].Context.TraceContext : null; - internal void AddWafSecurityEvents(IReadOnlyCollection events) + [MethodImpl(MethodImplOptions.AggressiveInlining)] + private AppSecRequestContext GetRequestContext() { if (Volatile.Read(ref _appSecRequestContext) is null) { Interlocked.CompareExchange(ref _appSecRequestContext, new(), null); } - _appSecRequestContext!.AddWafSecurityEvents(events); + return _appSecRequestContext!; } - internal void AddStackTraceElement(Dictionary stack, int maxStackTraces) + internal void AddWafSecurityEvents(IReadOnlyCollection events) { - if (Volatile.Read(ref _appSecRequestContext) is null) - { - Interlocked.CompareExchange(ref _appSecRequestContext, new(), null); - } + GetRequestContext().AddWafSecurityEvents(events); + } - _appSecRequestContext!.AddRaspStackTrace(stack, maxStackTraces); + internal void AddRaspStackTraceElement(Dictionary stack, int maxStackTraces) + { + GetRequestContext().AddRaspStackTrace(stack, maxStackTraces); } - internal void AddRaspSpanMetrics(ulong duration, ulong durationWithBindings, bool timeout) + internal string? GetNextVulnerabilityStackTraceId() { - if (Volatile.Read(ref _appSecRequestContext) is null) - { - Interlocked.CompareExchange(ref _appSecRequestContext, new(), null); - } + return _iastRequestContext?.GetNextVulnerabilityStackId(); + } - _appSecRequestContext!.AddRaspSpanMetrics(duration, durationWithBindings, timeout); + internal void AddVulnerabilityStackTraceElement(Dictionary stack, int maxStackTraces) + { + GetRequestContext().AddVulnerabilityStackTrace(stack, maxStackTraces); + } + + internal void AddRaspSpanMetrics(ulong duration, ulong durationWithBindings, bool timeout) + { + GetRequestContext().AddRaspSpanMetrics(duration, durationWithBindings, timeout); } internal void EnableIastInRequest() diff --git a/tracer/test/Datadog.Trace.Security.IntegrationTests/AspNetBase.cs b/tracer/test/Datadog.Trace.Security.IntegrationTests/AspNetBase.cs index 725ca879d013..350e19e0422e 100644 --- a/tracer/test/Datadog.Trace.Security.IntegrationTests/AspNetBase.cs +++ b/tracer/test/Datadog.Trace.Security.IntegrationTests/AspNetBase.cs @@ -18,6 +18,8 @@ using System.Text.RegularExpressions; using System.Threading.Tasks; using Datadog.Trace.AppSec.Waf.ReturnTypes.Managed; +using Datadog.Trace.Configuration; +using Datadog.Trace.Security.IntegrationTests.IAST; using Datadog.Trace.TestHelpers; using Datadog.Trace.Vendors.Newtonsoft.Json; using Datadog.Trace.Vendors.Newtonsoft.Json.Linq; @@ -54,11 +56,12 @@ public class AspNetBase : TestHelper private readonly CookieContainer _cookieContainer; private readonly string _shutdownPath; private readonly JsonSerializerSettings _jsonSerializerSettingsOrderProperty; + private readonly bool _clearMetaStruct; private int _httpPort; #pragma warning restore SA1202 // Elements should be ordered by access #pragma warning restore SA1401 // Fields should be private - public AspNetBase(string sampleName, ITestOutputHelper outputHelper, string shutdownPath, string samplesDir = null, string testName = null) + public AspNetBase(string sampleName, ITestOutputHelper outputHelper, string shutdownPath, string samplesDir = null, string testName = null, bool clearMetaStruct = false) : base(Prefix + sampleName, samplesDir ?? "test/test-applications/security", outputHelper) { _testName = Prefix + (testName ?? sampleName); @@ -77,6 +80,8 @@ public AspNetBase(string sampleName, ITestOutputHelper outputHelper, string shut _httpClient.DefaultRequestHeaders.ConnectionClose = true; #endif _jsonSerializerSettingsOrderProperty = new JsonSerializerSettings { ContractResolver = new OrderedContractResolver() }; + + _clearMetaStruct = clearMetaStruct; } protected bool IncludeAllHttpSpans { get; set; } = false; @@ -158,8 +163,6 @@ public async Task VerifySpans(IImmutableList spans, VerifySettings set var orderedJson = JsonConvert.SerializeObject(obj, _jsonSerializerSettingsOrderProperty); target.Tags[Tags.AppSecJson] = orderedJson; - target.MetaStruct.Remove("appsec"); - // Let the snapshot know that the data comes from the meta struct if (forceMetaStruct) { @@ -167,10 +170,17 @@ public async Task VerifySpans(IImmutableList spans, VerifySettings set } } - // Remove all data from meta structs keys, no need to get the binary data for other keys - foreach (var key in target.MetaStruct.Keys.ToList()) + if (_clearMetaStruct) { - target.MetaStruct[key] = []; + target.MetaStruct = null; + } + else + { + // Remove all data from meta structs keys, no need to get the binary data for other keys + foreach (var key in target.MetaStruct.Keys.ToList()) + { + target.MetaStruct[key] = []; + } } } @@ -213,12 +223,30 @@ await VerifyHelper.VerifySpans(spans, settings) } } + public void StacksMetaStructScrubbing(MockSpan target) + { + var key = "_dd.stack"; + if (target.MetaStruct is not null && target.MetaStruct.TryGetValue(key, out var appsec)) + { + var metaStruct = MetaStructByteArrayToObject.Invoke(null, [appsec]); + var json = JsonConvert.SerializeObject(metaStruct, Formatting.Indented); + target.Tags[key] = json; + } + } + protected void SetClientIp(string ip) { _httpClient.DefaultRequestHeaders.Remove(XffHeader); _httpClient.DefaultRequestHeaders.Add(XffHeader, ip); } + protected string MetaStructToJson(byte[] data) + { + var metaStruct = MetaStructByteArrayToObject.Invoke(null, [data]); + var json = JsonConvert.SerializeObject(metaStruct, Formatting.Indented); + return json; + } + protected async Task TestRateLimiter(bool enableSecurity, string url, MockTracerAgent agent, int appsecTraceRateLimit, int totalRequests, int spansPerRequest) { var errorMargin = 0.15; diff --git a/tracer/test/Datadog.Trace.Security.IntegrationTests/AspNetCore2.cs b/tracer/test/Datadog.Trace.Security.IntegrationTests/AspNetCore2.cs index 92ae53f2022a..a4a68f30f7ae 100644 --- a/tracer/test/Datadog.Trace.Security.IntegrationTests/AspNetCore2.cs +++ b/tracer/test/Datadog.Trace.Security.IntegrationTests/AspNetCore2.cs @@ -20,7 +20,7 @@ namespace Datadog.Trace.Security.IntegrationTests public class AspNetCore2TestsSecurityDisabled : AspNetCoreBase { public AspNetCore2TestsSecurityDisabled(AspNetCoreTestFixture fixture, ITestOutputHelper outputHelper) - : base("AspNetCore2", fixture, outputHelper, "/shutdown", enableSecurity: false, testName: "AspNetCore2.SecurityDisabled") + : base("AspNetCore2", fixture, outputHelper, "/shutdown", enableSecurity: false, testName: "AspNetCore2.SecurityDisabled", clearMetaStruct: true) { } } @@ -28,7 +28,7 @@ public AspNetCore2TestsSecurityDisabled(AspNetCoreTestFixture fixture, ITestOutp public class AspNetCore2TestsSecurityEnabled : AspNetCoreBase { public AspNetCore2TestsSecurityEnabled(AspNetCoreTestFixture fixture, ITestOutputHelper outputHelper) - : base("AspNetCore2", fixture, outputHelper, "/shutdown", enableSecurity: true, testName: "AspNetCore2.SecurityEnabled") + : base("AspNetCore2", fixture, outputHelper, "/shutdown", enableSecurity: true, testName: "AspNetCore2.SecurityEnabled", clearMetaStruct: true) { } } diff --git a/tracer/test/Datadog.Trace.Security.IntegrationTests/AspNetCoreBase.cs b/tracer/test/Datadog.Trace.Security.IntegrationTests/AspNetCoreBase.cs index a2de01890c0c..0b88c41ae770 100644 --- a/tracer/test/Datadog.Trace.Security.IntegrationTests/AspNetCoreBase.cs +++ b/tracer/test/Datadog.Trace.Security.IntegrationTests/AspNetCoreBase.cs @@ -17,8 +17,8 @@ namespace Datadog.Trace.Security.IntegrationTests { public abstract class AspNetCoreBase : AspNetBase, IClassFixture { - public AspNetCoreBase(string sampleName, AspNetCoreTestFixture fixture, ITestOutputHelper outputHelper, string shutdownPath, bool enableSecurity = true, string testName = null) - : base(sampleName, outputHelper, shutdownPath ?? "/shutdown", testName: testName) + public AspNetCoreBase(string sampleName, AspNetCoreTestFixture fixture, ITestOutputHelper outputHelper, string shutdownPath, bool enableSecurity = true, string testName = null, bool clearMetaStruct = false) + : base(sampleName, outputHelper, shutdownPath ?? "/shutdown", testName: testName, clearMetaStruct: clearMetaStruct) { EnableSecurity = enableSecurity; Fixture = fixture; diff --git a/tracer/test/Datadog.Trace.Security.IntegrationTests/AspNetCoreWithExternalRulesFileBase.cs b/tracer/test/Datadog.Trace.Security.IntegrationTests/AspNetCoreWithExternalRulesFileBase.cs index 0eaf6ceacfee..7d468150715f 100644 --- a/tracer/test/Datadog.Trace.Security.IntegrationTests/AspNetCoreWithExternalRulesFileBase.cs +++ b/tracer/test/Datadog.Trace.Security.IntegrationTests/AspNetCoreWithExternalRulesFileBase.cs @@ -28,7 +28,7 @@ public AspNetCoreSecurityDisabledWithExternalRulesFile(string sampleName, AspNet public abstract class AspNetCoreSecurityEnabledWithExternalRulesFileIIS : AspNetCoreWithExternalRulesFileBaseIIS { public AspNetCoreSecurityEnabledWithExternalRulesFileIIS(string sampleName, IisFixture fixture, ITestOutputHelper outputHelper, string shutdownPath, IisAppType appType, string ruleFile = null, string testName = null) - : base(sampleName, fixture, outputHelper, shutdownPath, appType, enableSecurity: true, ruleFile: ruleFile, testName: testName) + : base(sampleName, fixture, outputHelper, shutdownPath, appType, enableSecurity: true, ruleFile: ruleFile, testName: testName, clearMetaStruct: true) { } @@ -48,7 +48,7 @@ public async Task TestBlockedHeader(string test, HttpStatusCode expectedStatusCo public abstract class AspNetCoreSecurityEnabledWithExternalRulesFile : AspNetCoreWithExternalRulesFileBase { public AspNetCoreSecurityEnabledWithExternalRulesFile(string sampleName, AspNetCoreTestFixture fixture, ITestOutputHelper outputHelper, string shutdownPath, string ruleFile = null, string testName = null) - : base(sampleName, fixture, outputHelper, shutdownPath, enableSecurity: true, ruleFile: ruleFile, testName: testName) + : base(sampleName, fixture, outputHelper, shutdownPath, enableSecurity: true, ruleFile: ruleFile, testName: testName, clearMetaStruct: true) { } @@ -101,12 +101,14 @@ public AspNetCoreWithExternalRulesFileBase( string ruleFile = null, string blockingJsonTemplate = null, string blockingHtmlTemplate = null, - string testName = null) + string testName = null, + bool clearMetaStruct = false) : base( sampleName, outputHelper, shutdownPath ?? "/shutdown", - testName: testName) + testName: testName, + clearMetaStruct: clearMetaStruct) { EnableSecurity = enableSecurity; Fixture = fixture; @@ -150,8 +152,8 @@ public async Task TestBlockedRequest(string test, string url) public abstract class AspNetCoreWithExternalRulesFileBaseIIS : AspNetBase, IClassFixture { - public AspNetCoreWithExternalRulesFileBaseIIS(string sampleName, IisFixture fixture, ITestOutputHelper outputHelper, string shutdownPath, IisAppType appType, bool enableSecurity = true, string ruleFile = null, string testName = null) - : base(sampleName, outputHelper, shutdownPath ?? "/shutdown", testName: testName, samplesDir: "test\\test-applications\\security") + public AspNetCoreWithExternalRulesFileBaseIIS(string sampleName, IisFixture fixture, ITestOutputHelper outputHelper, string shutdownPath, IisAppType appType, bool enableSecurity = true, string ruleFile = null, string testName = null, bool clearMetaStruct = false) + : base(sampleName, outputHelper, shutdownPath ?? "/shutdown", testName: testName, samplesDir: "test\\test-applications\\security", clearMetaStruct: clearMetaStruct) { EnableSecurity = enableSecurity; Fixture = fixture; diff --git a/tracer/test/Datadog.Trace.Security.IntegrationTests/AspNetWebForms.cs b/tracer/test/Datadog.Trace.Security.IntegrationTests/AspNetWebForms.cs index 1337ef4ffdbb..f84792a39b53 100644 --- a/tracer/test/Datadog.Trace.Security.IntegrationTests/AspNetWebForms.cs +++ b/tracer/test/Datadog.Trace.Security.IntegrationTests/AspNetWebForms.cs @@ -62,6 +62,7 @@ public AspNetWebForms(IisFixture iisFixture, ITestOutputHelper output, bool clas { SetSecurity(enableSecurity); SetEnvironmentVariable(Configuration.ConfigurationKeys.AppSec.Rules, DefaultRuleFile); + SetEnvironmentVariable(Configuration.ConfigurationKeys.AppSec.StackTraceEnabled, "false"); _iisFixture = iisFixture; _classicMode = classicMode; diff --git a/tracer/test/Datadog.Trace.Security.IntegrationTests/IAST/AspNetCore2IastTests.cs b/tracer/test/Datadog.Trace.Security.IntegrationTests/IAST/AspNetCore2IastTests.cs index 2fc4cbc20c9f..c98b4e7a68e5 100644 --- a/tracer/test/Datadog.Trace.Security.IntegrationTests/IAST/AspNetCore2IastTests.cs +++ b/tracer/test/Datadog.Trace.Security.IntegrationTests/IAST/AspNetCore2IastTests.cs @@ -663,6 +663,7 @@ public AspNetCore2IastTests(AspNetCoreTestFixture fixture, ITestOutputHelper out VulnerabilitiesPerRequest = vulnerabilitiesPerRequest; SamplingRate = samplingRate; IastTelemetryLevel = iastTelemetryLevel; + SetEnvironmentVariable(ConfigurationKeys.AppSec.StackTraceEnabled, "false"); } protected AspNetCoreTestFixture Fixture { get; } diff --git a/tracer/test/Datadog.Trace.Security.IntegrationTests/IAST/AspNetCore5IastTests.cs b/tracer/test/Datadog.Trace.Security.IntegrationTests/IAST/AspNetCore5IastTests.cs index 4473ef291d6d..ef2b3db71636 100644 --- a/tracer/test/Datadog.Trace.Security.IntegrationTests/IAST/AspNetCore5IastTests.cs +++ b/tracer/test/Datadog.Trace.Security.IntegrationTests/IAST/AspNetCore5IastTests.cs @@ -27,9 +27,8 @@ namespace Datadog.Trace.Security.IntegrationTests.Iast; public class AspNetCore5IastTestsFullSamplingIastEnabled : AspNetCore5IastTestsFullSampling { public AspNetCore5IastTestsFullSamplingIastEnabled(AspNetCoreTestFixture fixture, ITestOutputHelper outputHelper) - : base(fixture, outputHelper, enableIast: true, vulnerabilitiesPerRequest: 200, isIastDeduplicationEnabled: false, testName: "AspNetCore5IastTestsEnabled") + : base(fixture, outputHelper, enableIast: true, vulnerabilitiesPerRequest: 200, isIastDeduplicationEnabled: false, testName: "AspNetCore5IastTestsFullSamplingIastEnabled") { - SetEnvironmentVariable("ASPNETCORE_ENVIRONMENT", "Development"); } // When the request is finished without this X-Content-Type-Options: nosniff header and the content-type of the request looks @@ -312,12 +311,105 @@ await VerifyHelper.VerifySpans(spansFiltered, settings) .UseFileName(filename) .DisableRequireUniquePrefix(); } + + [SkippableTheory] + [Trait("RunOnWindows", "True")] + [InlineData(-1, 10)] + [InlineData(-1, 15)] + [InlineData(15, 15)] + [InlineData(5, 15)] + public async Task TestMaxRanges(int maxRanges, int nbrRangesCreated) + { + // Set the configuration (use default configuration if -1 is passed) + var maxRangesConfiguration = maxRanges == -1 ? IastSettings.MaxRangeCountDefault : maxRanges; + SetEnvironmentVariable(ConfigurationKeys.Iast.MaxRangeCount, maxRangesConfiguration.ToString()); + + var filename = "Iast.MaxRanges.AspNetCore5.IastEnabled." + maxRangesConfiguration + "." + nbrRangesCreated; + var url = "/Iast/MaxRanges?count=" + nbrRangesCreated + "&tainted=taintedString|"; + + IncludeAllHttpSpans = true; + + // Using a new fixture here to use a new process that applies + // correctly the new environment variable value that is changing between tests + var newFixture = new AspNetCoreTestFixture(); + newFixture.SetOutput(Output); + await TryStartApp(newFixture); + + var agent = newFixture.Agent; + var spans = await SendRequestsAsync(agent, [url]); + var spansFiltered = spans.Where(x => x.Type == SpanTypes.Web).ToList(); + + var settings = VerifyHelper.GetSpanVerifierSettings(); + settings.AddIastScrubbing(); + await VerifyHelper.VerifySpans(spansFiltered, settings) + .UseFileName(filename) + .DisableRequireUniquePrefix(); + + newFixture.Dispose(); + newFixture.SetOutput(null); + } +} + +// Class to test particular features (not running all the default tests) +public class AspNetCore5IastTestsStackTraces : AspNetCore5IastTests +{ + public AspNetCore5IastTestsStackTraces(AspNetCoreTestFixture fixture, ITestOutputHelper outputHelper) + : base(fixture, outputHelper, enableIast: true, testName: "AspNetCore5IastTestsStackTraces", samplingRate: 100, isIastDeduplicationEnabled: false, vulnerabilitiesPerRequest: 200, redactionEnabled: true) + { + SetEnvironmentVariable(ConfigurationKeys.AppSec.StackTraceEnabled, "true"); + SetEnvironmentVariable(ConfigurationKeys.AppSec.MaxStackTraceDepth, "1"); + } + + [SkippableTheory] + [Trait("RunOnWindows", "True")] + [InlineData("Vulnerability.WithoutLocation", "/Iast/InsecureCookie")] + [InlineData("Vulnerability.InFunction", "/Iast/GetFileContent?file=nonexisting.txt")] + [InlineData("Vulnerability.LocatedDeeper", "/Iast/WeakHashing")] + [InlineData("Vulnerability.LocatedInRenderPipeline", "/Iast/ReflectedXss?param=RawValue")] + public async Task TestVulnerabilityStack(string name, string url) + { + var fileName = "Iast.Stacks." + name; + + IncludeAllHttpSpans = true; + await TryStartApp(); + var agent = Fixture.Agent; + var spans = await SendRequestsAsync(agent, new string[] { url }); + + var settings = VerifyHelper.GetSpanVerifierSettings(); + settings.AddIastScrubbing(); + var hashRegex = (new Regex(@"""hash"": -?\d+"), @"""hash"": XXX"); + var pathRegex = (new Regex(@"""path"": ""AspNetCore.*\."), @"""path"": ""AspNetCore."); + + settings.AddRegexScrubber(hashRegex); + settings.AddRegexScrubber(pathRegex); + + foreach (var span in spans) + { + if (span.MetaStruct is not null) + { + if (span.MetaStruct.TryGetValue("_dd.stack", out var data)) + { + var json = MetaStructToJson(data); + span.Tags["_dd.stack"] = json; + } + + foreach (var key in span.MetaStruct.Keys.ToArray()) + { + span.MetaStruct[key] = []; + } + } + } + + await VerifyHelper.VerifySpans(spans, settings) + .UseFileName(fileName) + .DisableRequireUniquePrefix(); + } } public abstract class AspNetCore5IastTests50PctSamplingIastEnabled : AspNetCore5IastTests { public AspNetCore5IastTests50PctSamplingIastEnabled(AspNetCoreTestFixture fixture, ITestOutputHelper outputHelper) - : base(fixture, outputHelper, enableIast: true, testName: "AspNetCore5IastTestsEnabled", isIastDeduplicationEnabled: false, vulnerabilitiesPerRequest: 100, samplingRate: 50) + : base(fixture, outputHelper, enableIast: true, testName: "AspNetCore5IastTests50PctSamplingIastEnabled", isIastDeduplicationEnabled: false, vulnerabilitiesPerRequest: 100, samplingRate: 50) { } @@ -469,7 +561,7 @@ public async Task TestIastLocationSpanId() public abstract class AspNetCore5IastTestsVariableVulnerabilityPerRequestIastEnabled : AspNetCore5IastTests { public AspNetCore5IastTestsVariableVulnerabilityPerRequestIastEnabled(AspNetCoreTestFixture fixture, ITestOutputHelper outputHelper, int vulnerabilitiesPerRequest) - : base(fixture, outputHelper, enableIast: true, testName: "AspNetCore5IastTestsEnabled", isIastDeduplicationEnabled: false, samplingRate: 100, vulnerabilitiesPerRequest: vulnerabilitiesPerRequest) + : base(fixture, outputHelper, enableIast: true, testName: "AspNetCore5IastTestsVariableVulnerabilityPerRequestIastEnabled", isIastDeduplicationEnabled: false, samplingRate: 100, vulnerabilitiesPerRequest: vulnerabilitiesPerRequest) { } @@ -487,47 +579,10 @@ public async Task TestIastWeakHashingRequestVulnerabilitiesPerRequest() public class AspNetCore5IastTestsRestartedSampleIastEnabled : AspNetCore5IastTests { public AspNetCore5IastTestsRestartedSampleIastEnabled(AspNetCoreTestFixture fixture, ITestOutputHelper outputHelper) - : base(fixture, outputHelper, enableIast: true, vulnerabilitiesPerRequest: 200, isIastDeduplicationEnabled: false, testName: "AspNetCore5IastTestsEnabled", redactionEnabled: true, samplingRate: 100) + : base(fixture, outputHelper, enableIast: true, vulnerabilitiesPerRequest: 200, isIastDeduplicationEnabled: false, testName: "AspNetCore5IastTestsRestartedSampleIastEnabled", redactionEnabled: true, samplingRate: 100) { } - [SkippableTheory] - [Trait("RunOnWindows", "True")] - [InlineData(-1, 10)] - [InlineData(-1, 15)] - [InlineData(15, 15)] - [InlineData(5, 15)] - public async Task TestMaxRanges(int maxRanges, int nbrRangesCreated) - { - // Set the configuration (use default configuration if -1 is passed) - var maxRangesConfiguration = maxRanges == -1 ? IastSettings.MaxRangeCountDefault : maxRanges; - SetEnvironmentVariable(ConfigurationKeys.Iast.MaxRangeCount, maxRangesConfiguration.ToString()); - - var filename = "Iast.MaxRanges.AspNetCore5.IastEnabled." + maxRangesConfiguration + "." + nbrRangesCreated; - var url = "/Iast/MaxRanges?count=" + nbrRangesCreated + "&tainted=taintedString|"; - - IncludeAllHttpSpans = true; - - // Using a new fixture here to use a new process that applies - // correctly the new environment variable value that is changing between tests - var newFixture = new AspNetCoreTestFixture(); - newFixture.SetOutput(Output); - await TryStartApp(newFixture); - - var agent = newFixture.Agent; - var spans = await SendRequestsAsync(agent, [url]); - var spansFiltered = spans.Where(x => x.Type == SpanTypes.Web).ToList(); - - var settings = VerifyHelper.GetSpanVerifierSettings(); - settings.AddIastScrubbing(); - await VerifyHelper.VerifySpans(spansFiltered, settings) - .UseFileName(filename) - .DisableRequireUniquePrefix(); - - newFixture.Dispose(); - newFixture.SetOutput(null); - } - [SkippableTheory] [InlineData("IAST_TEST_ENABLE_DIRECTORY_LISTING_REQUEST_PATH")] [InlineData("IAST_TEST_ENABLE_DIRECTORY_LISTING_WHOLE_APP")] @@ -602,7 +657,7 @@ await VerifyHelper.VerifySpans(spans, settings) public class AspNetCore5IastTestsStandaloneBillingIastEnabled : AspNetCore5IastTests { public AspNetCore5IastTestsStandaloneBillingIastEnabled(AspNetCoreTestFixture fixture, ITestOutputHelper outputHelper) - : base(fixture, outputHelper, enableIast: true, vulnerabilitiesPerRequest: 200, isIastDeduplicationEnabled: false, testName: "AspNetCore5IastTestsEnabled", redactionEnabled: true, samplingRate: 100) + : base(fixture, outputHelper, enableIast: true, vulnerabilitiesPerRequest: 200, isIastDeduplicationEnabled: false, testName: "AspNetCore5IastTestsStandaloneBillingIastEnabled", redactionEnabled: true, samplingRate: 100) { // Set environment variable to enable the Standalone ASM Billing feature SetEnvironmentVariable("DD_EXPERIMENTAL_APPSEC_STANDALONE_ENABLED", "true"); @@ -1230,6 +1285,9 @@ public AspNetCore5IastTests(AspNetCoreTestFixture fixture, ITestOutputHelper out SamplingRate = samplingRate; RedactionEnabled = redactionEnabled; IastTelemetryLevel = iastTelemetryLevel; + + SetEnvironmentVariable("ASPNETCORE_ENVIRONMENT", "Development"); + SetEnvironmentVariable(ConfigurationKeys.AppSec.StackTraceEnabled, "false"); } protected AspNetCoreTestFixture Fixture { get; } diff --git a/tracer/test/Datadog.Trace.Security.IntegrationTests/IAST/AspNetMvc5IastTests.cs b/tracer/test/Datadog.Trace.Security.IntegrationTests/IAST/AspNetMvc5IastTests.cs index a14211231a39..9c3f14b54088 100644 --- a/tracer/test/Datadog.Trace.Security.IntegrationTests/IAST/AspNetMvc5IastTests.cs +++ b/tracer/test/Datadog.Trace.Security.IntegrationTests/IAST/AspNetMvc5IastTests.cs @@ -146,6 +146,7 @@ public AspNetMvc5ClassicWithIastTelemetryEnabled(IisFixture iisFixture, ITestOut SetEnvironmentVariable("DD_IAST_REQUEST_SAMPLING", "100"); SetEnvironmentVariable("DD_IAST_MAX_CONCURRENT_REQUESTS", "100"); SetEnvironmentVariable("DD_IAST_VULNERABILITIES_PER_REQUEST", "100"); + SetEnvironmentVariable(Configuration.ConfigurationKeys.AppSec.StackTraceEnabled, "false"); _iisFixture = iisFixture; _testName = "Security." + nameof(AspNetMvc5) + ".TelemetryEnabled" + @@ -224,6 +225,7 @@ public AspNetMvc5IastTests(IisFixture iisFixture, ITestOutputHelper output, bool SetEnvironmentVariable("DD_IAST_VULNERABILITIES_PER_REQUEST", "100"); DisableObfuscationQueryString(); SetEnvironmentVariable(Configuration.ConfigurationKeys.AppSec.Rules, DefaultRuleFile); + SetEnvironmentVariable(Configuration.ConfigurationKeys.AppSec.StackTraceEnabled, "false"); _iisFixture = iisFixture; _classicMode = classicMode; diff --git a/tracer/test/Datadog.Trace.Security.IntegrationTests/IAST/Deduplication/DeduplicationTests.cs b/tracer/test/Datadog.Trace.Security.IntegrationTests/IAST/Deduplication/DeduplicationTests.cs index 0fc599774981..a155543e719f 100644 --- a/tracer/test/Datadog.Trace.Security.IntegrationTests/IAST/Deduplication/DeduplicationTests.cs +++ b/tracer/test/Datadog.Trace.Security.IntegrationTests/IAST/Deduplication/DeduplicationTests.cs @@ -43,6 +43,7 @@ public async Task SubmitsTraces(bool deduplicationEnabled, string disableKey = " SetEnvironmentVariable("DD_IAST_ENABLED", "1"); SetEnvironmentVariable("DD_IAST_DEDUPLICATION_ENABLED", deduplicationEnabled.ToString()); + SetEnvironmentVariable("DD_APPSEC_STACK_TRACE_ENABLED", "false"); int expectedSpanCount = instrumented ? (deduplicationEnabled ? 1 : 5) : 0; var filename = deduplicationEnabled ? "iast.deduplication.deduplicated" : "iast.deduplication.duplicated"; diff --git a/tracer/test/Datadog.Trace.Security.IntegrationTests/IAST/Grpc/GrpcDotNetTests.cs b/tracer/test/Datadog.Trace.Security.IntegrationTests/IAST/Grpc/GrpcDotNetTests.cs index 3a5361084b55..90237240c42b 100644 --- a/tracer/test/Datadog.Trace.Security.IntegrationTests/IAST/Grpc/GrpcDotNetTests.cs +++ b/tracer/test/Datadog.Trace.Security.IntegrationTests/IAST/Grpc/GrpcDotNetTests.cs @@ -34,6 +34,7 @@ public GrpcDotNetTests(ITestOutputHelper output) SetEnvironmentVariable(ConfigurationKeys.Iast.IsIastDeduplicationEnabled, "1"); SetEnvironmentVariable("IAST_GRPC_SOURCE_TEST", "1"); + SetEnvironmentVariable("DD_APPSEC_STACK_TRACE_ENABLED", "false"); } [SkippableFact] diff --git a/tracer/test/Datadog.Trace.Security.IntegrationTests/IAST/WeakCipher/WeakCipherTests.cs b/tracer/test/Datadog.Trace.Security.IntegrationTests/IAST/WeakCipher/WeakCipherTests.cs index 4250b7009466..59571d528206 100644 --- a/tracer/test/Datadog.Trace.Security.IntegrationTests/IAST/WeakCipher/WeakCipherTests.cs +++ b/tracer/test/Datadog.Trace.Security.IntegrationTests/IAST/WeakCipher/WeakCipherTests.cs @@ -26,6 +26,7 @@ public WeakCipherTests(ITestOutputHelper output) : base("WeakCipher", output) { SetServiceVersion("1.0.0"); + SetEnvironmentVariable("DD_APPSEC_STACK_TRACE_ENABLED", "false"); } #if !NET7_0_OR_GREATER diff --git a/tracer/test/Datadog.Trace.Security.Unit.Tests/IAST/LocationTests.cs b/tracer/test/Datadog.Trace.Security.Unit.Tests/IAST/LocationTests.cs index c454694e4bf2..0c79ca2183a4 100644 --- a/tracer/test/Datadog.Trace.Security.Unit.Tests/IAST/LocationTests.cs +++ b/tracer/test/Datadog.Trace.Security.Unit.Tests/IAST/LocationTests.cs @@ -51,8 +51,9 @@ public void GivenALocation_WhenCreatedFromNull_NothingIsStored() [Fact] public void GivenALocation_WhenCreatedFromStackFrame_ValueIsExpected() { - var stack = new StackTrace().GetFrame(0); - var location = new Location(stack, null); + var stack = new StackTrace(); + var frame = stack.GetFrame(0); + var location = new Location(frame, stack, null, null); location.Path.Should().Be("Datadog.Trace.Security.Unit.Tests.IAST.LocationTests"); location.Method.Should().Be("GivenALocation_WhenCreatedFromStackFrame_ValueIsExpected"); } diff --git a/tracer/test/Datadog.Trace.Security.Unit.Tests/IAST/StackWalkerTests.cs b/tracer/test/Datadog.Trace.Security.Unit.Tests/IAST/StackWalkerTests.cs index dd50061e140e..6192f83d9500 100644 --- a/tracer/test/Datadog.Trace.Security.Unit.Tests/IAST/StackWalkerTests.cs +++ b/tracer/test/Datadog.Trace.Security.Unit.Tests/IAST/StackWalkerTests.cs @@ -23,8 +23,8 @@ public class StackWalkerTests public void CheckAssemblyExclussion(string assemblyName, bool outcome) { // we check twice to make sure that the cache does not change the outcome - StackWalker.AssemblyExcluded(assemblyName).Should().Be(outcome); - StackWalker.AssemblyExcluded(assemblyName).Should().Be(outcome); + StackWalker.MustSkipAssembly(assemblyName).Should().Be(outcome); + StackWalker.MustSkipAssembly(assemblyName).Should().Be(outcome); } } } diff --git a/tracer/test/snapshots/Iast.StackTraceLeak.AspNetCore5.NotVulnerable.verified.txt b/tracer/test/snapshots/Iast.StackTraceLeak.AspNetCore5.NotVulnerable.verified.txt index 95327e71e628..ac79430cba05 100644 --- a/tracer/test/snapshots/Iast.StackTraceLeak.AspNetCore5.NotVulnerable.verified.txt +++ b/tracer/test/snapshots/Iast.StackTraceLeak.AspNetCore5.NotVulnerable.verified.txt @@ -26,10 +26,32 @@ at Samples.Security.AspNetCore5.Controllers.IastController.StackTraceLeak(), language: dotnet, runtime-id: Guid_1, span.kind: server, - _dd.iast.enabled: 1 + _dd.iast.enabled: 1, + _dd.iast.json: +{ + "vulnerabilities": [ + { + "type": "STACKTRACE_LEAK", + "hash": 1099366274, + "location": { + "spanId": XXX, + "path": "Samples.Security.AspNetCore5.Controllers.IastController", + "method": "StackTraceLeak" + }, + "evidence": { + "value": "Samples.Security.AspNetCore5,SystemException" + } + } + ] +} }, Metrics: { process_id: 0, + _dd.iast.telemetry.executed.sink.header_injection: 1.0, + _dd.iast.telemetry.executed.sink.hsts_header_missing: 1.0, + _dd.iast.telemetry.executed.sink.stacktrace_leak: 1.0, + _dd.iast.telemetry.executed.sink.unvalidated_redirect: 1.0, + _dd.iast.telemetry.executed.sink.xcontenttype_header_missing: 1.0, _dd.iast.telemetry.executed.source.http_request_cookie_name: 1.0, _dd.iast.telemetry.executed.source.http_request_cookie_value: 1.0, _dd.iast.telemetry.executed.source.http_request_header: 1.0, @@ -42,7 +64,7 @@ at Samples.Security.AspNetCore5.Controllers.IastController.StackTraceLeak(), _dd.iast.telemetry.request.tainted:, _dd.top_level: 1.0, _dd.tracer_kr: 1.0, - _sampling_priority_v1: 1.0 + _sampling_priority_v1: 2.0 } }, { diff --git a/tracer/test/snapshots/Iast.Stacks.Vulnerability.InFunction.verified.txt b/tracer/test/snapshots/Iast.Stacks.Vulnerability.InFunction.verified.txt new file mode 100644 index 000000000000..f75b1f9d1a66 --- /dev/null +++ b/tracer/test/snapshots/Iast.Stacks.Vulnerability.InFunction.verified.txt @@ -0,0 +1,100 @@ +[ + { + TraceId: Id_1, + SpanId: Id_2, + Name: aspnet_core.request, + Resource: GET /iast/getfilecontent, + Service: Samples.Security.AspNetCore5, + Type: web, + Tags: { + aspnet_core.endpoint: Samples.Security.AspNetCore5.Controllers.IastController.GetFileContent (Samples.Security.AspNetCore5), + aspnet_core.route: iast/getfilecontent, + component: aspnet_core, + env: integration_tests, + http.method: GET, + http.request.headers.host: localhost:00000, + http.route: iast/getfilecontent, + http.status_code: 200, + http.url: http://localhost:00000/Iast/GetFileContent?file=nonexisting.txt, + http.useragent: Mistake Not..., + language: dotnet, + runtime-id: Guid_1, + span.kind: server, + _dd.iast.enabled: 1, + _dd.iast.json: +{ + "vulnerabilities": [ + { + "type": "PATH_TRAVERSAL", + "hash": XXX, + "location": { + "spanId": XXX, + "path": "Samples.Security.AspNetCore5.Controllers.IastController", + "method": "GetFileContent", + "stackId": "1" + }, + "evidence": { + "valueParts": [ + { + "value": "nonexisting.txt", + "source": 0 + } + ] + } + } + ], + "sources": [ + { + "origin": "http.request.parameter", + "name": "file", + "value": "nonexisting.txt" + } + ] +}, + _dd.stack: +{ + "vulnerability": [ + { + "language": "dotnet", + "id": "1", + "frames": [ + { + "id": 0, + "namespace": "Samples.Security.AspNetCore5.Controllers", + "class_name": "IastController", + "function": "GetFileContent" + } + ] + } + ] +} + }, + Metrics: { + process_id: 0, + _dd.top_level: 1.0, + _dd.tracer_kr: 1.0, + _sampling_priority_v1: 2.0 + }, + MetaStruct: { + _dd.stack: + } + }, + { + TraceId: Id_1, + SpanId: Id_3, + Name: aspnet_core_mvc.request, + Resource: GET /iast/getfilecontent, + Service: Samples.Security.AspNetCore5, + Type: web, + ParentId: Id_2, + Tags: { + aspnet_core.action: getfilecontent, + aspnet_core.controller: iast, + aspnet_core.route: iast/getfilecontent, + component: aspnet_core, + env: integration_tests, + language: dotnet, + span.kind: server + } + } +] \ No newline at end of file diff --git a/tracer/test/snapshots/Iast.Stacks.Vulnerability.LocatedDeeper.verified.txt b/tracer/test/snapshots/Iast.Stacks.Vulnerability.LocatedDeeper.verified.txt new file mode 100644 index 000000000000..394290d18c1a --- /dev/null +++ b/tracer/test/snapshots/Iast.Stacks.Vulnerability.LocatedDeeper.verified.txt @@ -0,0 +1,113 @@ +[ + { + TraceId: Id_1, + SpanId: Id_2, + Name: aspnet_core.request, + Resource: GET /iast/weakhashing, + Service: Samples.Security.AspNetCore5, + Type: web, + Tags: { + aspnet_core.endpoint: Samples.Security.AspNetCore5.Controllers.IastController.WeakHashing (Samples.Security.AspNetCore5), + aspnet_core.route: iast/weakhashing, + component: aspnet_core, + env: integration_tests, + http.method: GET, + http.request.headers.host: localhost:00000, + http.route: iast/weakhashing, + http.status_code: 200, + http.url: http://localhost:00000/Iast/WeakHashing, + http.useragent: Mistake Not..., + language: dotnet, + runtime-id: Guid_1, + span.kind: server, + _dd.iast.enabled: 1, + _dd.iast.json: +{ + "vulnerabilities": [ + { + "type": "WEAK_HASH", + "hash": XXX, + "location": { + "spanId": XXX, + "path": "Samples.Security.AspNetCore5.Controllers.IastController", + "method": "WeakHashing", + "stackId": "1" + }, + "evidence": { + "value": "MD5" + } + }, + { + "type": "WEAK_HASH", + "hash": XXX, + "location": { + "spanId": XXX, + "path": "Samples.Security.AspNetCore5.Controllers.IastController", + "method": "WeakHashing", + "stackId": "2" + }, + "evidence": { + "value": "SHA1" + } + } + ] +}, + _dd.stack: +{ + "vulnerability": [ + { + "language": "dotnet", + "id": "1", + "frames": [ + { + "id": 0, + "namespace": "System.Security.Cryptography", + "class_name": "HashAlgorithm", + "function": "ComputeHash" + } + ] + }, + { + "language": "dotnet", + "id": "2", + "frames": [ + { + "id": 0, + "namespace": "System.Security.Cryptography", + "class_name": "HashAlgorithm", + "function": "ComputeHash" + } + ] + } + ] +} + }, + Metrics: { + process_id: 0, + _dd.top_level: 1.0, + _dd.tracer_kr: 1.0, + _sampling_priority_v1: 2.0 + }, + MetaStruct: { + _dd.stack: + } + }, + { + TraceId: Id_1, + SpanId: Id_3, + Name: aspnet_core_mvc.request, + Resource: GET /iast/weakhashing, + Service: Samples.Security.AspNetCore5, + Type: web, + ParentId: Id_2, + Tags: { + aspnet_core.action: weakhashing, + aspnet_core.controller: iast, + aspnet_core.route: iast/weakhashing, + component: aspnet_core, + env: integration_tests, + language: dotnet, + span.kind: server + } + } +] \ No newline at end of file diff --git a/tracer/test/snapshots/Iast.Stacks.Vulnerability.LocatedInFunction.verified.txt b/tracer/test/snapshots/Iast.Stacks.Vulnerability.LocatedInFunction.verified.txt new file mode 100644 index 000000000000..f75b1f9d1a66 --- /dev/null +++ b/tracer/test/snapshots/Iast.Stacks.Vulnerability.LocatedInFunction.verified.txt @@ -0,0 +1,100 @@ +[ + { + TraceId: Id_1, + SpanId: Id_2, + Name: aspnet_core.request, + Resource: GET /iast/getfilecontent, + Service: Samples.Security.AspNetCore5, + Type: web, + Tags: { + aspnet_core.endpoint: Samples.Security.AspNetCore5.Controllers.IastController.GetFileContent (Samples.Security.AspNetCore5), + aspnet_core.route: iast/getfilecontent, + component: aspnet_core, + env: integration_tests, + http.method: GET, + http.request.headers.host: localhost:00000, + http.route: iast/getfilecontent, + http.status_code: 200, + http.url: http://localhost:00000/Iast/GetFileContent?file=nonexisting.txt, + http.useragent: Mistake Not..., + language: dotnet, + runtime-id: Guid_1, + span.kind: server, + _dd.iast.enabled: 1, + _dd.iast.json: +{ + "vulnerabilities": [ + { + "type": "PATH_TRAVERSAL", + "hash": XXX, + "location": { + "spanId": XXX, + "path": "Samples.Security.AspNetCore5.Controllers.IastController", + "method": "GetFileContent", + "stackId": "1" + }, + "evidence": { + "valueParts": [ + { + "value": "nonexisting.txt", + "source": 0 + } + ] + } + } + ], + "sources": [ + { + "origin": "http.request.parameter", + "name": "file", + "value": "nonexisting.txt" + } + ] +}, + _dd.stack: +{ + "vulnerability": [ + { + "language": "dotnet", + "id": "1", + "frames": [ + { + "id": 0, + "namespace": "Samples.Security.AspNetCore5.Controllers", + "class_name": "IastController", + "function": "GetFileContent" + } + ] + } + ] +} + }, + Metrics: { + process_id: 0, + _dd.top_level: 1.0, + _dd.tracer_kr: 1.0, + _sampling_priority_v1: 2.0 + }, + MetaStruct: { + _dd.stack: + } + }, + { + TraceId: Id_1, + SpanId: Id_3, + Name: aspnet_core_mvc.request, + Resource: GET /iast/getfilecontent, + Service: Samples.Security.AspNetCore5, + Type: web, + ParentId: Id_2, + Tags: { + aspnet_core.action: getfilecontent, + aspnet_core.controller: iast, + aspnet_core.route: iast/getfilecontent, + component: aspnet_core, + env: integration_tests, + language: dotnet, + span.kind: server + } + } +] \ No newline at end of file diff --git a/tracer/test/snapshots/Iast.Stacks.Vulnerability.LocatedInRenderPipeline.verified.txt b/tracer/test/snapshots/Iast.Stacks.Vulnerability.LocatedInRenderPipeline.verified.txt new file mode 100644 index 000000000000..e10912e1be65 --- /dev/null +++ b/tracer/test/snapshots/Iast.Stacks.Vulnerability.LocatedInRenderPipeline.verified.txt @@ -0,0 +1,103 @@ +[ + { + TraceId: Id_1, + SpanId: Id_2, + Name: aspnet_core.request, + Resource: GET /iast/reflectedxss, + Service: Samples.Security.AspNetCore5, + Type: web, + Tags: { + aspnet_core.endpoint: Samples.Security.AspNetCore5.Controllers.IastController.ReflectedXss (Samples.Security.AspNetCore5), + aspnet_core.route: iast/reflectedxss, + component: aspnet_core, + env: integration_tests, + http.method: GET, + http.request.headers.host: localhost:00000, + http.route: iast/reflectedxss, + http.status_code: 200, + http.url: http://localhost:00000/Iast/ReflectedXss?param=%3Cb%3ERawValue%3C/b%3E, + http.useragent: Mistake Not..., + language: dotnet, + runtime-id: Guid_1, + span.kind: server, + _dd.iast.enabled: 1, + _dd.iast.json: +{ + "vulnerabilities": [ + { + "type": "XSS", + "hash": XXX, + "location": { + "spanId": XXX, + "path": "AspNetCore.Views_Iast_Xss+<b__8_1>d", + "method": "MoveNext", + "stackId": "1" + }, + "evidence": { + "valueParts": [ + { + "value": "RawValue", + "source": 0 + }, + { + "redacted": true + } + ] + } + } + ], + "sources": [ + { + "origin": "http.request.parameter", + "name": "param", + "value": "RawValue" + } + ] +}, + _dd.stack: +{ + "vulnerability": [ + { + "language": "dotnet", + "id": "1", + "frames": [ + { + "id": 0, + "namespace": "Microsoft.AspNetCore.Html", + "class_name": "HtmlString", + "function": ".ctor" + } + ] + } + ] +} + }, + Metrics: { + process_id: 0, + _dd.top_level: 1.0, + _dd.tracer_kr: 1.0, + _sampling_priority_v1: 2.0 + }, + MetaStruct: { + _dd.stack: + } + }, + { + TraceId: Id_1, + SpanId: Id_3, + Name: aspnet_core_mvc.request, + Resource: GET /iast/reflectedxss, + Service: Samples.Security.AspNetCore5, + Type: web, + ParentId: Id_2, + Tags: { + aspnet_core.action: reflectedxss, + aspnet_core.controller: iast, + aspnet_core.route: iast/reflectedxss, + component: aspnet_core, + env: integration_tests, + language: dotnet, + span.kind: server + } + } +] \ No newline at end of file diff --git a/tracer/test/snapshots/Iast.Stacks.Vulnerability.WithoutLocation.verified.txt b/tracer/test/snapshots/Iast.Stacks.Vulnerability.WithoutLocation.verified.txt new file mode 100644 index 000000000000..d94c9794ce86 --- /dev/null +++ b/tracer/test/snapshots/Iast.Stacks.Vulnerability.WithoutLocation.verified.txt @@ -0,0 +1,62 @@ +[ + { + TraceId: Id_1, + SpanId: Id_2, + Name: aspnet_core.request, + Resource: GET /iast/insecurecookie, + Service: Samples.Security.AspNetCore5, + Type: web, + Tags: { + aspnet_core.endpoint: Samples.Security.AspNetCore5.Controllers.IastController.InsecureCookie (Samples.Security.AspNetCore5), + aspnet_core.route: iast/insecurecookie, + component: aspnet_core, + env: integration_tests, + http.method: GET, + http.request.headers.host: localhost:00000, + http.route: iast/insecurecookie, + http.status_code: 200, + http.url: http://localhost:00000/Iast/InsecureCookie, + http.useragent: Mistake Not..., + language: dotnet, + runtime-id: Guid_1, + span.kind: server, + _dd.iast.enabled: 1, + _dd.iast.json: +{ + "vulnerabilities": [ + { + "type": "INSECURE_COOKIE", + "hash": XXX, + "evidence": { + "value": "insecureKey" + } + } + ] +} + }, + Metrics: { + process_id: 0, + _dd.top_level: 1.0, + _dd.tracer_kr: 1.0, + _sampling_priority_v1: 2.0 + } + }, + { + TraceId: Id_1, + SpanId: Id_3, + Name: aspnet_core_mvc.request, + Resource: GET /iast/insecurecookie, + Service: Samples.Security.AspNetCore5, + Type: web, + ParentId: Id_2, + Tags: { + aspnet_core.action: insecurecookie, + aspnet_core.controller: iast, + aspnet_core.route: iast/insecurecookie, + component: aspnet_core, + env: integration_tests, + language: dotnet, + span.kind: server + } + } +] \ No newline at end of file diff --git a/tracer/test/snapshots/Rasp.AspNetCore2.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt b/tracer/test/snapshots/Rasp.AspNetCore2.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt index 204e805c3e7b..9e86258370f2 100644 --- a/tracer/test/snapshots/Rasp.AspNetCore2.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt +++ b/tracer/test/snapshots/Rasp.AspNetCore2.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt @@ -62,6 +62,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } } diff --git a/tracer/test/snapshots/Rasp.AspNetCore2.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt b/tracer/test/snapshots/Rasp.AspNetCore2.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt index 51a2895e1468..a627877955f4 100644 --- a/tracer/test/snapshots/Rasp.AspNetCore2.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt +++ b/tracer/test/snapshots/Rasp.AspNetCore2.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt @@ -62,6 +62,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } } diff --git a/tracer/test/snapshots/Rasp.AspNetCore2.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt b/tracer/test/snapshots/Rasp.AspNetCore2.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt index b7946c89d2b6..a69fe7cb14df 100644 --- a/tracer/test/snapshots/Rasp.AspNetCore2.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt +++ b/tracer/test/snapshots/Rasp.AspNetCore2.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt @@ -60,6 +60,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Rasp.AspNetCore2.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt b/tracer/test/snapshots/Rasp.AspNetCore2.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt index d5bcf6db727b..d7319360410a 100644 --- a/tracer/test/snapshots/Rasp.AspNetCore2.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt +++ b/tracer/test/snapshots/Rasp.AspNetCore2.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt @@ -64,6 +64,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } } diff --git a/tracer/test/snapshots/Rasp.AspNetCore5.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt b/tracer/test/snapshots/Rasp.AspNetCore5.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt index b6f55f8b16b6..711cca232477 100644 --- a/tracer/test/snapshots/Rasp.AspNetCore5.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt +++ b/tracer/test/snapshots/Rasp.AspNetCore5.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt @@ -63,6 +63,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } } diff --git a/tracer/test/snapshots/Rasp.AspNetCore5.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt b/tracer/test/snapshots/Rasp.AspNetCore5.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt index 3768e694a9a9..2e5d28c816ac 100644 --- a/tracer/test/snapshots/Rasp.AspNetCore5.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt +++ b/tracer/test/snapshots/Rasp.AspNetCore5.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt @@ -63,6 +63,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } } diff --git a/tracer/test/snapshots/Rasp.AspNetCore5.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt b/tracer/test/snapshots/Rasp.AspNetCore5.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt index 81a0c7e32ce4..803384730891 100644 --- a/tracer/test/snapshots/Rasp.AspNetCore5.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt +++ b/tracer/test/snapshots/Rasp.AspNetCore5.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt @@ -61,6 +61,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Rasp.AspNetCore5.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt b/tracer/test/snapshots/Rasp.AspNetCore5.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt index 62e200afb007..a05abb5d45b7 100644 --- a/tracer/test/snapshots/Rasp.AspNetCore5.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt +++ b/tracer/test/snapshots/Rasp.AspNetCore5.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt @@ -65,6 +65,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } } diff --git a/tracer/test/snapshots/Rasp.AspNetMvc5.Classic.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt b/tracer/test/snapshots/Rasp.AspNetMvc5.Classic.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt index af57ee99635f..8d761fff57fc 100644 --- a/tracer/test/snapshots/Rasp.AspNetMvc5.Classic.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt +++ b/tracer/test/snapshots/Rasp.AspNetMvc5.Classic.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt @@ -39,6 +39,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } }, diff --git a/tracer/test/snapshots/Rasp.AspNetMvc5.Classic.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt b/tracer/test/snapshots/Rasp.AspNetMvc5.Classic.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt index 7171193f5848..8c11ea5aedee 100644 --- a/tracer/test/snapshots/Rasp.AspNetMvc5.Classic.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt +++ b/tracer/test/snapshots/Rasp.AspNetMvc5.Classic.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt @@ -62,6 +62,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } } diff --git a/tracer/test/snapshots/Rasp.AspNetMvc5.Classic.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt b/tracer/test/snapshots/Rasp.AspNetMvc5.Classic.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt index cb7077ae3470..b3449aa92642 100644 --- a/tracer/test/snapshots/Rasp.AspNetMvc5.Classic.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt +++ b/tracer/test/snapshots/Rasp.AspNetMvc5.Classic.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt @@ -60,6 +60,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Rasp.AspNetMvc5.Classic.SSRF_url=-Iast-SsrfAttackNoCatch-host=127.0.0.1_exploit=SSRF.verified.txt b/tracer/test/snapshots/Rasp.AspNetMvc5.Classic.SSRF_url=-Iast-SsrfAttackNoCatch-host=127.0.0.1_exploit=SSRF.verified.txt index e19e03cf011c..f2893da54fa5 100644 --- a/tracer/test/snapshots/Rasp.AspNetMvc5.Classic.SSRF_url=-Iast-SsrfAttackNoCatch-host=127.0.0.1_exploit=SSRF.verified.txt +++ b/tracer/test/snapshots/Rasp.AspNetMvc5.Classic.SSRF_url=-Iast-SsrfAttackNoCatch-host=127.0.0.1_exploit=SSRF.verified.txt @@ -37,6 +37,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { diff --git a/tracer/test/snapshots/Rasp.AspNetMvc5.Classic.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt b/tracer/test/snapshots/Rasp.AspNetMvc5.Classic.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt index 6f2cff5e12af..446bfeafa9b5 100644 --- a/tracer/test/snapshots/Rasp.AspNetMvc5.Classic.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt +++ b/tracer/test/snapshots/Rasp.AspNetMvc5.Classic.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt @@ -41,6 +41,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } }, diff --git a/tracer/test/snapshots/Rasp.AspNetMvc5.Integrated.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt b/tracer/test/snapshots/Rasp.AspNetMvc5.Integrated.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt index 063afdb49880..8d37d6f02832 100644 --- a/tracer/test/snapshots/Rasp.AspNetMvc5.Integrated.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt +++ b/tracer/test/snapshots/Rasp.AspNetMvc5.Integrated.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt @@ -40,6 +40,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } }, diff --git a/tracer/test/snapshots/Rasp.AspNetMvc5.Integrated.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt b/tracer/test/snapshots/Rasp.AspNetMvc5.Integrated.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt index 565446fc30e2..6d09d95f0ae5 100644 --- a/tracer/test/snapshots/Rasp.AspNetMvc5.Integrated.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt +++ b/tracer/test/snapshots/Rasp.AspNetMvc5.Integrated.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt @@ -63,6 +63,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } } diff --git a/tracer/test/snapshots/Rasp.AspNetMvc5.Integrated.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt b/tracer/test/snapshots/Rasp.AspNetMvc5.Integrated.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt index c4bba936003f..08a61506bacf 100644 --- a/tracer/test/snapshots/Rasp.AspNetMvc5.Integrated.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt +++ b/tracer/test/snapshots/Rasp.AspNetMvc5.Integrated.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt @@ -61,6 +61,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Rasp.AspNetMvc5.Integrated.SSRF_url=-Iast-SsrfAttackNoCatch-host=127.0.0.1_exploit=SSRF.verified.txt b/tracer/test/snapshots/Rasp.AspNetMvc5.Integrated.SSRF_url=-Iast-SsrfAttackNoCatch-host=127.0.0.1_exploit=SSRF.verified.txt index 337cc8ce8a79..6ed7cb7ea0fe 100644 --- a/tracer/test/snapshots/Rasp.AspNetMvc5.Integrated.SSRF_url=-Iast-SsrfAttackNoCatch-host=127.0.0.1_exploit=SSRF.verified.txt +++ b/tracer/test/snapshots/Rasp.AspNetMvc5.Integrated.SSRF_url=-Iast-SsrfAttackNoCatch-host=127.0.0.1_exploit=SSRF.verified.txt @@ -38,6 +38,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { diff --git a/tracer/test/snapshots/Rasp.AspNetMvc5.Integrated.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt b/tracer/test/snapshots/Rasp.AspNetMvc5.Integrated.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt index cb267adaae92..3d2267c7d633 100644 --- a/tracer/test/snapshots/Rasp.AspNetMvc5.Integrated.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt +++ b/tracer/test/snapshots/Rasp.AspNetMvc5.Integrated.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt @@ -42,6 +42,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } }, diff --git a/tracer/test/snapshots/RaspIast.AspNetCore2.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt b/tracer/test/snapshots/RaspIast.AspNetCore2.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt index 1abf1fccbe35..0c9154eaad39 100644 --- a/tracer/test/snapshots/RaspIast.AspNetCore2.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt +++ b/tracer/test/snapshots/RaspIast.AspNetCore2.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt @@ -56,7 +56,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "ExecuteCommandInternal" + "method": "ExecuteCommandInternal", + "stackId": "1" }, "evidence": { "valueParts": [ @@ -104,6 +105,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } } diff --git a/tracer/test/snapshots/RaspIast.AspNetCore2.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt b/tracer/test/snapshots/RaspIast.AspNetCore2.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt index 95fe89bb9e63..96be3fccc202 100644 --- a/tracer/test/snapshots/RaspIast.AspNetCore2.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt +++ b/tracer/test/snapshots/RaspIast.AspNetCore2.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt @@ -56,7 +56,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "GetFileContent" + "method": "GetFileContent", + "stackId": "1" }, "evidence": { "valueParts": [ @@ -92,6 +93,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } } diff --git a/tracer/test/snapshots/RaspIast.AspNetCore2.Lfi_url=-Iast-GetFileContent-file=filename_exploit=Lfi.verified.txt b/tracer/test/snapshots/RaspIast.AspNetCore2.Lfi_url=-Iast-GetFileContent-file=filename_exploit=Lfi.verified.txt index a63c2e14fcab..9829787d7926 100644 --- a/tracer/test/snapshots/RaspIast.AspNetCore2.Lfi_url=-Iast-GetFileContent-file=filename_exploit=Lfi.verified.txt +++ b/tracer/test/snapshots/RaspIast.AspNetCore2.Lfi_url=-Iast-GetFileContent-file=filename_exploit=Lfi.verified.txt @@ -47,7 +47,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "GetFileContent" + "method": "GetFileContent", + "stackId": "1" }, "evidence": { "valueParts": [ @@ -78,6 +79,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + _dd.stack: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/RaspIast.AspNetCore2.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt b/tracer/test/snapshots/RaspIast.AspNetCore2.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt index 0281c001af2c..19eddc64ca85 100644 --- a/tracer/test/snapshots/RaspIast.AspNetCore2.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt +++ b/tracer/test/snapshots/RaspIast.AspNetCore2.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt @@ -56,7 +56,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "SsrfAttack" + "method": "SsrfAttack", + "stackId": "1" }, "evidence": { "valueParts": [ @@ -96,6 +97,10 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: , + _dd.stack: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/RaspIast.AspNetCore2.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt b/tracer/test/snapshots/RaspIast.AspNetCore2.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt index 9bd8b1ca7cd1..768544da1198 100644 --- a/tracer/test/snapshots/RaspIast.AspNetCore2.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt +++ b/tracer/test/snapshots/RaspIast.AspNetCore2.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt @@ -58,7 +58,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "ExecuteQuery" + "method": "ExecuteQuery", + "stackId": "1" }, "evidence": { "valueParts": [ @@ -100,6 +101,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } } diff --git a/tracer/test/snapshots/RaspIast.AspNetCore5.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt b/tracer/test/snapshots/RaspIast.AspNetCore5.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt index ed863cfa392d..eaf919160bcf 100644 --- a/tracer/test/snapshots/RaspIast.AspNetCore5.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt +++ b/tracer/test/snapshots/RaspIast.AspNetCore5.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt @@ -57,7 +57,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "ExecuteCommandInternal" + "method": "ExecuteCommandInternal", + "stackId": "1" }, "evidence": { "valueParts": [ @@ -105,6 +106,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } } diff --git a/tracer/test/snapshots/RaspIast.AspNetCore5.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt b/tracer/test/snapshots/RaspIast.AspNetCore5.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt index 6cd771a9d5cc..6dd6320e40ef 100644 --- a/tracer/test/snapshots/RaspIast.AspNetCore5.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt +++ b/tracer/test/snapshots/RaspIast.AspNetCore5.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt @@ -57,7 +57,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "GetFileContent" + "method": "GetFileContent", + "stackId": "1" }, "evidence": { "valueParts": [ @@ -93,6 +94,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } } diff --git a/tracer/test/snapshots/RaspIast.AspNetCore5.Lfi_url=-Iast-GetFileContent-file=filename_exploit=Lfi.verified.txt b/tracer/test/snapshots/RaspIast.AspNetCore5.Lfi_url=-Iast-GetFileContent-file=filename_exploit=Lfi.verified.txt index 8818b2b202ff..a16f128a9e0c 100644 --- a/tracer/test/snapshots/RaspIast.AspNetCore5.Lfi_url=-Iast-GetFileContent-file=filename_exploit=Lfi.verified.txt +++ b/tracer/test/snapshots/RaspIast.AspNetCore5.Lfi_url=-Iast-GetFileContent-file=filename_exploit=Lfi.verified.txt @@ -48,7 +48,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "GetFileContent" + "method": "GetFileContent", + "stackId": "1" }, "evidence": { "valueParts": [ @@ -79,6 +80,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + _dd.stack: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/RaspIast.AspNetCore5.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt b/tracer/test/snapshots/RaspIast.AspNetCore5.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt index f9e2ec468748..aafe82bacfc5 100644 --- a/tracer/test/snapshots/RaspIast.AspNetCore5.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt +++ b/tracer/test/snapshots/RaspIast.AspNetCore5.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt @@ -57,7 +57,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "SsrfAttack" + "method": "SsrfAttack", + "stackId": "1" }, "evidence": { "valueParts": [ @@ -97,6 +98,10 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: , + _dd.stack: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/RaspIast.AspNetCore5.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt b/tracer/test/snapshots/RaspIast.AspNetCore5.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt index 403c5def1807..773d07a3ac9a 100644 --- a/tracer/test/snapshots/RaspIast.AspNetCore5.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt +++ b/tracer/test/snapshots/RaspIast.AspNetCore5.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt @@ -59,7 +59,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "ExecuteQuery" + "method": "ExecuteQuery", + "stackId": "1" }, "evidence": { "valueParts": [ @@ -101,6 +102,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } } diff --git a/tracer/test/snapshots/RaspIast.AspNetMvc5.Classic.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt b/tracer/test/snapshots/RaspIast.AspNetMvc5.Classic.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt index fa61ba3e356a..effb1be1f4fd 100644 --- a/tracer/test/snapshots/RaspIast.AspNetMvc5.Classic.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt +++ b/tracer/test/snapshots/RaspIast.AspNetMvc5.Classic.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt @@ -33,7 +33,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "ExecuteCommandInternal" + "method": "ExecuteCommandInternal", + "stackId": "1" }, "evidence": { "valueParts": [ @@ -81,6 +82,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } }, diff --git a/tracer/test/snapshots/RaspIast.AspNetMvc5.Classic.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt b/tracer/test/snapshots/RaspIast.AspNetMvc5.Classic.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt index cf65f33e40e8..01fa76c81574 100644 --- a/tracer/test/snapshots/RaspIast.AspNetMvc5.Classic.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt +++ b/tracer/test/snapshots/RaspIast.AspNetMvc5.Classic.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt @@ -56,7 +56,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "GetFileContent" + "method": "GetFileContent", + "stackId": "1" }, "evidence": { "valueParts": [ @@ -92,6 +93,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } } diff --git a/tracer/test/snapshots/RaspIast.AspNetMvc5.Classic.Lfi_url=-Iast-GetFileContent-file=filename_exploit=Lfi.verified.txt b/tracer/test/snapshots/RaspIast.AspNetMvc5.Classic.Lfi_url=-Iast-GetFileContent-file=filename_exploit=Lfi.verified.txt index 6cef8f672d63..7cf6468fc308 100644 --- a/tracer/test/snapshots/RaspIast.AspNetMvc5.Classic.Lfi_url=-Iast-GetFileContent-file=filename_exploit=Lfi.verified.txt +++ b/tracer/test/snapshots/RaspIast.AspNetMvc5.Classic.Lfi_url=-Iast-GetFileContent-file=filename_exploit=Lfi.verified.txt @@ -49,7 +49,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "GetFileContent" + "method": "GetFileContent", + "stackId": "1" }, "evidence": { "valueParts": [ @@ -80,6 +81,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + _dd.stack: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/RaspIast.AspNetMvc5.Classic.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt b/tracer/test/snapshots/RaspIast.AspNetMvc5.Classic.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt index cf15f22a8bcc..3628072432c2 100644 --- a/tracer/test/snapshots/RaspIast.AspNetMvc5.Classic.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt +++ b/tracer/test/snapshots/RaspIast.AspNetMvc5.Classic.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt @@ -56,7 +56,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "SsrfAttack" + "method": "SsrfAttack", + "stackId": "1" }, "evidence": { "valueParts": [ @@ -96,6 +97,10 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: , + _dd.stack: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/RaspIast.AspNetMvc5.Classic.SSRF_url=-Iast-SsrfAttackNoCatch-host=127.0.0.1_exploit=SSRF.verified.txt b/tracer/test/snapshots/RaspIast.AspNetMvc5.Classic.SSRF_url=-Iast-SsrfAttackNoCatch-host=127.0.0.1_exploit=SSRF.verified.txt index 277334f86a08..94a1a0601626 100644 --- a/tracer/test/snapshots/RaspIast.AspNetMvc5.Classic.SSRF_url=-Iast-SsrfAttackNoCatch-host=127.0.0.1_exploit=SSRF.verified.txt +++ b/tracer/test/snapshots/RaspIast.AspNetMvc5.Classic.SSRF_url=-Iast-SsrfAttackNoCatch-host=127.0.0.1_exploit=SSRF.verified.txt @@ -33,7 +33,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "SsrfAttackNoCatch" + "method": "SsrfAttackNoCatch", + "stackId": "1" }, "evidence": { "valueParts": [ @@ -73,6 +74,10 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: , + _dd.stack: } }, { diff --git a/tracer/test/snapshots/RaspIast.AspNetMvc5.Classic.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt b/tracer/test/snapshots/RaspIast.AspNetMvc5.Classic.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt index d1fe6d66c17e..cac28e9cbb9d 100644 --- a/tracer/test/snapshots/RaspIast.AspNetMvc5.Classic.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt +++ b/tracer/test/snapshots/RaspIast.AspNetMvc5.Classic.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt @@ -35,7 +35,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "ExecuteQuery" + "method": "ExecuteQuery", + "stackId": "1" }, "evidence": { "valueParts": [ @@ -77,6 +78,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } }, diff --git a/tracer/test/snapshots/RaspIast.AspNetMvc5.Integrated.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt b/tracer/test/snapshots/RaspIast.AspNetMvc5.Integrated.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt index cbff7715a772..01d49c049093 100644 --- a/tracer/test/snapshots/RaspIast.AspNetMvc5.Integrated.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt +++ b/tracer/test/snapshots/RaspIast.AspNetMvc5.Integrated.CmdI_url=-Iast-ExecuteCommand-file=ls&argumentLine=;evilCommand&fromShell=true_exploit=CmdI.verified.txt @@ -34,7 +34,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "ExecuteCommandInternal" + "method": "ExecuteCommandInternal", + "stackId": "1" }, "evidence": { "valueParts": [ @@ -58,7 +59,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "ExecuteCommandInternal" + "method": "ExecuteCommandInternal", + "stackId": "2" }, "evidence": { "value": "Datadog.Trace,BlockException" @@ -94,6 +96,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } }, diff --git a/tracer/test/snapshots/RaspIast.AspNetMvc5.Integrated.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt b/tracer/test/snapshots/RaspIast.AspNetMvc5.Integrated.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt index b064f9aec9d4..4af5e3b6f7d7 100644 --- a/tracer/test/snapshots/RaspIast.AspNetMvc5.Integrated.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt +++ b/tracer/test/snapshots/RaspIast.AspNetMvc5.Integrated.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt @@ -57,7 +57,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "GetFileContent" + "method": "GetFileContent", + "stackId": "1" }, "evidence": { "valueParts": [ @@ -93,6 +94,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } } diff --git a/tracer/test/snapshots/RaspIast.AspNetMvc5.Integrated.Lfi_url=-Iast-GetFileContent-file=filename_exploit=Lfi.verified.txt b/tracer/test/snapshots/RaspIast.AspNetMvc5.Integrated.Lfi_url=-Iast-GetFileContent-file=filename_exploit=Lfi.verified.txt index 6cef8f672d63..7cf6468fc308 100644 --- a/tracer/test/snapshots/RaspIast.AspNetMvc5.Integrated.Lfi_url=-Iast-GetFileContent-file=filename_exploit=Lfi.verified.txt +++ b/tracer/test/snapshots/RaspIast.AspNetMvc5.Integrated.Lfi_url=-Iast-GetFileContent-file=filename_exploit=Lfi.verified.txt @@ -49,7 +49,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "GetFileContent" + "method": "GetFileContent", + "stackId": "1" }, "evidence": { "valueParts": [ @@ -80,6 +81,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + _dd.stack: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/RaspIast.AspNetMvc5.Integrated.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt b/tracer/test/snapshots/RaspIast.AspNetMvc5.Integrated.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt index 68213beeb710..246eb5f87f10 100644 --- a/tracer/test/snapshots/RaspIast.AspNetMvc5.Integrated.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt +++ b/tracer/test/snapshots/RaspIast.AspNetMvc5.Integrated.SSRF_url=-Iast-SsrfAttack-host=127.0.0.1_exploit=SSRF.verified.txt @@ -57,7 +57,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "SsrfAttack" + "method": "SsrfAttack", + "stackId": "1" }, "evidence": { "valueParts": [ @@ -97,6 +98,10 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: , + _dd.stack: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/RaspIast.AspNetMvc5.Integrated.SSRF_url=-Iast-SsrfAttackNoCatch-host=127.0.0.1_exploit=SSRF.verified.txt b/tracer/test/snapshots/RaspIast.AspNetMvc5.Integrated.SSRF_url=-Iast-SsrfAttackNoCatch-host=127.0.0.1_exploit=SSRF.verified.txt index 4721c30e8bc5..14cb039bee2b 100644 --- a/tracer/test/snapshots/RaspIast.AspNetMvc5.Integrated.SSRF_url=-Iast-SsrfAttackNoCatch-host=127.0.0.1_exploit=SSRF.verified.txt +++ b/tracer/test/snapshots/RaspIast.AspNetMvc5.Integrated.SSRF_url=-Iast-SsrfAttackNoCatch-host=127.0.0.1_exploit=SSRF.verified.txt @@ -34,7 +34,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "SsrfAttackNoCatch" + "method": "SsrfAttackNoCatch", + "stackId": "1" }, "evidence": { "valueParts": [ @@ -57,7 +58,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "SsrfAttackNoCatch" + "method": "SsrfAttackNoCatch", + "stackId": "2" }, "evidence": { "value": "Datadog.Trace,BlockException" @@ -86,6 +88,10 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: , + _dd.stack: } }, { diff --git a/tracer/test/snapshots/RaspIast.AspNetMvc5.Integrated.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt b/tracer/test/snapshots/RaspIast.AspNetMvc5.Integrated.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt index aa85b1adf1e1..f887a67f8a76 100644 --- a/tracer/test/snapshots/RaspIast.AspNetMvc5.Integrated.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt +++ b/tracer/test/snapshots/RaspIast.AspNetMvc5.Integrated.SqlI_url=-Iast-ExecuteQueryFromBodyQueryData_exploit=SqlI_body={-UserName-- -' or '1'='1-}.verified.txt @@ -36,7 +36,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "ExecuteQuery" + "method": "ExecuteQuery", + "stackId": "1" }, "evidence": { "valueParts": [ @@ -59,7 +60,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "ExecuteQuery" + "method": "ExecuteQuery", + "stackId": "2" }, "evidence": { "value": "Datadog.Trace,BlockException" @@ -90,6 +92,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } }, diff --git a/tracer/test/snapshots/RaspRCM.RuleEnableDisableEnable.AspNetCore5.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt b/tracer/test/snapshots/RaspRCM.RuleEnableDisableEnable.AspNetCore5.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt index a73fb1924da2..48a3b2a8a07e 100644 --- a/tracer/test/snapshots/RaspRCM.RuleEnableDisableEnable.AspNetCore5.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt +++ b/tracer/test/snapshots/RaspRCM.RuleEnableDisableEnable.AspNetCore5.Lfi_url=-Iast-GetFileContent-file=-etc-password_exploit=Lfi.verified.txt @@ -65,6 +65,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } }, @@ -185,6 +186,7 @@ _sampling_priority_v1: 2.0 }, MetaStruct: { + appsec: , _dd.stack: } } diff --git a/tracer/test/snapshots/Security.ApiSecurity.AspNetCore2.ApiSecOff.__url=_dataapi_model_body={-property_expectedStatusCode=Forbidden_containsAttack=True.verified.txt b/tracer/test/snapshots/Security.ApiSecurity.AspNetCore2.ApiSecOff.__url=_dataapi_model_body={-property_expectedStatusCode=Forbidden_containsAttack=True.verified.txt index 354ee8c94cfd..97dd66c4d6cf 100644 --- a/tracer/test/snapshots/Security.ApiSecurity.AspNetCore2.ApiSecOff.__url=_dataapi_model_body={-property_expectedStatusCode=Forbidden_containsAttack=True.verified.txt +++ b/tracer/test/snapshots/Security.ApiSecurity.AspNetCore2.ApiSecOff.__url=_dataapi_model_body={-property_expectedStatusCode=Forbidden_containsAttack=True.verified.txt @@ -61,6 +61,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.ApiSecurity.AspNetCore2.ApiSecOn.__url=_dataapi_model_body={-property_expectedStatusCode=Forbidden_containsAttack=True.verified.txt b/tracer/test/snapshots/Security.ApiSecurity.AspNetCore2.ApiSecOn.__url=_dataapi_model_body={-property_expectedStatusCode=Forbidden_containsAttack=True.verified.txt index ee372cbcafd1..b78cce3e39df 100644 --- a/tracer/test/snapshots/Security.ApiSecurity.AspNetCore2.ApiSecOn.__url=_dataapi_model_body={-property_expectedStatusCode=Forbidden_containsAttack=True.verified.txt +++ b/tracer/test/snapshots/Security.ApiSecurity.AspNetCore2.ApiSecOn.__url=_dataapi_model_body={-property_expectedStatusCode=Forbidden_containsAttack=True.verified.txt @@ -64,6 +64,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.ApiSecurity.AspNetCore5.ApiSecOff.__url=_dataapi_model_body={-property_expectedStatusCode=Forbidden_containsAttack=True.verified.txt b/tracer/test/snapshots/Security.ApiSecurity.AspNetCore5.ApiSecOff.__url=_dataapi_model_body={-property_expectedStatusCode=Forbidden_containsAttack=True.verified.txt index f904999df94c..30e190a63d68 100644 --- a/tracer/test/snapshots/Security.ApiSecurity.AspNetCore5.ApiSecOff.__url=_dataapi_model_body={-property_expectedStatusCode=Forbidden_containsAttack=True.verified.txt +++ b/tracer/test/snapshots/Security.ApiSecurity.AspNetCore5.ApiSecOff.__url=_dataapi_model_body={-property_expectedStatusCode=Forbidden_containsAttack=True.verified.txt @@ -62,6 +62,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.ApiSecurity.AspNetCore5.ApiSecOn.__url=_dataapi_model_body={-property_expectedStatusCode=Forbidden_containsAttack=True.verified.txt b/tracer/test/snapshots/Security.ApiSecurity.AspNetCore5.ApiSecOn.__url=_dataapi_model_body={-property_expectedStatusCode=Forbidden_containsAttack=True.verified.txt index f2a0c315d940..eec4d567fdd1 100644 --- a/tracer/test/snapshots/Security.ApiSecurity.AspNetCore5.ApiSecOn.__url=_dataapi_model_body={-property_expectedStatusCode=Forbidden_containsAttack=True.verified.txt +++ b/tracer/test/snapshots/Security.ApiSecurity.AspNetCore5.ApiSecOn.__url=_dataapi_model_body={-property_expectedStatusCode=Forbidden_containsAttack=True.verified.txt @@ -66,6 +66,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCore5.SecurityBlockingTemplatesHtml.__test=server.request.uri.raw_expectedStatusCode=403_url=_health-q=fun.verified.txt b/tracer/test/snapshots/Security.AspNetCore5.SecurityBlockingTemplatesHtml.__test=server.request.uri.raw_expectedStatusCode=403_url=_health-q=fun.verified.txt index d70a9574c902..f83fd6ef9215 100644 --- a/tracer/test/snapshots/Security.AspNetCore5.SecurityBlockingTemplatesHtml.__test=server.request.uri.raw_expectedStatusCode=403_url=_health-q=fun.verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5.SecurityBlockingTemplatesHtml.__test=server.request.uri.raw_expectedStatusCode=403_url=_health-q=fun.verified.txt @@ -38,6 +38,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCore5.SecurityBlockingTemplatesJson.__test=server.request.uri.raw_expectedStatusCode=403_url=_Home_Privacy-q=fun.verified.txt b/tracer/test/snapshots/Security.AspNetCore5.SecurityBlockingTemplatesJson.__test=server.request.uri.raw_expectedStatusCode=403_url=_Home_Privacy-q=fun.verified.txt index 67982f978945..f10a3be96a00 100644 --- a/tracer/test/snapshots/Security.AspNetCore5.SecurityBlockingTemplatesJson.__test=server.request.uri.raw_expectedStatusCode=403_url=_Home_Privacy-q=fun.verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5.SecurityBlockingTemplatesJson.__test=server.request.uri.raw_expectedStatusCode=403_url=_Home_Privacy-q=fun.verified.txt @@ -37,6 +37,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=discovery.scans_url=_Health_login.php.verified.txt b/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=discovery.scans_url=_Health_login.php.verified.txt index f90277fd3bca..55b9a46485de 100644 --- a/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=discovery.scans_url=_Health_login.php.verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=discovery.scans_url=_Health_login.php.verified.txt @@ -36,6 +36,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -75,6 +78,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -114,6 +120,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -153,6 +162,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -192,6 +204,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=server.request.path_params_expectedStatusCode=200_url=_health_params_appscan_fingerprint-&q=help.verified.txt b/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=server.request.path_params_expectedStatusCode=200_url=_health_params_appscan_fingerprint-&q=help.verified.txt index c3444509ef59..1a4fa342d716 100644 --- a/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=server.request.path_params_expectedStatusCode=200_url=_health_params_appscan_fingerprint-&q=help.verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=server.request.path_params_expectedStatusCode=200_url=_health_params_appscan_fingerprint-&q=help.verified.txt @@ -41,6 +41,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -85,6 +88,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -129,6 +135,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -173,6 +182,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -217,6 +229,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=server.request.path_params_expectedStatusCode=200_url=_health_params_appscan_fingerprint.verified.txt b/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=server.request.path_params_expectedStatusCode=200_url=_health_params_appscan_fingerprint.verified.txt index ae2b95e0e89f..1ea494889d67 100644 --- a/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=server.request.path_params_expectedStatusCode=200_url=_health_params_appscan_fingerprint.verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=server.request.path_params_expectedStatusCode=200_url=_health_params_appscan_fingerprint.verified.txt @@ -41,6 +41,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -85,6 +88,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -129,6 +135,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -173,6 +182,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -217,6 +229,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=server.request.path_params_expectedStatusCode=200_url=_params-endpoint_appscan_fingerprint.verified.txt b/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=server.request.path_params_expectedStatusCode=200_url=_params-endpoint_appscan_fingerprint.verified.txt index 10d3b6d4bbbc..a810ac324fcc 100644 --- a/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=server.request.path_params_expectedStatusCode=200_url=_params-endpoint_appscan_fingerprint.verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=server.request.path_params_expectedStatusCode=200_url=_params-endpoint_appscan_fingerprint.verified.txt @@ -39,6 +39,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -81,6 +84,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -123,6 +129,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -165,6 +174,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -207,6 +219,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=server.request.query_expectedStatusCode=200_url=_Health_-[$slice]=value.verified.txt b/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=server.request.query_expectedStatusCode=200_url=_Health_-[$slice]=value.verified.txt index 8c0076d022f5..4477bacfa41a 100644 --- a/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=server.request.query_expectedStatusCode=200_url=_Health_-[$slice]=value.verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=server.request.query_expectedStatusCode=200_url=_Health_-[$slice]=value.verified.txt @@ -41,6 +41,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -85,6 +88,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -129,6 +135,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -173,6 +182,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -217,6 +229,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=server.request.query_expectedStatusCode=200_url=_Health_-arg&[$slice].verified.txt b/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=server.request.query_expectedStatusCode=200_url=_Health_-arg&[$slice].verified.txt index c7c55d4df77b..27167a89b69c 100644 --- a/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=server.request.query_expectedStatusCode=200_url=_Health_-arg&[$slice].verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=server.request.query_expectedStatusCode=200_url=_Health_-arg&[$slice].verified.txt @@ -41,6 +41,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -85,6 +88,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -129,6 +135,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -173,6 +182,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -217,6 +229,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=server.request.query_expectedStatusCode=200_url=_health_params_appscan_fingerprint-[$slice]=value.verified.txt b/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=server.request.query_expectedStatusCode=200_url=_health_params_appscan_fingerprint-[$slice]=value.verified.txt index 82abf309144c..337c90d7aaca 100644 --- a/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=server.request.query_expectedStatusCode=200_url=_health_params_appscan_fingerprint-[$slice]=value.verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5.SecurityEnabled.__test=server.request.query_expectedStatusCode=200_url=_health_params_appscan_fingerprint-[$slice]=value.verified.txt @@ -41,6 +41,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -85,6 +88,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -129,6 +135,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -173,6 +182,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -217,6 +229,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCore5AsmActionsConfiguration.__type=block_request_statusCode=200_argument=dummy_custom_action_actionName=customblock.verified.txt b/tracer/test/snapshots/Security.AspNetCore5AsmActionsConfiguration.__type=block_request_statusCode=200_argument=dummy_custom_action_actionName=customblock.verified.txt index 29312cdb023f..68d4d77bedc2 100644 --- a/tracer/test/snapshots/Security.AspNetCore5AsmActionsConfiguration.__type=block_request_statusCode=200_argument=dummy_custom_action_actionName=customblock.verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5AsmActionsConfiguration.__type=block_request_statusCode=200_argument=dummy_custom_action_actionName=customblock.verified.txt @@ -37,6 +37,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -77,6 +80,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCore5AsmActionsConfiguration.__type=block_request_statusCode=200_argument=dummy_rule_actionName=block.verified.txt b/tracer/test/snapshots/Security.AspNetCore5AsmActionsConfiguration.__type=block_request_statusCode=200_argument=dummy_rule_actionName=block.verified.txt index bb2383c321e3..bd75cb28539b 100644 --- a/tracer/test/snapshots/Security.AspNetCore5AsmActionsConfiguration.__type=block_request_statusCode=200_argument=dummy_rule_actionName=block.verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5AsmActionsConfiguration.__type=block_request_statusCode=200_argument=dummy_rule_actionName=block.verified.txt @@ -37,6 +37,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -77,6 +80,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCore5AsmActionsConfiguration.__type=redirect_request_statusCode=302_argument=dummy_custom_action_actionName=customblock.verified.txt b/tracer/test/snapshots/Security.AspNetCore5AsmActionsConfiguration.__type=redirect_request_statusCode=302_argument=dummy_custom_action_actionName=customblock.verified.txt index a264be8022a1..99c91340639e 100644 --- a/tracer/test/snapshots/Security.AspNetCore5AsmActionsConfiguration.__type=redirect_request_statusCode=302_argument=dummy_custom_action_actionName=customblock.verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5AsmActionsConfiguration.__type=redirect_request_statusCode=302_argument=dummy_custom_action_actionName=customblock.verified.txt @@ -37,6 +37,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -77,6 +80,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCore5AsmActionsConfiguration.__type=redirect_request_statusCode=302_argument=dummy_rule_actionName=block.verified.txt b/tracer/test/snapshots/Security.AspNetCore5AsmActionsConfiguration.__type=redirect_request_statusCode=302_argument=dummy_rule_actionName=block.verified.txt index f8e7b0495be6..a521db2283c4 100644 --- a/tracer/test/snapshots/Security.AspNetCore5AsmActionsConfiguration.__type=redirect_request_statusCode=302_argument=dummy_rule_actionName=block.verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5AsmActionsConfiguration.__type=redirect_request_statusCode=302_argument=dummy_rule_actionName=block.verified.txt @@ -37,6 +37,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -77,6 +80,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCore5AsmCustomRules._.verified.txt b/tracer/test/snapshots/Security.AspNetCore5AsmCustomRules._.verified.txt index f9f4d1210dd8..426292f366bf 100644 --- a/tracer/test/snapshots/Security.AspNetCore5AsmCustomRules._.verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5AsmCustomRules._.verified.txt @@ -74,6 +74,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCore5AsmDataSecurityEnabled.__test=blocking-ips-oneclick_url=_.verified.txt b/tracer/test/snapshots/Security.AspNetCore5AsmDataSecurityEnabled.__test=blocking-ips-oneclick_url=_.verified.txt index 5025aee21adb..d15f6b45a066 100644 --- a/tracer/test/snapshots/Security.AspNetCore5AsmDataSecurityEnabled.__test=blocking-ips-oneclick_url=_.verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5AsmDataSecurityEnabled.__test=blocking-ips-oneclick_url=_.verified.txt @@ -99,6 +99,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -168,6 +171,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCore5AsmDataSecurityEnabled.__test=blocking-ips_url=_.verified.txt b/tracer/test/snapshots/Security.AspNetCore5AsmDataSecurityEnabled.__test=blocking-ips_url=_.verified.txt index 4f78d643becd..994c3cb4dfd7 100644 --- a/tracer/test/snapshots/Security.AspNetCore5AsmDataSecurityEnabled.__test=blocking-ips_url=_.verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5AsmDataSecurityEnabled.__test=blocking-ips_url=_.verified.txt @@ -70,6 +70,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCore5AsmDataSecurityEnabled.__test=blocking-user_url=_user.verified.txt b/tracer/test/snapshots/Security.AspNetCore5AsmDataSecurityEnabled.__test=blocking-user_url=_user.verified.txt index 6d37d46203d9..342732b846c0 100644 --- a/tracer/test/snapshots/Security.AspNetCore5AsmDataSecurityEnabled.__test=blocking-user_url=_user.verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5AsmDataSecurityEnabled.__test=blocking-user_url=_user.verified.txt @@ -77,6 +77,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCore5AsmInitializationSecurityEnabled.TestSecurityInitialization.verified.txt b/tracer/test/snapshots/Security.AspNetCore5AsmInitializationSecurityEnabled.TestSecurityInitialization.verified.txt index 15217cd1335c..93c52ac66ce2 100644 --- a/tracer/test/snapshots/Security.AspNetCore5AsmInitializationSecurityEnabled.TestSecurityInitialization.verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5AsmInitializationSecurityEnabled.TestSecurityInitialization.verified.txt @@ -45,6 +45,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCore5AsmInitializationSecurityEnabledWithBadRuleset.TestSecurityInitialization.verified.txt b/tracer/test/snapshots/Security.AspNetCore5AsmInitializationSecurityEnabledWithBadRuleset.TestSecurityInitialization.verified.txt index 6b8f0e1ea48b..934caca692b0 100644 --- a/tracer/test/snapshots/Security.AspNetCore5AsmInitializationSecurityEnabledWithBadRuleset.TestSecurityInitialization.verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5AsmInitializationSecurityEnabledWithBadRuleset.TestSecurityInitialization.verified.txt @@ -46,6 +46,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCore5AsmRemoteRules._.verified.txt b/tracer/test/snapshots/Security.AspNetCore5AsmRemoteRules._.verified.txt index 58d4c3b41343..2b5ad1c53952 100644 --- a/tracer/test/snapshots/Security.AspNetCore5AsmRemoteRules._.verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5AsmRemoteRules._.verified.txt @@ -41,6 +41,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -85,6 +88,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -129,6 +135,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCore5AsmRulesToggle._.verified.txt b/tracer/test/snapshots/Security.AspNetCore5AsmRulesToggle._.verified.txt index 46a354fb49d4..ccede3247d60 100644 --- a/tracer/test/snapshots/Security.AspNetCore5AsmRulesToggle._.verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5AsmRulesToggle._.verified.txt @@ -41,6 +41,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -118,6 +121,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -158,6 +164,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -202,6 +211,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCore5AsmToggleSecurityDefault._.verified.txt b/tracer/test/snapshots/Security.AspNetCore5AsmToggleSecurityDefault._.verified.txt index 75ec7499f3c1..68fe1e4ea485 100644 --- a/tracer/test/snapshots/Security.AspNetCore5AsmToggleSecurityDefault._.verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5AsmToggleSecurityDefault._.verified.txt @@ -99,6 +99,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { diff --git a/tracer/test/snapshots/Security.AspNetCore5AsmToggleSecurityEnabled._.verified.txt b/tracer/test/snapshots/Security.AspNetCore5AsmToggleSecurityEnabled._.verified.txt index 568c8e47569c..b3a05895079e 100644 --- a/tracer/test/snapshots/Security.AspNetCore5AsmToggleSecurityEnabled._.verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5AsmToggleSecurityEnabled._.verified.txt @@ -41,6 +41,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -85,6 +88,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -129,6 +135,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -173,6 +182,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCore5ExternalRules._.verified.txt b/tracer/test/snapshots/Security.AspNetCore5ExternalRules._.verified.txt index 2590a39a3582..c7eba8032128 100644 --- a/tracer/test/snapshots/Security.AspNetCore5ExternalRules._.verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5ExternalRules._.verified.txt @@ -41,6 +41,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -85,6 +88,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -129,6 +135,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -173,6 +182,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -217,6 +229,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCore5IastAsm._.verified.txt b/tracer/test/snapshots/Security.AspNetCore5IastAsm._.verified.txt index 2da60f1d724d..2af4c40c8171 100644 --- a/tracer/test/snapshots/Security.AspNetCore5IastAsm._.verified.txt +++ b/tracer/test/snapshots/Security.AspNetCore5IastAsm._.verified.txt @@ -30,7 +30,8 @@ "location": { "spanId": XXX, "path": "Samples.Security.AspNetCore5.Controllers.IastController", - "method": "ExecuteQuery" + "method": "ExecuteQuery", + "stackId": "1" }, "evidence": { "valueParts": [ @@ -58,6 +59,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + _dd.stack: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCoreBare.__expectedStatusCode=200_url=_good-param=[$slice].verified.txt b/tracer/test/snapshots/Security.AspNetCoreBare.__expectedStatusCode=200_url=_good-param=[$slice].verified.txt index 7f311ca3657c..30197cec076e 100644 --- a/tracer/test/snapshots/Security.AspNetCoreBare.__expectedStatusCode=200_url=_good-param=[$slice].verified.txt +++ b/tracer/test/snapshots/Security.AspNetCoreBare.__expectedStatusCode=200_url=_good-param=[$slice].verified.txt @@ -40,6 +40,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -83,6 +86,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -126,6 +132,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -169,6 +178,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -212,6 +224,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCoreBare.__expectedStatusCode=200_url=_void-param=[$slice].verified.txt b/tracer/test/snapshots/Security.AspNetCoreBare.__expectedStatusCode=200_url=_void-param=[$slice].verified.txt index 5601a1d96bd8..d9c1ee83e3c7 100644 --- a/tracer/test/snapshots/Security.AspNetCoreBare.__expectedStatusCode=200_url=_void-param=[$slice].verified.txt +++ b/tracer/test/snapshots/Security.AspNetCoreBare.__expectedStatusCode=200_url=_void-param=[$slice].verified.txt @@ -40,6 +40,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -83,6 +86,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -126,6 +132,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -169,6 +178,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -212,6 +224,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetCoreBare.__expectedStatusCode=500_url=_bad-param=[$slice].verified.txt b/tracer/test/snapshots/Security.AspNetCoreBare.__expectedStatusCode=500_url=_bad-param=[$slice].verified.txt index d83573a3133a..409096362dd7 100644 --- a/tracer/test/snapshots/Security.AspNetCoreBare.__expectedStatusCode=500_url=_bad-param=[$slice].verified.txt +++ b/tracer/test/snapshots/Security.AspNetCoreBare.__expectedStatusCode=500_url=_bad-param=[$slice].verified.txt @@ -46,6 +46,9 @@ at Samples.Security.AspNetCoreBare.Controllers.BadController.Get(), _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -95,6 +98,9 @@ at Samples.Security.AspNetCoreBare.Controllers.BadController.Get(), _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -144,6 +150,9 @@ at Samples.Security.AspNetCoreBare.Controllers.BadController.Get(), _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -193,6 +202,9 @@ at Samples.Security.AspNetCoreBare.Controllers.BadController.Get(), _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -242,6 +254,9 @@ at Samples.Security.AspNetCoreBare.Controllers.BadController.Get(), _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetFxWebApiApiSecurity.enableApiSecurity=False.__scenario=scan-with-attack.verified.txt b/tracer/test/snapshots/Security.AspNetFxWebApiApiSecurity.enableApiSecurity=False.__scenario=scan-with-attack.verified.txt index 7f0869988e57..6960776d710a 100644 --- a/tracer/test/snapshots/Security.AspNetFxWebApiApiSecurity.enableApiSecurity=False.__scenario=scan-with-attack.verified.txt +++ b/tracer/test/snapshots/Security.AspNetFxWebApiApiSecurity.enableApiSecurity=False.__scenario=scan-with-attack.verified.txt @@ -61,6 +61,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetFxWebApiApiSecurity.enableApiSecurity=True.__scenario=scan-with-attack.verified.txt b/tracer/test/snapshots/Security.AspNetFxWebApiApiSecurity.enableApiSecurity=True.__scenario=scan-with-attack.verified.txt index fde7987bde7b..830087ed7d35 100644 --- a/tracer/test/snapshots/Security.AspNetFxWebApiApiSecurity.enableApiSecurity=True.__scenario=scan-with-attack.verified.txt +++ b/tracer/test/snapshots/Security.AspNetFxWebApiApiSecurity.enableApiSecurity=True.__scenario=scan-with-attack.verified.txt @@ -67,6 +67,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=blocking.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=blocking.verified.txt index 3bc4e429b225..b2550a179e10 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=blocking.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=blocking.verified.txt @@ -35,6 +35,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -73,6 +76,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -111,6 +117,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -149,6 +158,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -187,6 +199,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=server.request.body_url=_Home_UploadJson_body={-DictionaryProperty-- {-a---[$slice]-} }.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=server.request.body_url=_Home_UploadJson_body={-DictionaryProperty-- {-a---[$slice]-} }.verified.txt index 938f6a314c50..bfefdb497238 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=server.request.body_url=_Home_UploadJson_body={-DictionaryProperty-- {-a---[$slice]-} }.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=server.request.body_url=_Home_UploadJson_body={-DictionaryProperty-- {-a---[$slice]-} }.verified.txt @@ -62,6 +62,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -127,6 +130,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -192,6 +198,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -257,6 +266,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -322,6 +334,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=server.request.body_url=_Home_UploadStruct_body={-Property1-- -[$slice]-}.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=server.request.body_url=_Home_UploadStruct_body={-Property1-- -[$slice]-}.verified.txt index 3823c45bfb63..15482ccf8d75 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=server.request.body_url=_Home_UploadStruct_body={-Property1-- -[$slice]-}.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=server.request.body_url=_Home_UploadStruct_body={-Property1-- -[$slice]-}.verified.txt @@ -62,6 +62,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -127,6 +130,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -192,6 +198,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -257,6 +266,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -322,6 +334,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=server.request.body_url=_Home_Upload_body={-Property1-- -[$slice]-}.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=server.request.body_url=_Home_Upload_body={-Property1-- -[$slice]-}.verified.txt index bc5d3cc5acd3..9531f454c042 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=server.request.body_url=_Home_Upload_body={-Property1-- -[$slice]-}.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=server.request.body_url=_Home_Upload_body={-Property1-- -[$slice]-}.verified.txt @@ -62,6 +62,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -127,6 +130,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -192,6 +198,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -257,6 +266,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -322,6 +334,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=server.request.path_params_url=_Health_params_appscan_fingerprint-&q=help_body=null.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=server.request.path_params_url=_Health_params_appscan_fingerprint-&q=help_body=null.verified.txt index fd76f79dd8ca..cbbbdc274987 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=server.request.path_params_url=_Health_params_appscan_fingerprint-&q=help_body=null.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=server.request.path_params_url=_Health_params_appscan_fingerprint-&q=help_body=null.verified.txt @@ -60,6 +60,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -123,6 +126,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -186,6 +192,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -249,6 +258,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -312,6 +324,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=server.request.path_params_url=_Health_params_appscan_fingerprint_body=null.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=server.request.path_params_url=_Health_params_appscan_fingerprint_body=null.verified.txt index 289691a14f2c..3f33c468e922 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=server.request.path_params_url=_Health_params_appscan_fingerprint_body=null.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=server.request.path_params_url=_Health_params_appscan_fingerprint_body=null.verified.txt @@ -60,6 +60,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -123,6 +126,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -186,6 +192,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -249,6 +258,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -312,6 +324,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=server.request.query_url=_Health_-arg=[$slice]_body=null.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=server.request.query_url=_Health_-arg=[$slice]_body=null.verified.txt index 60ff6fc5edc6..c8d28bab9537 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=server.request.query_url=_Health_-arg=[$slice]_body=null.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5.Classic.enableSecurity=True.__test=server.request.query_url=_Health_-arg=[$slice]_body=null.verified.txt @@ -60,6 +60,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -123,6 +126,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -186,6 +192,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -249,6 +258,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -312,6 +324,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=blocking.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=blocking.verified.txt index 473de91494e1..42d0ac631510 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=blocking.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=blocking.verified.txt @@ -36,6 +36,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -75,6 +78,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -114,6 +120,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -153,6 +162,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -192,6 +204,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=discovery.scans_url=_Health_wp-config_body=null.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=discovery.scans_url=_Health_wp-config_body=null.verified.txt index a1f0fee41fa9..3f4e77da4b30 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=discovery.scans_url=_Health_wp-config_body=null.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=discovery.scans_url=_Health_wp-config_body=null.verified.txt @@ -61,6 +61,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -125,6 +128,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -189,6 +195,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -253,6 +262,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -317,6 +329,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.request.body_url=_Home_UploadJson_body={-DictionaryProperty-- {-a---[$slice]-} }.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.request.body_url=_Home_UploadJson_body={-DictionaryProperty-- {-a---[$slice]-} }.verified.txt index c739bfbd7ac3..86dc7bcffa14 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.request.body_url=_Home_UploadJson_body={-DictionaryProperty-- {-a---[$slice]-} }.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.request.body_url=_Home_UploadJson_body={-DictionaryProperty-- {-a---[$slice]-} }.verified.txt @@ -63,6 +63,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -129,6 +132,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -195,6 +201,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -261,6 +270,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -327,6 +339,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.request.body_url=_Home_UploadStruct_body={-Property1-- -[$slice]-}.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.request.body_url=_Home_UploadStruct_body={-Property1-- -[$slice]-}.verified.txt index 9d5d88d27672..e24b0efb03fc 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.request.body_url=_Home_UploadStruct_body={-Property1-- -[$slice]-}.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.request.body_url=_Home_UploadStruct_body={-Property1-- -[$slice]-}.verified.txt @@ -63,6 +63,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -129,6 +132,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -195,6 +201,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -261,6 +270,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -327,6 +339,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.request.body_url=_Home_Upload_body={-Property1-- -[$slice]-}.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.request.body_url=_Home_Upload_body={-Property1-- -[$slice]-}.verified.txt index 6474c1f6ece2..1e1dbf33ec49 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.request.body_url=_Home_Upload_body={-Property1-- -[$slice]-}.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.request.body_url=_Home_Upload_body={-Property1-- -[$slice]-}.verified.txt @@ -63,6 +63,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -129,6 +132,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -195,6 +201,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -261,6 +270,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -327,6 +339,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.request.path_params_url=_Health_params_appscan_fingerprint-&q=help_body=null.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.request.path_params_url=_Health_params_appscan_fingerprint-&q=help_body=null.verified.txt index c81848fb8d90..ee86537349c6 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.request.path_params_url=_Health_params_appscan_fingerprint-&q=help_body=null.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.request.path_params_url=_Health_params_appscan_fingerprint-&q=help_body=null.verified.txt @@ -61,6 +61,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -125,6 +128,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -189,6 +195,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -253,6 +262,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -317,6 +329,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.request.path_params_url=_Health_params_appscan_fingerprint_body=null.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.request.path_params_url=_Health_params_appscan_fingerprint_body=null.verified.txt index cc2d2c9c414a..fed3bb57f3a3 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.request.path_params_url=_Health_params_appscan_fingerprint_body=null.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.request.path_params_url=_Health_params_appscan_fingerprint_body=null.verified.txt @@ -61,6 +61,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -125,6 +128,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -189,6 +195,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -253,6 +262,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -317,6 +329,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.request.query_url=_Health_-arg=[$slice]_body=null.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.request.query_url=_Health_-arg=[$slice]_body=null.verified.txt index 58bc23ca050e..63c24d5b0777 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.request.query_url=_Health_-arg=[$slice]_body=null.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.request.query_url=_Health_-arg=[$slice]_body=null.verified.txt @@ -61,6 +61,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -125,6 +128,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -189,6 +195,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -253,6 +262,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -317,6 +329,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.response.headers.no_cookies_url=_Home_LangHeader_body=null.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.response.headers.no_cookies_url=_Home_LangHeader_body=null.verified.txt index 9ad17dcc7fdb..bee4c3ba7d01 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.response.headers.no_cookies_url=_Home_LangHeader_body=null.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5.Integrated.enableSecurity=True.__test=server.response.headers.no_cookies_url=_Home_LangHeader_body=null.verified.txt @@ -62,6 +62,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -127,6 +130,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -192,6 +198,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -257,6 +266,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -322,6 +334,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5ApiSecurity.enableApiSecurity=False.__scenario=scan-with-attack.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5ApiSecurity.enableApiSecurity=False.__scenario=scan-with-attack.verified.txt index 61ced2c19dab..fe50caba0fe1 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5ApiSecurity.enableApiSecurity=False.__scenario=scan-with-attack.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5ApiSecurity.enableApiSecurity=False.__scenario=scan-with-attack.verified.txt @@ -64,6 +64,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5ApiSecurity.enableApiSecurity=True.__scenario=scan-with-attack.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5ApiSecurity.enableApiSecurity=True.__scenario=scan-with-attack.verified.txt index 3fd46ff63db0..6c9a00b26d9a 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5ApiSecurity.enableApiSecurity=True.__scenario=scan-with-attack.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5ApiSecurity.enableApiSecurity=True.__scenario=scan-with-attack.verified.txt @@ -70,6 +70,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5AsmBlockingActions.Classic.enableSecurity=True.__type=block_request_statusCode=200.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5AsmBlockingActions.Classic.enableSecurity=True.__type=block_request_statusCode=200.verified.txt index a634d10ec532..e84d81c45d64 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5AsmBlockingActions.Classic.enableSecurity=True.__type=block_request_statusCode=200.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5AsmBlockingActions.Classic.enableSecurity=True.__type=block_request_statusCode=200.verified.txt @@ -35,6 +35,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -73,6 +76,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5AsmBlockingActions.Classic.enableSecurity=True.__type=redirect_request_statusCode=302.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5AsmBlockingActions.Classic.enableSecurity=True.__type=redirect_request_statusCode=302.verified.txt index 3fa992a293d8..9c849ba88e34 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5AsmBlockingActions.Classic.enableSecurity=True.__type=redirect_request_statusCode=302.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5AsmBlockingActions.Classic.enableSecurity=True.__type=redirect_request_statusCode=302.verified.txt @@ -35,6 +35,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -73,6 +76,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5AsmBlockingActions.Integrated.enableSecurity=True.__type=block_request_statusCode=200.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5AsmBlockingActions.Integrated.enableSecurity=True.__type=block_request_statusCode=200.verified.txt index 86ccbc156da5..282703d721af 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5AsmBlockingActions.Integrated.enableSecurity=True.__type=block_request_statusCode=200.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5AsmBlockingActions.Integrated.enableSecurity=True.__type=block_request_statusCode=200.verified.txt @@ -36,6 +36,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -75,6 +78,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5AsmBlockingActions.Integrated.enableSecurity=True.__type=redirect_request_statusCode=302.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5AsmBlockingActions.Integrated.enableSecurity=True.__type=redirect_request_statusCode=302.verified.txt index 3f492ec94dc5..03e7e37c838e 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5AsmBlockingActions.Integrated.enableSecurity=True.__type=redirect_request_statusCode=302.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5AsmBlockingActions.Integrated.enableSecurity=True.__type=redirect_request_statusCode=302.verified.txt @@ -36,6 +36,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -75,6 +78,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5AsmData.Classic.enableSecurity=True.__test=blocking-ips_url=_.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5AsmData.Classic.enableSecurity=True.__test=blocking-ips_url=_.verified.txt index 48b855936c8a..72446da86965 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5AsmData.Classic.enableSecurity=True.__test=blocking-ips_url=_.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5AsmData.Classic.enableSecurity=True.__test=blocking-ips_url=_.verified.txt @@ -93,6 +93,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5AsmData.Classic.enableSecurity=True.__test=blocking-user_url=_user.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5AsmData.Classic.enableSecurity=True.__test=blocking-user_url=_user.verified.txt index 3f57a99e415f..261a0154ae42 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5AsmData.Classic.enableSecurity=True.__test=blocking-user_url=_user.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5AsmData.Classic.enableSecurity=True.__test=blocking-user_url=_user.verified.txt @@ -118,6 +118,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5AsmData.Integrated.enableSecurity=True.__test=blocking-ips_url=_.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5AsmData.Integrated.enableSecurity=True.__test=blocking-ips_url=_.verified.txt index 7825e36e5ea0..65da66fb9d97 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5AsmData.Integrated.enableSecurity=True.__test=blocking-ips_url=_.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5AsmData.Integrated.enableSecurity=True.__test=blocking-ips_url=_.verified.txt @@ -94,6 +94,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5AsmData.Integrated.enableSecurity=True.__test=blocking-user_url=_user.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5AsmData.Integrated.enableSecurity=True.__test=blocking-user_url=_user.verified.txt index 7a89575a1171..24d45f7d99d4 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5AsmData.Integrated.enableSecurity=True.__test=blocking-user_url=_user.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5AsmData.Integrated.enableSecurity=True.__test=blocking-user_url=_user.verified.txt @@ -119,6 +119,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5AsmRulesToggle.Classic.enableSecurity=True._.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5AsmRulesToggle.Classic.enableSecurity=True._.verified.txt index 14be07593bb3..3cd162285bcb 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5AsmRulesToggle.Classic.enableSecurity=True._.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5AsmRulesToggle.Classic.enableSecurity=True._.verified.txt @@ -60,6 +60,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -98,6 +101,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -161,6 +167,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetMvc5AsmRulesToggle.Integrated.enableSecurity=True._.verified.txt b/tracer/test/snapshots/Security.AspNetMvc5AsmRulesToggle.Integrated.enableSecurity=True._.verified.txt index 172bbf272c70..2d14e0e813f5 100644 --- a/tracer/test/snapshots/Security.AspNetMvc5AsmRulesToggle.Integrated.enableSecurity=True._.verified.txt +++ b/tracer/test/snapshots/Security.AspNetMvc5AsmRulesToggle.Integrated.enableSecurity=True._.verified.txt @@ -61,6 +61,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -100,6 +103,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -164,6 +170,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__scenario=null-action.verified.txt b/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__scenario=null-action.verified.txt index d3e37a482cd5..f0360fd54c2c 100644 --- a/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__scenario=null-action.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__scenario=null-action.verified.txt @@ -56,6 +56,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -115,6 +118,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__test=blocking.verified.txt b/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__test=blocking.verified.txt index 4d42adf8ef69..ce8717388066 100644 --- a/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__test=blocking.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__test=blocking.verified.txt @@ -35,6 +35,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -73,6 +76,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -111,6 +117,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -149,6 +158,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -187,6 +199,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__test=server.request.body_url=_api_Home_Upload_body={-Property1-- -[$slice]-}.verified.txt b/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__test=server.request.body_url=_api_Home_Upload_body={-Property1-- -[$slice]-}.verified.txt index 2eeacd3cee75..0fb7dc95aa7d 100644 --- a/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__test=server.request.body_url=_api_Home_Upload_body={-Property1-- -[$slice]-}.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__test=server.request.body_url=_api_Home_Upload_body={-Property1-- -[$slice]-}.verified.txt @@ -59,6 +59,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -121,6 +124,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -183,6 +189,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -245,6 +254,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -307,6 +319,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__test=server.request.path_params_url=_api_Health_appscan_fingerprint_body=null.verified.txt b/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__test=server.request.path_params_url=_api_Health_appscan_fingerprint_body=null.verified.txt index 5caf9a8b489e..5113899ad099 100644 --- a/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__test=server.request.path_params_url=_api_Health_appscan_fingerprint_body=null.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__test=server.request.path_params_url=_api_Health_appscan_fingerprint_body=null.verified.txt @@ -57,6 +57,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -117,6 +120,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -177,6 +183,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -237,6 +246,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -297,6 +309,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__test=server.request.path_params_url=_api_route_2-arg=[$slice]_body=null.verified.txt b/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__test=server.request.path_params_url=_api_route_2-arg=[$slice]_body=null.verified.txt index 2ca4b2ce17c5..21f8e45b7cb4 100644 --- a/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__test=server.request.path_params_url=_api_route_2-arg=[$slice]_body=null.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__test=server.request.path_params_url=_api_route_2-arg=[$slice]_body=null.verified.txt @@ -57,6 +57,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -117,6 +120,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -177,6 +183,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -237,6 +246,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -297,6 +309,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__test=server.request.path_params_url=_api_route_TwoMember-arg=[$slice]_body=null.verified.txt b/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__test=server.request.path_params_url=_api_route_TwoMember-arg=[$slice]_body=null.verified.txt index fbf8c770e9cf..791c61dc4b2a 100644 --- a/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__test=server.request.path_params_url=_api_route_TwoMember-arg=[$slice]_body=null.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__test=server.request.path_params_url=_api_route_TwoMember-arg=[$slice]_body=null.verified.txt @@ -57,6 +57,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -117,6 +120,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -177,6 +183,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -237,6 +246,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -297,6 +309,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__test=server.request.query_url=_api_Health_-arg=[$slice]_body=null.verified.txt b/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__test=server.request.query_url=_api_Health_-arg=[$slice]_body=null.verified.txt index 343dd679eec6..95f1a0a1be54 100644 --- a/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__test=server.request.query_url=_api_Health_-arg=[$slice]_body=null.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebApi.Classic.enableSecurity=True.__test=server.request.query_url=_api_Health_-arg=[$slice]_body=null.verified.txt @@ -57,6 +57,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -117,6 +120,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -177,6 +183,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -237,6 +246,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -297,6 +309,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__scenario=null-action.verified.txt b/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__scenario=null-action.verified.txt index 435e60be2a6c..a6f2d8f20b9d 100644 --- a/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__scenario=null-action.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__scenario=null-action.verified.txt @@ -57,6 +57,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -117,6 +120,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__test=blocking.verified.txt b/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__test=blocking.verified.txt index 3f2a80a3472e..1bb662891d7a 100644 --- a/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__test=blocking.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__test=blocking.verified.txt @@ -36,6 +36,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -75,6 +78,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -114,6 +120,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -153,6 +162,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -192,6 +204,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__test=server.request.body_url=_api_Home_Upload_body={-Property1-- -[$slice]-}.verified.txt b/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__test=server.request.body_url=_api_Home_Upload_body={-Property1-- -[$slice]-}.verified.txt index 2eeacd3cee75..0fb7dc95aa7d 100644 --- a/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__test=server.request.body_url=_api_Home_Upload_body={-Property1-- -[$slice]-}.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__test=server.request.body_url=_api_Home_Upload_body={-Property1-- -[$slice]-}.verified.txt @@ -59,6 +59,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -121,6 +124,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -183,6 +189,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -245,6 +254,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -307,6 +319,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__test=server.request.path_params_url=_api_Health_appscan_fingerprint_body=null.verified.txt b/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__test=server.request.path_params_url=_api_Health_appscan_fingerprint_body=null.verified.txt index 57f9423c745b..25f98f892f01 100644 --- a/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__test=server.request.path_params_url=_api_Health_appscan_fingerprint_body=null.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__test=server.request.path_params_url=_api_Health_appscan_fingerprint_body=null.verified.txt @@ -58,6 +58,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -119,6 +122,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -180,6 +186,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -241,6 +250,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -302,6 +314,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__test=server.request.path_params_url=_api_route_2-arg=[$slice]_body=null.verified.txt b/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__test=server.request.path_params_url=_api_route_2-arg=[$slice]_body=null.verified.txt index 9572c129eab1..378304a1a6e4 100644 --- a/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__test=server.request.path_params_url=_api_route_2-arg=[$slice]_body=null.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__test=server.request.path_params_url=_api_route_2-arg=[$slice]_body=null.verified.txt @@ -58,6 +58,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -119,6 +122,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -180,6 +186,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -241,6 +250,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -302,6 +314,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__test=server.request.path_params_url=_api_route_TwoMember-arg=[$slice]_body=null.verified.txt b/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__test=server.request.path_params_url=_api_route_TwoMember-arg=[$slice]_body=null.verified.txt index c01fd9144842..3f73f2d6d1f0 100644 --- a/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__test=server.request.path_params_url=_api_route_TwoMember-arg=[$slice]_body=null.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__test=server.request.path_params_url=_api_route_TwoMember-arg=[$slice]_body=null.verified.txt @@ -58,6 +58,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -119,6 +122,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -180,6 +186,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -241,6 +250,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -302,6 +314,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__test=server.request.query_url=_api_Health_-arg=[$slice]_body=null.verified.txt b/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__test=server.request.query_url=_api_Health_-arg=[$slice]_body=null.verified.txt index d5105439bce2..ae23de1652e9 100644 --- a/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__test=server.request.query_url=_api_Health_-arg=[$slice]_body=null.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebApi.Integrated.enableSecurity=True.__test=server.request.query_url=_api_Health_-arg=[$slice]_body=null.verified.txt @@ -58,6 +58,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -119,6 +122,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -180,6 +186,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -241,6 +250,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -302,6 +314,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebApiAsmData.Classic.enableSecurity=True.__test=blocking-ips_url=_api_health.verified.txt b/tracer/test/snapshots/Security.AspNetWebApiAsmData.Classic.enableSecurity=True.__test=blocking-ips_url=_api_health.verified.txt index f93da2d51bb1..0c196a3cc79d 100644 --- a/tracer/test/snapshots/Security.AspNetWebApiAsmData.Classic.enableSecurity=True.__test=blocking-ips_url=_api_health.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebApiAsmData.Classic.enableSecurity=True.__test=blocking-ips_url=_api_health.verified.txt @@ -87,6 +87,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebApiAsmData.Classic.enableSecurity=True.__test=blocking-user_url=_api_user.verified.txt b/tracer/test/snapshots/Security.AspNetWebApiAsmData.Classic.enableSecurity=True.__test=blocking-user_url=_api_user.verified.txt index 751d2fdddb46..b853cd0e71a1 100644 --- a/tracer/test/snapshots/Security.AspNetWebApiAsmData.Classic.enableSecurity=True.__test=blocking-user_url=_api_user.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebApiAsmData.Classic.enableSecurity=True.__test=blocking-user_url=_api_user.verified.txt @@ -115,6 +115,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebApiAsmData.Integrated.enableSecurity=True.__test=blocking-ips_url=_api_health.verified.txt b/tracer/test/snapshots/Security.AspNetWebApiAsmData.Integrated.enableSecurity=True.__test=blocking-ips_url=_api_health.verified.txt index 4a7dca19bdfe..4e1d1677678a 100644 --- a/tracer/test/snapshots/Security.AspNetWebApiAsmData.Integrated.enableSecurity=True.__test=blocking-ips_url=_api_health.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebApiAsmData.Integrated.enableSecurity=True.__test=blocking-ips_url=_api_health.verified.txt @@ -91,6 +91,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebApiAsmData.Integrated.enableSecurity=True.__test=blocking-user_url=_api_user.verified.txt b/tracer/test/snapshots/Security.AspNetWebApiAsmData.Integrated.enableSecurity=True.__test=blocking-user_url=_api_user.verified.txt index 75b9044969f4..d73c4f5d003d 100644 --- a/tracer/test/snapshots/Security.AspNetWebApiAsmData.Integrated.enableSecurity=True.__test=blocking-user_url=_api_user.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebApiAsmData.Integrated.enableSecurity=True.__test=blocking-user_url=_api_user.verified.txt @@ -114,6 +114,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebForms.Classic.enableSecurity=True.__test=blocking.verified.txt b/tracer/test/snapshots/Security.AspNetWebForms.Classic.enableSecurity=True.__test=blocking.verified.txt index 3bc4e429b225..b2550a179e10 100644 --- a/tracer/test/snapshots/Security.AspNetWebForms.Classic.enableSecurity=True.__test=blocking.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebForms.Classic.enableSecurity=True.__test=blocking.verified.txt @@ -35,6 +35,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -73,6 +76,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -111,6 +117,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -149,6 +158,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -187,6 +199,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebForms.Classic.enableSecurity=True.__url=_Health-arg=[$slice]_body=null.verified.txt b/tracer/test/snapshots/Security.AspNetWebForms.Classic.enableSecurity=True.__url=_Health-arg=[$slice]_body=null.verified.txt index f70b612eedcc..48853d58208e 100644 --- a/tracer/test/snapshots/Security.AspNetWebForms.Classic.enableSecurity=True.__url=_Health-arg=[$slice]_body=null.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebForms.Classic.enableSecurity=True.__url=_Health-arg=[$slice]_body=null.verified.txt @@ -34,6 +34,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -71,6 +74,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -108,6 +114,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -145,6 +154,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -182,6 +194,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebForms.Classic.enableSecurity=True.__url=_Health_Params_appscan_fingerprint_body=null.verified.txt b/tracer/test/snapshots/Security.AspNetWebForms.Classic.enableSecurity=True.__url=_Health_Params_appscan_fingerprint_body=null.verified.txt index b883bebdc79d..04d0dc2fe3e1 100644 --- a/tracer/test/snapshots/Security.AspNetWebForms.Classic.enableSecurity=True.__url=_Health_Params_appscan_fingerprint_body=null.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebForms.Classic.enableSecurity=True.__url=_Health_Params_appscan_fingerprint_body=null.verified.txt @@ -34,6 +34,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -71,6 +74,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -108,6 +114,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -145,6 +154,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -182,6 +194,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebForms.Classic.enableSecurity=True.__url=_Health_body=ctl00%24MainContent%24testBox=%5B%24slice%5D.verified.txt b/tracer/test/snapshots/Security.AspNetWebForms.Classic.enableSecurity=True.__url=_Health_body=ctl00%24MainContent%24testBox=%5B%24slice%5D.verified.txt index 2cb976560f75..8db0332525b0 100644 --- a/tracer/test/snapshots/Security.AspNetWebForms.Classic.enableSecurity=True.__url=_Health_body=ctl00%24MainContent%24testBox=%5B%24slice%5D.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebForms.Classic.enableSecurity=True.__url=_Health_body=ctl00%24MainContent%24testBox=%5B%24slice%5D.verified.txt @@ -36,6 +36,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -75,6 +78,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -114,6 +120,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -153,6 +162,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -192,6 +204,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebForms.Integrated.enableSecurity=True.__test=blocking.verified.txt b/tracer/test/snapshots/Security.AspNetWebForms.Integrated.enableSecurity=True.__test=blocking.verified.txt index 473de91494e1..42d0ac631510 100644 --- a/tracer/test/snapshots/Security.AspNetWebForms.Integrated.enableSecurity=True.__test=blocking.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebForms.Integrated.enableSecurity=True.__test=blocking.verified.txt @@ -36,6 +36,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -75,6 +78,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -114,6 +120,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -153,6 +162,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -192,6 +204,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebForms.Integrated.enableSecurity=True.__url=_Health-arg=[$slice]_body=null.verified.txt b/tracer/test/snapshots/Security.AspNetWebForms.Integrated.enableSecurity=True.__url=_Health-arg=[$slice]_body=null.verified.txt index cffa527cfaa7..0d32f47e9ec8 100644 --- a/tracer/test/snapshots/Security.AspNetWebForms.Integrated.enableSecurity=True.__url=_Health-arg=[$slice]_body=null.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebForms.Integrated.enableSecurity=True.__url=_Health-arg=[$slice]_body=null.verified.txt @@ -35,6 +35,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -73,6 +76,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -111,6 +117,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -149,6 +158,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -187,6 +199,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebForms.Integrated.enableSecurity=True.__url=_Health_Params_appscan_fingerprint_body=null.verified.txt b/tracer/test/snapshots/Security.AspNetWebForms.Integrated.enableSecurity=True.__url=_Health_Params_appscan_fingerprint_body=null.verified.txt index a35054296d19..c1ef09fc351e 100644 --- a/tracer/test/snapshots/Security.AspNetWebForms.Integrated.enableSecurity=True.__url=_Health_Params_appscan_fingerprint_body=null.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebForms.Integrated.enableSecurity=True.__url=_Health_Params_appscan_fingerprint_body=null.verified.txt @@ -35,6 +35,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -73,6 +76,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -111,6 +117,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -149,6 +158,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -187,6 +199,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebForms.Integrated.enableSecurity=True.__url=_Health_body=ctl00%24MainContent%24testBox=%5B%24slice%5D.verified.txt b/tracer/test/snapshots/Security.AspNetWebForms.Integrated.enableSecurity=True.__url=_Health_body=ctl00%24MainContent%24testBox=%5B%24slice%5D.verified.txt index 00b52472c39f..4df6c33d7935 100644 --- a/tracer/test/snapshots/Security.AspNetWebForms.Integrated.enableSecurity=True.__url=_Health_body=ctl00%24MainContent%24testBox=%5B%24slice%5D.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebForms.Integrated.enableSecurity=True.__url=_Health_body=ctl00%24MainContent%24testBox=%5B%24slice%5D.verified.txt @@ -37,6 +37,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -77,6 +80,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -117,6 +123,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -157,6 +166,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -197,6 +209,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebFormsAsmData.Classic.enableSecurity=True.__test=blocking-ips_url=_default.aspx.verified.txt b/tracer/test/snapshots/Security.AspNetWebFormsAsmData.Classic.enableSecurity=True.__test=blocking-ips_url=_default.aspx.verified.txt index e9b843c8395b..e2ea45d073b9 100644 --- a/tracer/test/snapshots/Security.AspNetWebFormsAsmData.Classic.enableSecurity=True.__test=blocking-ips_url=_default.aspx.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebFormsAsmData.Classic.enableSecurity=True.__test=blocking-ips_url=_default.aspx.verified.txt @@ -65,6 +65,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebFormsAsmData.Classic.enableSecurity=True.__test=blocking-user_url=_user.verified.txt b/tracer/test/snapshots/Security.AspNetWebFormsAsmData.Classic.enableSecurity=True.__test=blocking-user_url=_user.verified.txt index 0a1741ae7fb8..7cf16cca878c 100644 --- a/tracer/test/snapshots/Security.AspNetWebFormsAsmData.Classic.enableSecurity=True.__test=blocking-user_url=_user.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebFormsAsmData.Classic.enableSecurity=True.__test=blocking-user_url=_user.verified.txt @@ -70,6 +70,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebFormsAsmData.Integrated.enableSecurity=True.__test=blocking-ips_url=_default.aspx.verified.txt b/tracer/test/snapshots/Security.AspNetWebFormsAsmData.Integrated.enableSecurity=True.__test=blocking-ips_url=_default.aspx.verified.txt index 44716665c3a1..0296b1bb2e73 100644 --- a/tracer/test/snapshots/Security.AspNetWebFormsAsmData.Integrated.enableSecurity=True.__test=blocking-ips_url=_default.aspx.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebFormsAsmData.Integrated.enableSecurity=True.__test=blocking-ips_url=_default.aspx.verified.txt @@ -69,6 +69,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/Security.AspNetWebFormsAsmData.Integrated.enableSecurity=True.__test=blocking-user_url=_user.verified.txt b/tracer/test/snapshots/Security.AspNetWebFormsAsmData.Integrated.enableSecurity=True.__test=blocking-user_url=_user.verified.txt index bbefa4baef9d..e3110493c011 100644 --- a/tracer/test/snapshots/Security.AspNetWebFormsAsmData.Integrated.enableSecurity=True.__test=blocking-user_url=_user.verified.txt +++ b/tracer/test/snapshots/Security.AspNetWebFormsAsmData.Integrated.enableSecurity=True.__test=blocking-user_url=_user.verified.txt @@ -68,6 +68,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file diff --git a/tracer/test/snapshots/TestGlobalRulesToggling._.verified.txt b/tracer/test/snapshots/TestGlobalRulesToggling._.verified.txt index 9f52d0fac6b3..bf87f94b4486 100644 --- a/tracer/test/snapshots/TestGlobalRulesToggling._.verified.txt +++ b/tracer/test/snapshots/TestGlobalRulesToggling._.verified.txt @@ -41,6 +41,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -85,6 +88,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } }, { @@ -129,6 +135,9 @@ _dd.top_level: 1.0, _dd.tracer_kr: 1.0, _sampling_priority_v1: 2.0 + }, + MetaStruct: { + appsec: } } ] \ No newline at end of file