From 9407d23ea2ea9c8802ef44b19333f37c73a4e594 Mon Sep 17 00:00:00 2001 From: Najib Boutaib Date: Mon, 18 Mar 2024 15:12:39 +0100 Subject: [PATCH 1/5] RUM-3598: Ignore requests to PCI endpoint --- .../transportConfiguration.spec.ts | 4 +- .../configuration/transportConfiguration.ts | 37 ++++++++++++++++++- 2 files changed, 38 insertions(+), 3 deletions(-) diff --git a/packages/core/src/domain/configuration/transportConfiguration.spec.ts b/packages/core/src/domain/configuration/transportConfiguration.spec.ts index abe993ad25..9989d979db 100644 --- a/packages/core/src/domain/configuration/transportConfiguration.spec.ts +++ b/packages/core/src/domain/configuration/transportConfiguration.spec.ts @@ -87,10 +87,12 @@ describe('transportConfiguration', () => { ;[ { site: 'datadoghq.eu', intakeDomain: 'browser-intake-datadoghq.eu' }, { site: 'datadoghq.com', intakeDomain: 'browser-intake-datadoghq.com' }, + { site: 'datadoghq.com', intakeDomain: 'pci.browser-intake-datadoghq.com' }, { site: 'us3.datadoghq.com', intakeDomain: 'browser-intake-us3-datadoghq.com' }, { site: 'us5.datadoghq.com', intakeDomain: 'browser-intake-us5-datadoghq.com' }, - { site: 'ddog-gov.com', intakeDomain: 'browser-intake-ddog-gov.com' }, { site: 'ap1.datadoghq.com', intakeDomain: 'browser-intake-ap1-datadoghq.com' }, + { site: 'ddog-gov.com', intakeDomain: 'browser-intake-ddog-gov.com' }, + { site: 'datad0g.com', intakeDomain: 'browser-intake-datad0g.com' }, { site: 'dd0g-gov.com', intakeDomain: 'http-intake.logs.dd0g-gov.com' }, ].forEach(({ site, intakeDomain }) => { it(`should detect intake request for ${site} site`, () => { diff --git a/packages/core/src/domain/configuration/transportConfiguration.ts b/packages/core/src/domain/configuration/transportConfiguration.ts index 929f0318f2..c2c9131c09 100644 --- a/packages/core/src/domain/configuration/transportConfiguration.ts +++ b/packages/core/src/domain/configuration/transportConfiguration.ts @@ -3,7 +3,7 @@ import type { InitConfiguration } from './configuration' import type { EndpointBuilder } from './endpointBuilder' import { createEndpointBuilder } from './endpointBuilder' import { buildTags } from './tags' -import { INTAKE_SITE_US1 } from './intakeSites' +import { INTAKE_SITE_FED_STAGING, INTAKE_SITE_US1 } from './intakeSites' export interface TransportConfiguration { logsEndpointBuilder: EndpointBuilder @@ -28,9 +28,16 @@ export function computeTransportConfiguration(initConfiguration: InitConfigurati const replicaConfiguration = computeReplicaConfiguration(initConfiguration, intakeUrlPrefixes, tags) + function isIntakeUrl(url: string) { + return ( + getIntakePrefixesRegEx(initConfiguration).some((intakeRegEx) => intakeRegEx.test(url)) || + intakeUrlPrefixes.some((intakeEndpoint) => url.indexOf(intakeEndpoint) === 0) + ) + } + return assign( { - isIntakeUrl: (url: string) => intakeUrlPrefixes.some((intakeEndpoint) => url.indexOf(intakeEndpoint) === 0), + isIntakeUrl, replica: replicaConfiguration, site: initConfiguration.site || INTAKE_SITE_US1, }, @@ -69,3 +76,29 @@ function computeReplicaConfiguration( return assign({ applicationId: initConfiguration.replica.applicationId }, replicaEndpointBuilders) } + +function getIntakePrefixesRegEx(initConfiguration: InitConfiguration): RegExp[] { + const { site = INTAKE_SITE_US1, internalAnalyticsSubdomain } = initConfiguration + + const intakePrefixesRegEx: RegExp[] = [] + + if (internalAnalyticsSubdomain) { + intakePrefixesRegEx.push(new RegExp(`^https://${internalAnalyticsSubdomain}.datadoghq.com/api/v2/(logs|rum)`)) + } + + if (site === INTAKE_SITE_FED_STAGING) { + intakePrefixesRegEx.push(new RegExp(`^https://http-intake.logs.${site}/api/v2/(logs|rum|replay)`)) + } + + if (site === INTAKE_SITE_US1) { + intakePrefixesRegEx.push(new RegExp(`^https://(pci.)?browser-intake-${site}/api/v2/(logs|rum|replay)`)) + } else { + const domainParts = site.split('.') + const extension = domainParts.pop() + intakePrefixesRegEx.push( + new RegExp(`^https://browser-intake-${domainParts.join('-')}.${extension!}/api/v2/(logs|rum|replay)`) + ) + } + + return intakePrefixesRegEx +} From f3373fa42a907a92ad5b45ffd3f47ea9fe14cbd4 Mon Sep 17 00:00:00 2001 From: Najib Boutaib Date: Wed, 20 Mar 2024 10:59:21 +0100 Subject: [PATCH 2/5] RUM-3598: Simplify checks for pci requests --- .../domain/configuration/endpointBuilder.ts | 4 +- .../src/domain/configuration/intakeSites.ts | 2 + .../transportConfiguration.spec.ts | 8 +++- .../configuration/transportConfiguration.ts | 45 ++++--------------- 4 files changed, 20 insertions(+), 39 deletions(-) diff --git a/packages/core/src/domain/configuration/endpointBuilder.ts b/packages/core/src/domain/configuration/endpointBuilder.ts index 16b3192bf9..158f0c847c 100644 --- a/packages/core/src/domain/configuration/endpointBuilder.ts +++ b/packages/core/src/domain/configuration/endpointBuilder.ts @@ -4,7 +4,7 @@ import { normalizeUrl } from '../../tools/utils/urlPolyfill' import { ExperimentalFeature, isExperimentalFeatureEnabled } from '../../tools/experimentalFeatures' import { generateUUID } from '../../tools/utils/stringUtils' import type { InitConfiguration } from './configuration' -import { INTAKE_SITE_US1, INTAKE_SITE_FED_STAGING } from './intakeSites' +import { INTAKE_SITE_US1, INTAKE_SITE_FED_STAGING, PCI_INTAKE_HOST_US1 } from './intakeSites' // replaced at build time declare const __BUILD_ENV__SDK_VERSION__: string @@ -63,7 +63,7 @@ function buildEndpointHost(trackType: TrackType, initConfiguration: InitConfigur const { site = INTAKE_SITE_US1, internalAnalyticsSubdomain } = initConfiguration if (trackType === 'logs' && initConfiguration.usePciIntake && site === INTAKE_SITE_US1) { - return 'pci.browser-intake-datadoghq.com' + return PCI_INTAKE_HOST_US1 } if (internalAnalyticsSubdomain && site === INTAKE_SITE_US1) { diff --git a/packages/core/src/domain/configuration/intakeSites.ts b/packages/core/src/domain/configuration/intakeSites.ts index eef9a99fe6..170484f3e1 100644 --- a/packages/core/src/domain/configuration/intakeSites.ts +++ b/packages/core/src/domain/configuration/intakeSites.ts @@ -3,3 +3,5 @@ export const INTAKE_SITE_FED_STAGING = 'dd0g-gov.com' export const INTAKE_SITE_US1 = 'datadoghq.com' export const INTAKE_SITE_EU1 = 'datadoghq.eu' export const INTAKE_SITE_US1_FED = 'ddog-gov.com' + +export const PCI_INTAKE_HOST_US1 = 'pci.browser-intake-datadoghq.com' diff --git a/packages/core/src/domain/configuration/transportConfiguration.spec.ts b/packages/core/src/domain/configuration/transportConfiguration.spec.ts index 9989d979db..50f66cc922 100644 --- a/packages/core/src/domain/configuration/transportConfiguration.spec.ts +++ b/packages/core/src/domain/configuration/transportConfiguration.spec.ts @@ -87,7 +87,6 @@ describe('transportConfiguration', () => { ;[ { site: 'datadoghq.eu', intakeDomain: 'browser-intake-datadoghq.eu' }, { site: 'datadoghq.com', intakeDomain: 'browser-intake-datadoghq.com' }, - { site: 'datadoghq.com', intakeDomain: 'pci.browser-intake-datadoghq.com' }, { site: 'us3.datadoghq.com', intakeDomain: 'browser-intake-us3-datadoghq.com' }, { site: 'us5.datadoghq.com', intakeDomain: 'browser-intake-us5-datadoghq.com' }, { site: 'ap1.datadoghq.com', intakeDomain: 'browser-intake-ap1-datadoghq.com' }, @@ -104,6 +103,13 @@ describe('transportConfiguration', () => { }) }) + it('should detect PCI intake request of logs for datadoghq.com site', () => { + const configuration = computeTransportConfiguration({ clientToken, site: 'datadoghq.com' }) + expect(configuration.isIntakeUrl('https://pci.browser-intake-datadoghq.com/api/v2/logs?xxx')).toBe(true) + expect(configuration.isIntakeUrl('https://pci.browser-intake-datadoghq.com/api/v2/rum?xxx')).toBe(false) + expect(configuration.isIntakeUrl('https://pci.browser-intake-datadoghq.com/api/v2/replay?xxx')).toBe(false) + }) + it('should detect internal analytics intake request for datadoghq.com site', () => { const configuration = computeTransportConfiguration({ clientToken, diff --git a/packages/core/src/domain/configuration/transportConfiguration.ts b/packages/core/src/domain/configuration/transportConfiguration.ts index c2c9131c09..2ce3c7015c 100644 --- a/packages/core/src/domain/configuration/transportConfiguration.ts +++ b/packages/core/src/domain/configuration/transportConfiguration.ts @@ -3,7 +3,7 @@ import type { InitConfiguration } from './configuration' import type { EndpointBuilder } from './endpointBuilder' import { createEndpointBuilder } from './endpointBuilder' import { buildTags } from './tags' -import { INTAKE_SITE_FED_STAGING, INTAKE_SITE_US1 } from './intakeSites' +import { INTAKE_SITE_US1, PCI_INTAKE_HOST_US1 } from './intakeSites' export interface TransportConfiguration { logsEndpointBuilder: EndpointBuilder @@ -21,25 +21,24 @@ export interface ReplicaConfiguration { } export function computeTransportConfiguration(initConfiguration: InitConfiguration): TransportConfiguration { + const { site = INTAKE_SITE_US1 } = initConfiguration + const tags = buildTags(initConfiguration) const endpointBuilders = computeEndpointBuilders(initConfiguration, tags) const intakeUrlPrefixes = objectValues(endpointBuilders).map((builder) => builder.urlPrefix) - const replicaConfiguration = computeReplicaConfiguration(initConfiguration, intakeUrlPrefixes, tags) - - function isIntakeUrl(url: string) { - return ( - getIntakePrefixesRegEx(initConfiguration).some((intakeRegEx) => intakeRegEx.test(url)) || - intakeUrlPrefixes.some((intakeEndpoint) => url.indexOf(intakeEndpoint) === 0) - ) + if (site === INTAKE_SITE_US1) { + intakeUrlPrefixes.push(`https://${PCI_INTAKE_HOST_US1}/api/v2/logs?`) } + const replicaConfiguration = computeReplicaConfiguration(initConfiguration, intakeUrlPrefixes, tags) + return assign( { - isIntakeUrl, + isIntakeUrl: (url: string) => intakeUrlPrefixes.some((intakeEndpoint) => url.indexOf(intakeEndpoint) === 0), replica: replicaConfiguration, - site: initConfiguration.site || INTAKE_SITE_US1, + site, }, endpointBuilders ) @@ -76,29 +75,3 @@ function computeReplicaConfiguration( return assign({ applicationId: initConfiguration.replica.applicationId }, replicaEndpointBuilders) } - -function getIntakePrefixesRegEx(initConfiguration: InitConfiguration): RegExp[] { - const { site = INTAKE_SITE_US1, internalAnalyticsSubdomain } = initConfiguration - - const intakePrefixesRegEx: RegExp[] = [] - - if (internalAnalyticsSubdomain) { - intakePrefixesRegEx.push(new RegExp(`^https://${internalAnalyticsSubdomain}.datadoghq.com/api/v2/(logs|rum)`)) - } - - if (site === INTAKE_SITE_FED_STAGING) { - intakePrefixesRegEx.push(new RegExp(`^https://http-intake.logs.${site}/api/v2/(logs|rum|replay)`)) - } - - if (site === INTAKE_SITE_US1) { - intakePrefixesRegEx.push(new RegExp(`^https://(pci.)?browser-intake-${site}/api/v2/(logs|rum|replay)`)) - } else { - const domainParts = site.split('.') - const extension = domainParts.pop() - intakePrefixesRegEx.push( - new RegExp(`^https://browser-intake-${domainParts.join('-')}.${extension!}/api/v2/(logs|rum|replay)`) - ) - } - - return intakePrefixesRegEx -} From e24d31b429bbdda8e3e9822f50f19a6b2978af0a Mon Sep 17 00:00:00 2001 From: Najib Boutaib Date: Wed, 20 Mar 2024 15:11:23 +0100 Subject: [PATCH 3/5] RUM-3598: Apply review suggestions --- .../configuration/transportConfiguration.ts | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/packages/core/src/domain/configuration/transportConfiguration.ts b/packages/core/src/domain/configuration/transportConfiguration.ts index 2ce3c7015c..62d6e60380 100644 --- a/packages/core/src/domain/configuration/transportConfiguration.ts +++ b/packages/core/src/domain/configuration/transportConfiguration.ts @@ -21,16 +21,12 @@ export interface ReplicaConfiguration { } export function computeTransportConfiguration(initConfiguration: InitConfiguration): TransportConfiguration { - const { site = INTAKE_SITE_US1 } = initConfiguration + const site = initConfiguration.site || INTAKE_SITE_US1 const tags = buildTags(initConfiguration) const endpointBuilders = computeEndpointBuilders(initConfiguration, tags) - const intakeUrlPrefixes = objectValues(endpointBuilders).map((builder) => builder.urlPrefix) - - if (site === INTAKE_SITE_US1) { - intakeUrlPrefixes.push(`https://${PCI_INTAKE_HOST_US1}/api/v2/logs?`) - } + const intakeUrlPrefixes = computeIntakeUrlPrefixes(endpointBuilders, site) const replicaConfiguration = computeReplicaConfiguration(initConfiguration, intakeUrlPrefixes, tags) @@ -75,3 +71,13 @@ function computeReplicaConfiguration( return assign({ applicationId: initConfiguration.replica.applicationId }, replicaEndpointBuilders) } + +function computeIntakeUrlPrefixes(endpointBuilders: ReturnType, site: string): string[] { + const intakeUrlPrefixes = objectValues(endpointBuilders).map((builder) => builder.urlPrefix) + + if (site === INTAKE_SITE_US1) { + intakeUrlPrefixes.push(`https://${PCI_INTAKE_HOST_US1}/api/v2/logs?`) + } + + return intakeUrlPrefixes +} From 43256c4f6e133426104c57679acd3a18a5f3b4f1 Mon Sep 17 00:00:00 2001 From: Najib Boutaib Date: Wed, 20 Mar 2024 15:21:10 +0100 Subject: [PATCH 4/5] RUM-3598: Run format command --- .../core/src/domain/configuration/transportConfiguration.ts | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/packages/core/src/domain/configuration/transportConfiguration.ts b/packages/core/src/domain/configuration/transportConfiguration.ts index 62d6e60380..70b77a93ce 100644 --- a/packages/core/src/domain/configuration/transportConfiguration.ts +++ b/packages/core/src/domain/configuration/transportConfiguration.ts @@ -72,7 +72,10 @@ function computeReplicaConfiguration( return assign({ applicationId: initConfiguration.replica.applicationId }, replicaEndpointBuilders) } -function computeIntakeUrlPrefixes(endpointBuilders: ReturnType, site: string): string[] { +function computeIntakeUrlPrefixes( + endpointBuilders: ReturnType, + site: string +): string[] { const intakeUrlPrefixes = objectValues(endpointBuilders).map((builder) => builder.urlPrefix) if (site === INTAKE_SITE_US1) { From 07da283b068e2cc354447248f242f9c81ab93337 Mon Sep 17 00:00:00 2001 From: Najib Boutaib Date: Thu, 21 Mar 2024 13:43:05 +0100 Subject: [PATCH 5/5] RUM-3598: Apply review suggestions --- .../domain/configuration/transportConfiguration.spec.ts | 8 +------- .../src/domain/configuration/transportConfiguration.ts | 2 +- 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/packages/core/src/domain/configuration/transportConfiguration.spec.ts b/packages/core/src/domain/configuration/transportConfiguration.spec.ts index 50f66cc922..9989d979db 100644 --- a/packages/core/src/domain/configuration/transportConfiguration.spec.ts +++ b/packages/core/src/domain/configuration/transportConfiguration.spec.ts @@ -87,6 +87,7 @@ describe('transportConfiguration', () => { ;[ { site: 'datadoghq.eu', intakeDomain: 'browser-intake-datadoghq.eu' }, { site: 'datadoghq.com', intakeDomain: 'browser-intake-datadoghq.com' }, + { site: 'datadoghq.com', intakeDomain: 'pci.browser-intake-datadoghq.com' }, { site: 'us3.datadoghq.com', intakeDomain: 'browser-intake-us3-datadoghq.com' }, { site: 'us5.datadoghq.com', intakeDomain: 'browser-intake-us5-datadoghq.com' }, { site: 'ap1.datadoghq.com', intakeDomain: 'browser-intake-ap1-datadoghq.com' }, @@ -103,13 +104,6 @@ describe('transportConfiguration', () => { }) }) - it('should detect PCI intake request of logs for datadoghq.com site', () => { - const configuration = computeTransportConfiguration({ clientToken, site: 'datadoghq.com' }) - expect(configuration.isIntakeUrl('https://pci.browser-intake-datadoghq.com/api/v2/logs?xxx')).toBe(true) - expect(configuration.isIntakeUrl('https://pci.browser-intake-datadoghq.com/api/v2/rum?xxx')).toBe(false) - expect(configuration.isIntakeUrl('https://pci.browser-intake-datadoghq.com/api/v2/replay?xxx')).toBe(false) - }) - it('should detect internal analytics intake request for datadoghq.com site', () => { const configuration = computeTransportConfiguration({ clientToken, diff --git a/packages/core/src/domain/configuration/transportConfiguration.ts b/packages/core/src/domain/configuration/transportConfiguration.ts index 70b77a93ce..edb690674a 100644 --- a/packages/core/src/domain/configuration/transportConfiguration.ts +++ b/packages/core/src/domain/configuration/transportConfiguration.ts @@ -79,7 +79,7 @@ function computeIntakeUrlPrefixes( const intakeUrlPrefixes = objectValues(endpointBuilders).map((builder) => builder.urlPrefix) if (site === INTAKE_SITE_US1) { - intakeUrlPrefixes.push(`https://${PCI_INTAKE_HOST_US1}/api/v2/logs?`) + intakeUrlPrefixes.push(`https://${PCI_INTAKE_HOST_US1}/`) } return intakeUrlPrefixes