From f62cbfadc7eab41efd051adad5f4baa093172ba0 Mon Sep 17 00:00:00 2001 From: Carles Capell <107924659+CarlesDD@users.noreply.github.com> Date: Mon, 14 Oct 2024 13:07:18 +0200 Subject: [PATCH] Unsubscribe NextJS body and query channels on appsec disable (#4776) --- packages/dd-trace/src/appsec/index.js | 2 ++ packages/dd-trace/test/appsec/index.spec.js | 8 ++++++++ 2 files changed, 10 insertions(+) diff --git a/packages/dd-trace/src/appsec/index.js b/packages/dd-trace/src/appsec/index.js index 10e63ebd2de..4fea5ead514 100644 --- a/packages/dd-trace/src/appsec/index.js +++ b/packages/dd-trace/src/appsec/index.js @@ -290,6 +290,8 @@ function disable () { if (incomingHttpRequestStart.hasSubscribers) incomingHttpRequestStart.unsubscribe(incomingHttpStartTranslator) if (incomingHttpRequestEnd.hasSubscribers) incomingHttpRequestEnd.unsubscribe(incomingHttpEndTranslator) if (queryParser.hasSubscribers) queryParser.unsubscribe(onRequestQueryParsed) + if (nextBodyParsed.hasSubscribers) nextBodyParsed.unsubscribe(onRequestBodyParsed) + if (nextQueryParsed.hasSubscribers) nextQueryParsed.unsubscribe(onRequestQueryParsed) if (cookieParser.hasSubscribers) cookieParser.unsubscribe(onRequestCookieParser) if (responseBody.hasSubscribers) responseBody.unsubscribe(onResponseBody) if (passportVerify.hasSubscribers) passportVerify.unsubscribe(onPassportVerify) diff --git a/packages/dd-trace/test/appsec/index.spec.js b/packages/dd-trace/test/appsec/index.spec.js index 8548804ac38..bb0b994b0d2 100644 --- a/packages/dd-trace/test/appsec/index.spec.js +++ b/packages/dd-trace/test/appsec/index.spec.js @@ -11,6 +11,8 @@ const { incomingHttpRequestStart, incomingHttpRequestEnd, queryParser, + nextBodyParsed, + nextQueryParsed, passportVerify, responseBody, responseWriteHead, @@ -168,6 +170,8 @@ describe('AppSec Index', function () { expect(bodyParser.hasSubscribers).to.be.false expect(cookieParser.hasSubscribers).to.be.false expect(queryParser.hasSubscribers).to.be.false + expect(nextBodyParsed.hasSubscribers).to.be.false + expect(nextQueryParsed.hasSubscribers).to.be.false expect(passportVerify.hasSubscribers).to.be.false expect(responseWriteHead.hasSubscribers).to.be.false expect(responseSetHeader.hasSubscribers).to.be.false @@ -177,6 +181,8 @@ describe('AppSec Index', function () { expect(bodyParser.hasSubscribers).to.be.true expect(cookieParser.hasSubscribers).to.be.true expect(queryParser.hasSubscribers).to.be.true + expect(nextBodyParsed.hasSubscribers).to.be.true + expect(nextQueryParsed.hasSubscribers).to.be.true expect(passportVerify.hasSubscribers).to.be.true expect(responseWriteHead.hasSubscribers).to.be.true expect(responseSetHeader.hasSubscribers).to.be.true @@ -255,6 +261,8 @@ describe('AppSec Index', function () { expect(bodyParser.hasSubscribers).to.be.false expect(cookieParser.hasSubscribers).to.be.false expect(queryParser.hasSubscribers).to.be.false + expect(nextBodyParsed.hasSubscribers).to.be.false + expect(nextQueryParsed.hasSubscribers).to.be.false expect(passportVerify.hasSubscribers).to.be.false expect(responseWriteHead.hasSubscribers).to.be.false expect(responseSetHeader.hasSubscribers).to.be.false