Class: Datadog::AppSec::Contrib::Rack::RequestBodyMiddleware
- Inherits:
-
Object
- Object
- Datadog::AppSec::Contrib::Rack::RequestBodyMiddleware
- Defined in:
- lib/datadog/appsec/contrib/rack/request_body_middleware.rb
Overview
Rack request body middleware for AppSec This should be inserted just below Rack::JSONBodyParser or legacy Rack::PostBodyContentTypeParser from rack-contrib
Instance Method Summary collapse
- #call(env) ⇒ Object
-
#initialize(app, opt = {}) ⇒ RequestBodyMiddleware
constructor
A new instance of RequestBodyMiddleware.
Constructor Details
#initialize(app, opt = {}) ⇒ RequestBodyMiddleware
Returns a new instance of RequestBodyMiddleware.
15 16 17 |
# File 'lib/datadog/appsec/contrib/rack/request_body_middleware.rb', line 15 def initialize(app, opt = {}) @app = app end |
Instance Method Details
#call(env) ⇒ Object
19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 |
# File 'lib/datadog/appsec/contrib/rack/request_body_middleware.rb', line 19 def call(env) context = env[Datadog::AppSec::Ext::SCOPE_KEY] return @app.call(env) unless context # TODO: handle exceptions, except for @app.call request_return, request_response = Instrumentation.gateway.push( 'rack.request.body', Gateway::Request.new(env) ) do @app.call(env) end if request_response blocked_event = request_response.find { |action, _event| action == :block } request_return = AppSec::Response.negotiate(env, blocked_event.last[:actions]).to_rack if blocked_event end request_return end |