File tree Expand file tree Collapse file tree 2 files changed +7
-7
lines changed
spec/datadog/appsec/contrib Expand file tree Collapse file tree 2 files changed +7
-7
lines changed Original file line number Diff line number Diff line change 44require 'faraday'
55
66RSpec . describe 'AppSec Faraday integration' do
7- let ( :waf_response_double ) { double ( match? : false ) }
8- let ( :active_context ) { stub_const ( ' Datadog::AppSec::Context' , double ( run_rasp : waf_response_double ) ) }
7+ let ( :context ) { instance_double ( Datadog :: AppSec :: Context , run_rasp : waf_response ) }
8+ let ( :waf_response ) { instance_double ( Datadog ::AppSec ::SecurityEngine :: Result :: Ok , match? : false ) }
99
1010 let ( :client ) do
1111 ::Faraday . new ( 'http://example.com' ) do |faraday |
2121 c . appsec . instrument :faraday
2222 end
2323
24- allow ( Datadog ::AppSec ) . to receive ( :active_context ) . and_return ( active_context )
24+ allow ( Datadog ::AppSec ) . to receive ( :active_context ) . and_return ( context )
2525 end
2626
2727 after do
4141 end
4242
4343 context 'when there is no active context' do
44- let ( :active_context ) { nil }
44+ let ( :context ) { nil }
4545
4646 it 'does not call waf when making a request' do
4747 expect ( Datadog ::AppSec . active_context ) . not_to receive ( :run_rasp )
5656 end
5757
5858 it 'calls waf with correct arguments when making a request' do
59- expect ( active_context ) . to (
59+ expect ( Datadog :: AppSec . active_context ) . to (
6060 receive ( :run_rasp ) . with (
6161 Datadog ::AppSec ::Ext ::RASP_SSRF ,
6262 { } ,
Original file line number Diff line number Diff line change 9797 spans . find { |s | s . name == 'rack.request' }
9898 end
9999
100- context 'when RASP check was positive for http request ' do
100+ context 'when request params contain SSRF attack ' do
101101 before do
102102 get ( '/ssrf' , { 'url' => '169.254.169.254' } , { 'REMOTE_ADDR' => '127.0.0.1' } )
103103 end
104104
105105 it { expect ( last_response ) . to be_forbidden }
106106 end
107107
108- context 'when RASP check was negative for http request ' do
108+ context 'when request params do not contain SSRF attack ' do
109109 before do
110110 get ( '/ssrf' , { 'url' => 'example.com' } , { 'REMOTE_ADDR' => '127.0.0.1' } )
111111 end
You can’t perform that action at this time.
0 commit comments