[ASM] Fix exception when accessing ReportedExternalWafsRequestHeaders (…

…#6030)

## Summary of changes

This PR is closely related to [this
one](#6017)

In this case, the error is thrown when accessing the key
ReportedExternalWafsRequestHeaders

No other httpRequest.Items problematic accesses have been found.

This error can happen only in netcore versions of the framework. When we
access httpcontext.Items, the exception is thrown if the key is not
found. httpcontext.Items is defined as a IDictionary<object, object>.
Usually, it will be a Microsoft.AspNetCore.Http.ItemsDictionary, which
does not throw an exception when trying to retrieve a key that is not
stored, but other custom implementations such as Dictionary<object,
object> will throw it. It seems that in one customer, we are receiving a
context in which Items is a Dictionary.

This might be due to custom middlewares, third party extensions, use of
custom http contexts, etc.

## Reason for change

## Implementation details

## Test coverage

## Other details
<!-- Fixes #{issue} -->

<!-- ⚠️ Note: where possible, please obtain 2 approvals prior to
merging. Unless CODEOWNERS specifies otherwise, for external teams it is
typically best to have one review from a team member, and one review
from apm-dotnet. Trivial changes do not require 2 reviews. -->

tracer/src/Datadog.Trace/AppSec/Coordinator/SecurityCoordinator.Core.cs

@@ -191,8 +191,16 @@ internal override bool IsBlocked
 
         internal override bool ReportedExternalWafsRequestHeaders
         {
-            get => Context.Items["ReportedExternalWafsRequestHeaders"] is true;
-            set => Context.Items["ReportedExternalWafsRequestHeaders"] = value;
+            get
+            {
+                if (Context.Items.TryGetValue(ReportedExternalWafsRequestHeadersStr, out var value))
+                {
+                    return value is bool boolValue && boolValue;
+                }
+
+                return false;
+            }
+            set => Context.Items[ReportedExternalWafsRequestHeadersStr] = value;
         }
 
         internal override void MarkBlocked() => Context.Items[BlockingAction.BlockDefaultActionName] = true;

tracer/src/Datadog.Trace/AppSec/Coordinator/SecurityCoordinator.Framework.cs

@@ -558,8 +558,8 @@ public HttpTransport(HttpContext context)
 
         internal override bool ReportedExternalWafsRequestHeaders
         {
-            get => Context.Items["ReportedExternalWafsRequestHeaders"] is true;
-            set => Context.Items["ReportedExternalWafsRequestHeaders"] = value;
+            get => Context.Items[ReportedExternalWafsRequestHeadersStr] is true;
+            set => Context.Items[ReportedExternalWafsRequestHeadersStr] = value;
         }
 
         internal override void MarkBlocked() => Context.Items[BlockingAction.BlockDefaultActionName] = true;

tracer/src/Datadog.Trace/AppSec/Coordinator/SecurityCoordinator.cs

@@ -27,6 +27,7 @@ namespace Datadog.Trace.AppSec.Coordinator;
 /// </summary>
 internal readonly partial struct SecurityCoordinator
 {
+    private const string ReportedExternalWafsRequestHeadersStr = "ReportedExternalWafsRequestHeaders";
     private static readonly IDatadogLogger Log = DatadogLogging.GetLoggerFor<SecurityCoordinator>();
     private readonly Security _security;
     private readonly Span _localRootSpan;