Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Skip synthetic header Raw-Request-Uri #6101

Merged
merged 2 commits into from
Oct 26, 2023
Merged

Skip synthetic header Raw-Request-Uri #6101

merged 2 commits into from
Oct 26, 2023

Conversation

cataphract
Copy link
Contributor

Prevents the content of the request uri to be reported to the WAF as a header.

@cataphract
Akka: skip sythentic header Raw-Request-Uri
8b09a13 
Causes the content of the request uri to be reported to the WAF as a header.
@cataphract cataphract requested a review from a team as a code owner October 25, 2023 18:54
@pr-commenter
Copy link

pr-commenter bot commented Oct 25, 2023
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
commit 1.22.0-SNAPSHOT~9ae368faea 1.22.0-SNAPSHOT~cc7aa2249e
config baseline candidate
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
module Agent Agent
parent None None
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 54 cases.

Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.22.0-SNAPSHOT~cc7aa2249e, baseline=1.22.0-SNAPSHOT~9ae368faea

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.025 s) : 0, 1025348
Total [baseline] (9.335 s) : 0, 9335017
Agent [candidate] (1.03 s) : 0, 1030403
Total [candidate] (9.328 s) : 0, 9327783
section appsec
Agent [baseline] (1.115 s) : 0, 1115441
Total [baseline] (9.408 s) : 0, 9407543
Agent [candidate] (1.123 s) : 0, 1123457
Total [candidate] (9.395 s) : 0, 9395492
section iast
Agent [baseline] (1.155 s) : 0, 1155454
Total [baseline] (9.523 s) : 0, 9523437
Agent [candidate] (1.164 s) : 0, 1163909
Total [candidate] (9.552 s) : 0, 9552275
section profiling
Agent [baseline] (1.208 s) : 0, 1208335
Total [baseline] (9.615 s) : 0, 9614975
Agent [candidate] (1.204 s) : 0, 1204061
Total [candidate] (9.563 s) : 0, 9563145
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.025 s -
Agent appsec 1.115 s 90.093 ms (8.8%)
Agent iast 1.155 s 130.106 ms (12.7%)
Agent profiling 1.208 s 182.987 ms (17.8%)
Total tracing 9.335 s -
Total appsec 9.408 s 72.526 ms (0.8%)
Total iast 9.523 s 188.42 ms (2.0%)
Total profiling 9.615 s 279.958 ms (3.0%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.03 s -
Agent appsec 1.123 s 93.055 ms (9.0%)
Agent iast 1.164 s 133.506 ms (13.0%)
Agent profiling 1.204 s 173.658 ms (16.9%)
Total tracing 9.328 s -
Total appsec 9.395 s 67.709 ms (0.7%)
Total iast 9.552 s 224.492 ms (2.4%)
Total profiling 9.563 s 235.362 ms (2.5%) 
gantt
    title petclinic - break down per module: candidate=1.22.0-SNAPSHOT~cc7aa2249e, baseline=1.22.0-SNAPSHOT~9ae368faea

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (641.494 ms) : 0, 641494
BytebuddyAgent [candidate] (643.679 ms) : 0, 643679
GlobalTracer [baseline] (293.925 ms) : 0, 293925
GlobalTracer [candidate] (296.181 ms) : 0, 296181
AppSec [baseline] (48.925 ms) : 0, 48925
AppSec [candidate] (49.237 ms) : 0, 49237
Remote Config [baseline] (674.999 µs) : 0, 675
Remote Config [candidate] (681.618 µs) : 0, 682
Telemetry [baseline] (6.015 ms) : 0, 6015
Telemetry [candidate] (6.073 ms) : 0, 6073
section appsec
BytebuddyAgent [baseline] (642.484 ms) : 0, 642484
BytebuddyAgent [candidate] (647.31 ms) : 0, 647310
GlobalTracer [baseline] (294.16 ms) : 0, 294160
GlobalTracer [candidate] (296.543 ms) : 0, 296543
AppSec [baseline] (137.924 ms) : 0, 137924
AppSec [candidate] (138.615 ms) : 0, 138615
Remote Config [baseline] (647.173 µs) : 0, 647
Remote Config [candidate] (643.68 µs) : 0, 644
Telemetry [baseline] (5.725 ms) : 0, 5725
Telemetry [candidate] (5.765 ms) : 0, 5765
section iast
BytebuddyAgent [baseline] (774.006 ms) : 0, 774006
BytebuddyAgent [candidate] (779.99 ms) : 0, 779990
GlobalTracer [baseline] (273.996 ms) : 0, 273996
GlobalTracer [candidate] (276.58 ms) : 0, 276580
AppSec [baseline] (49.384 ms) : 0, 49384
AppSec [candidate] (48.31 ms) : 0, 48310
Remote Config [baseline] (599.893 µs) : 0, 600
Remote Config [candidate] (579.195 µs) : 0, 579
Telemetry [baseline] (6.166 ms) : 0, 6166
Telemetry [candidate] (6.888 ms) : 0, 6888
IAST [baseline] (16.712 ms) : 0, 16712
IAST [candidate] (16.744 ms) : 0, 16744
section profiling
BytebuddyAgent [baseline] (656.522 ms) : 0, 656522
BytebuddyAgent [candidate] (654.196 ms) : 0, 654196
GlobalTracer [baseline] (360.383 ms) : 0, 360383
GlobalTracer [candidate] (358.718 ms) : 0, 358718
AppSec [baseline] (49.638 ms) : 0, 49638
AppSec [candidate] (49.727 ms) : 0, 49727
Remote Config [baseline] (643.921 µs) : 0, 644
Remote Config [candidate] (648.716 µs) : 0, 649
Telemetry [baseline] (6.103 ms) : 0, 6103
Telemetry [candidate] (6.064 ms) : 0, 6064
ProfilingAgent [baseline] (81.373 ms) : 0, 81373
ProfilingAgent [candidate] (81.3 ms) : 0, 81300
Profiling [baseline] (81.398 ms) : 0, 81398
Profiling [candidate] (81.324 ms) : 0, 81324
Loading
Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.22.0-SNAPSHOT~cc7aa2249e, baseline=1.22.0-SNAPSHOT~9ae368faea

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.026 s) : 0, 1026005
Total [baseline] (8.81 s) : 0, 8810386
Agent [candidate] (1.033 s) : 0, 1032538
Total [candidate] (8.786 s) : 0, 8786190
section iast
Agent [baseline] (1.152 s) : 0, 1151791
Total [baseline] (9.29 s) : 0, 9289612
Agent [candidate] (1.154 s) : 0, 1154276
Total [candidate] (9.322 s) : 0, 9322166
section iast_TELEMETRY_OFF
Agent [baseline] (1.145 s) : 0, 1145267
Total [baseline] (9.279 s) : 0, 9278763
Agent [candidate] (1.147 s) : 0, 1147243
Total [candidate] (9.27 s) : 0, 9270045
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.026 s -
Agent iast 1.152 s 125.786 ms (12.3%)
Agent iast_TELEMETRY_OFF 1.145 s 119.262 ms (11.6%)
Total tracing 8.81 s -
Total iast 9.29 s 479.226 ms (5.4%)
Total iast_TELEMETRY_OFF 9.279 s 468.377 ms (5.3%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.033 s -
Agent iast 1.154 s 121.738 ms (11.8%)
Agent iast_TELEMETRY_OFF 1.147 s 114.705 ms (11.1%)
Total tracing 8.786 s -
Total iast 9.322 s 535.976 ms (6.1%)
Total iast_TELEMETRY_OFF 9.27 s 483.855 ms (5.5%) 
gantt
    title insecure-bank - break down per module: candidate=1.22.0-SNAPSHOT~cc7aa2249e, baseline=1.22.0-SNAPSHOT~9ae368faea

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (641.05 ms) : 0, 641050
BytebuddyAgent [candidate] (646.156 ms) : 0, 646156
GlobalTracer [baseline] (294.196 ms) : 0, 294196
GlobalTracer [candidate] (295.234 ms) : 0, 295234
AppSec [baseline] (49.41 ms) : 0, 49410
AppSec [candidate] (49.635 ms) : 0, 49635
Remote Config [baseline] (690.972 µs) : 0, 691
Remote Config [candidate] (686.404 µs) : 0, 686
Telemetry [baseline] (6.081 ms) : 0, 6081
Telemetry [candidate] (6.116 ms) : 0, 6116
section iast
BytebuddyAgent [baseline] (769.899 ms) : 0, 769899
BytebuddyAgent [candidate] (772.651 ms) : 0, 772651
GlobalTracer [baseline] (273.41 ms) : 0, 273410
GlobalTracer [candidate] (273.4 ms) : 0, 273400
AppSec [baseline] (47.787 ms) : 0, 47787
AppSec [candidate] (47.718 ms) : 0, 47718
IAST [baseline] (18.084 ms) : 0, 18084
IAST [candidate] (16.644 ms) : 0, 16644
Remote Config [baseline] (599.205 µs) : 0, 599
Remote Config [candidate] (583.282 µs) : 0, 583
Telemetry [baseline] (7.572 ms) : 0, 7572
Telemetry [candidate] (8.923 ms) : 0, 8923
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (764.743 ms) : 0, 764743
BytebuddyAgent [candidate] (765.747 ms) : 0, 765747
GlobalTracer [baseline] (273.868 ms) : 0, 273868
GlobalTracer [candidate] (274.646 ms) : 0, 274646
AppSec [baseline] (46.528 ms) : 0, 46528
AppSec [candidate] (46.773 ms) : 0, 46773
IAST [baseline] (18.78 ms) : 0, 18780
IAST [candidate] (17.644 ms) : 0, 17644
Remote Config [baseline] (641.444 µs) : 0, 641
Remote Config [candidate] (600.08 µs) : 0, 600
Telemetry [baseline] (6.104 ms) : 0, 6104
Telemetry [candidate] (7.429 ms) : 0, 7429
Loading

Load

Parameters

Baseline Candidate
commit 1.22.0-SNAPSHOT~9ae368faea 1.22.0-SNAPSHOT~cc7aa2249e
config baseline candidate
end_time 2023-10-26T10:13:54 2023-10-26T10:30:19
start_time 2023-10-26T10:13:42 2023-10-26T10:30:07
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 22 cases.

Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.22.0-SNAPSHOT~cc7aa2249e, baseline=1.22.0-SNAPSHOT~9ae368faea
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.364 ms) : 1345, 1384
.   : milestone, 1364,
appsec (1.721 ms) : 1696, 1746
.   : milestone, 1721,
iast (1.488 ms) : 1464, 1513
.   : milestone, 1488,
profiling (1.484 ms) : 1460, 1509
.   : milestone, 1484,
tracing (1.471 ms) : 1447, 1495
.   : milestone, 1471,
section candidate
no_agent (1.34 ms) : 1321, 1359
.   : milestone, 1340,
appsec (1.692 ms) : 1667, 1716
.   : milestone, 1692,
iast (1.461 ms) : 1437, 1485
.   : milestone, 1461,
profiling (1.513 ms) : 1487, 1539
.   : milestone, 1513,
tracing (1.497 ms) : 1472, 1522
.   : milestone, 1497,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.364 ms [1.345 ms, 1.384 ms] -
appsec 1.721 ms [1.696 ms, 1.746 ms] 356.723 µs (26.1%)
iast 1.488 ms [1.464 ms, 1.513 ms] 123.847 µs (9.1%)
profiling 1.484 ms [1.46 ms, 1.509 ms] 120.103 µs (8.8%)
tracing 1.471 ms [1.447 ms, 1.495 ms] 106.355 µs (7.8%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.34 ms [1.321 ms, 1.359 ms] -
appsec 1.692 ms [1.667 ms, 1.716 ms] 351.553 µs (26.2%)
iast 1.461 ms [1.437 ms, 1.485 ms] 120.827 µs (9.0%)
profiling 1.513 ms [1.487 ms, 1.539 ms] 172.552 µs (12.9%)
tracing 1.497 ms [1.472 ms, 1.522 ms] 156.629 µs (11.7%)
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.22.0-SNAPSHOT~cc7aa2249e, baseline=1.22.0-SNAPSHOT~9ae368faea
    dateFormat X
    axisFormat %s
section baseline
no_agent (366.248 µs) : 346, 386
.   : milestone, 366,
iast (469.849 µs) : 449, 491
.   : milestone, 470,
iast_FULL (534.023 µs) : 513, 555
.   : milestone, 534,
iast_INACTIVE (444.242 µs) : 423, 466
.   : milestone, 444,
iast_TELEMETRY_OFF (459.415 µs) : 438, 481
.   : milestone, 459,
tracing (439.491 µs) : 418, 461
.   : milestone, 439,
section candidate
no_agent (365.445 µs) : 344, 386
.   : milestone, 365,
iast (469.122 µs) : 448, 490
.   : milestone, 469,
iast_FULL (532.736 µs) : 512, 554
.   : milestone, 533,
iast_INACTIVE (437.571 µs) : 417, 458
.   : milestone, 438,
iast_TELEMETRY_OFF (454.447 µs) : 434, 475
.   : milestone, 454,
tracing (437.662 µs) : 417, 458
.   : milestone, 438,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 366.248 µs [346.277 µs, 386.219 µs] -
iast 469.849 µs [448.947 µs, 490.752 µs] 103.602 µs (28.3%)
iast_FULL 534.023 µs [513.232 µs, 554.814 µs] 167.775 µs (45.8%)
iast_INACTIVE 444.242 µs [422.615 µs, 465.87 µs] 77.995 µs (21.3%)
iast_TELEMETRY_OFF 459.415 µs [438.303 µs, 480.527 µs] 93.167 µs (25.4%)
tracing 439.491 µs [418.043 µs, 460.939 µs] 73.243 µs (20.0%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 365.445 µs [344.498 µs, 386.391 µs] -
iast 469.122 µs [448.165 µs, 490.08 µs] 103.678 µs (28.4%)
iast_FULL 532.736 µs [511.946 µs, 553.526 µs] 167.291 µs (45.8%)
iast_INACTIVE 437.571 µs [416.681 µs, 458.461 µs] 72.126 µs (19.7%)
iast_TELEMETRY_OFF 454.447 µs [433.655 µs, 475.238 µs] 89.002 µs (24.4%)
tracing 437.662 µs [416.981 µs, 458.342 µs] 72.217 µs (19.8%)

@smola smola requested review from a team and anderruiz October 26, 2023 06:47
@smola smola added the comp: asm waf Application Security Management (WAF) label Oct 26, 2023
@smola smola changed the title Akka: skip sythentic header Raw-Request-Uri Akka: skip synthentic header Raw-Request-Uri Oct 26, 2023
@smola smola changed the title Akka: skip synthentic header Raw-Request-Uri Akka: skip synthetic header Raw-Request-Uri Oct 26, 2023
@cataphract cataphract merged commit 848d377 into master Oct 26, 2023
68 checks passed
@cataphract cataphract deleted the glopes/akka-skip-raw-req-uri branch October 26, 2023 10:42
@github-actions github-actions bot added this to the 1.22.0 milestone Oct 26, 2023
@PerfectSlayer PerfectSlayer added the inst: akka Akka instrumentation label Oct 26, 2023
@PerfectSlayer PerfectSlayer changed the title Akka: skip synthetic header Raw-Request-Uri Skip synthetic header Raw-Request-Uri Oct 30, 2023
This pull request was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@smola smola smola approved these changes

@dougqh dougqh Awaiting requested review from dougqh dougqh was automatically assigned from DataDog/apm-java

@PerfectSlayer PerfectSlayer Awaiting requested review from PerfectSlayer PerfectSlayer was automatically assigned from DataDog/apm-java

@anderruiz anderruiz Awaiting requested review from anderruiz anderruiz was automatically assigned from DataDog/asm-java

Assignees
No one assigned
Labels
comp: asm waf Application Security Management (WAF) inst: akka Akka instrumentation
Projects
None yet
Milestone
1.22.0
Development

Successfully merging this pull request may close these issues.
3 participants
@cataphract @smola @PerfectSlayer