Skip to content

Store the http.route tag value inside the iast request context in Play #9105

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 15 commits into from
Jul 10, 2025
Merged

Store the http.route tag value inside the iast request context in Play #9105

merged 15 commits into from
Jul 10, 2025

Conversation

jandro996
Copy link
Member

@jandro996 jandro996 commented Jul 4, 2025
edited
Loading

What Does This Do

Store the http.route tag value inside the iast request context in Play framework instrumentation

Move PlayHttpServerDecorator.onRequest to onEnter advice from onExit advice. We need to send the event on enter to have the info in the context available when vulns are detected during the requests

Motivation

IAST sampling algorithm requires the http.route span tag to be set on the local root span so it can be used for its sampling decision. Since Play does not use the local root span for the http.route we have to store it in the iast request context before the sampling decision is made.

Additional Notes

related with #8991

Contributor Checklist

Jira ticket: [PROJ-IDENT]

@jandro996 jandro996 added type: enhancement Enhancements and improvements tag: no release notes Changes to exclude from release notes comp: asm iast Application Security Management (IAST) inst: play framework Play Framework instrumentation labels Jul 4, 2025
@pr-commenter
Copy link

pr-commenter bot commented Jul 4, 2025
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/add-http-route-play-in-iast
git_commit_date 1752137230 1752138064
git_commit_sha 956f570 fde0164
release_version 1.52.0-SNAPSHOT~956f5703a5 1.52.0-SNAPSHOT~fde01640db
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1752139831 1752139831
ci_job_id 1022307788 1022307788
ci_pipeline_id 70146519 70146519
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-1-2dajkthu 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-1-2dajkthu 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module Agent Agent
parent None None

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 43 metrics, 10 unstable metrics.

Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.52.0-SNAPSHOT~fde01640db, baseline=1.52.0-SNAPSHOT~956f5703a5

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (996.308 ms) : 0, 996308
Total [baseline] (8.565 s) : 0, 8564863
Agent [candidate] (993.895 ms) : 0, 993895
Total [candidate] (8.581 s) : 0, 8580881
section iast
Agent [baseline] (1.131 s) : 0, 1130721
Total [baseline] (9.254 s) : 0, 9254479
Agent [candidate] (1.134 s) : 0, 1134216
Total [candidate] (9.348 s) : 0, 9348433
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 996.308 ms -
Agent iast 1.131 s 134.412 ms (13.5%)
Total tracing 8.565 s -
Total iast 9.254 s 689.615 ms (8.1%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 993.895 ms -
Agent iast 1.134 s 140.32 ms (14.1%)
Total tracing 8.581 s -
Total iast 9.348 s 767.552 ms (8.9%) 
gantt
    title insecure-bank - break down per module: candidate=1.52.0-SNAPSHOT~fde01640db, baseline=1.52.0-SNAPSHOT~956f5703a5

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (688.157 ms) : 0, 688157
BytebuddyAgent [candidate] (686.326 ms) : 0, 686326
GlobalTracer [baseline] (242.113 ms) : 0, 242113
GlobalTracer [candidate] (241.877 ms) : 0, 241877
AppSec [baseline] (30.286 ms) : 0, 30286
AppSec [candidate] (30.137 ms) : 0, 30137
Debugger [baseline] (6.048 ms) : 0, 6048
Debugger [candidate] (5.938 ms) : 0, 5938
Remote Config [baseline] (682.71 µs) : 0, 683
Remote Config [candidate] (682.639 µs) : 0, 683
Telemetry [baseline] (8.286 ms) : 0, 8286
Telemetry [candidate] (8.178 ms) : 0, 8178
section iast
BytebuddyAgent [baseline] (806.438 ms) : 0, 806438
BytebuddyAgent [candidate] (808.68 ms) : 0, 808680
GlobalTracer [baseline] (231.886 ms) : 0, 231886
GlobalTracer [candidate] (232.365 ms) : 0, 232365
AppSec [baseline] (28.059 ms) : 0, 28059
AppSec [candidate] (29.833 ms) : 0, 29833
Debugger [baseline] (5.773 ms) : 0, 5773
Debugger [candidate] (5.796 ms) : 0, 5796
Remote Config [baseline] (574.771 µs) : 0, 575
Remote Config [candidate] (608.511 µs) : 0, 609
Telemetry [baseline] (7.892 ms) : 0, 7892
Telemetry [candidate] (8.008 ms) : 0, 8008
IAST [baseline] (29.431 ms) : 0, 29431
IAST [candidate] (28.171 ms) : 0, 28171
Loading
Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.52.0-SNAPSHOT~fde01640db, baseline=1.52.0-SNAPSHOT~956f5703a5

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (999.558 ms) : 0, 999558
Total [baseline] (10.632 s) : 0, 10631865
Agent [candidate] (999.163 ms) : 0, 999163
Total [candidate] (10.727 s) : 0, 10727468
section appsec
Agent [baseline] (1.18 s) : 0, 1180288
Total [baseline] (10.918 s) : 0, 10917660
Agent [candidate] (1.177 s) : 0, 1176919
Total [candidate] (10.788 s) : 0, 10787969
section iast
Agent [baseline] (1.141 s) : 0, 1141122
Total [baseline] (10.868 s) : 0, 10867777
Agent [candidate] (1.139 s) : 0, 1138894
Total [candidate] (10.857 s) : 0, 10857405
section profiling
Agent [baseline] (1.25 s) : 0, 1249891
Total [baseline] (10.982 s) : 0, 10981975
Agent [candidate] (1.25 s) : 0, 1250058
Total [candidate] (10.913 s) : 0, 10913470
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 999.558 ms -
Agent appsec 1.18 s 180.729 ms (18.1%)
Agent iast 1.141 s 141.563 ms (14.2%)
Agent profiling 1.25 s 250.332 ms (25.0%)
Total tracing 10.632 s -
Total appsec 10.918 s 285.795 ms (2.7%)
Total iast 10.868 s 235.912 ms (2.2%)
Total profiling 10.982 s 350.11 ms (3.3%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 999.163 ms -
Agent appsec 1.177 s 177.756 ms (17.8%)
Agent iast 1.139 s 139.731 ms (14.0%)
Agent profiling 1.25 s 250.894 ms (25.1%)
Total tracing 10.727 s -
Total appsec 10.788 s 60.501 ms (0.6%)
Total iast 10.857 s 129.937 ms (1.2%)
Total profiling 10.913 s 186.002 ms (1.7%) 
gantt
    title petclinic - break down per module: candidate=1.52.0-SNAPSHOT~fde01640db, baseline=1.52.0-SNAPSHOT~956f5703a5

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (690.709 ms) : 0, 690709
BytebuddyAgent [candidate] (689.617 ms) : 0, 689617
GlobalTracer [baseline] (242.125 ms) : 0, 242125
GlobalTracer [candidate] (243.254 ms) : 0, 243254
AppSec [baseline] (30.179 ms) : 0, 30179
AppSec [candidate] (30.57 ms) : 0, 30570
Debugger [baseline] (5.955 ms) : 0, 5955
Debugger [candidate] (5.989 ms) : 0, 5989
Remote Config [baseline] (673.335 µs) : 0, 673
Remote Config [candidate] (681.676 µs) : 0, 682
Telemetry [baseline] (8.977 ms) : 0, 8977
Telemetry [candidate] (8.28 ms) : 0, 8280
section appsec
BytebuddyAgent [baseline] (712.616 ms) : 0, 712616
BytebuddyAgent [candidate] (711.905 ms) : 0, 711905
GlobalTracer [baseline] (236.852 ms) : 0, 236852
GlobalTracer [candidate] (235.297 ms) : 0, 235297
AppSec [baseline] (171.845 ms) : 0, 171845
AppSec [candidate] (170.927 ms) : 0, 170927
Debugger [baseline] (5.741 ms) : 0, 5741
Debugger [candidate] (5.711 ms) : 0, 5711
Remote Config [baseline] (608.886 µs) : 0, 609
Remote Config [candidate] (602.056 µs) : 0, 602
Telemetry [baseline] (8.127 ms) : 0, 8127
Telemetry [candidate] (8.05 ms) : 0, 8050
IAST [baseline] (23.531 ms) : 0, 23531
IAST [candidate] (23.521 ms) : 0, 23521
section iast
BytebuddyAgent [baseline] (813.555 ms) : 0, 813555
BytebuddyAgent [candidate] (812.088 ms) : 0, 812088
GlobalTracer [baseline] (233.892 ms) : 0, 233892
GlobalTracer [candidate] (233.574 ms) : 0, 233574
AppSec [baseline] (31.131 ms) : 0, 31131
AppSec [candidate] (29.753 ms) : 0, 29753
Debugger [baseline] (5.805 ms) : 0, 5805
Debugger [candidate] (5.741 ms) : 0, 5741
Remote Config [baseline] (584.834 µs) : 0, 585
Remote Config [candidate] (604.045 µs) : 0, 604
Telemetry [baseline] (8.01 ms) : 0, 8010
Telemetry [candidate] (7.971 ms) : 0, 7971
IAST [baseline] (27.183 ms) : 0, 27183
IAST [candidate] (28.361 ms) : 0, 28361
section profiling
BytebuddyAgent [baseline] (682.26 ms) : 0, 682260
BytebuddyAgent [candidate] (681.328 ms) : 0, 681328
GlobalTracer [baseline] (361.682 ms) : 0, 361682
GlobalTracer [candidate] (362.75 ms) : 0, 362750
AppSec [baseline] (33.465 ms) : 0, 33465
AppSec [candidate] (33.361 ms) : 0, 33361
Debugger [baseline] (9.994 ms) : 0, 9994
Debugger [candidate] (10.68 ms) : 0, 10680
Remote Config [baseline] (653.853 µs) : 0, 654
Remote Config [candidate] (657.111 µs) : 0, 657
Telemetry [baseline] (8.849 ms) : 0, 8849
Telemetry [candidate] (8.781 ms) : 0, 8781
ProfilingAgent [baseline] (104.018 ms) : 0, 104018
ProfilingAgent [candidate] (103.723 ms) : 0, 103723
Profiling [baseline] (104.042 ms) : 0, 104042
Profiling [candidate] (103.747 ms) : 0, 103747
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/add-http-route-play-in-iast
git_commit_date 1752137230 1752138064
git_commit_sha 956f570 fde0164
release_version 1.52.0-SNAPSHOT~956f5703a5 1.52.0-SNAPSHOT~fde01640db
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1752139586 1752139586
ci_job_id 1022307789 1022307789
ci_pipeline_id 70146519 70146519
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-0-vt96dhnu 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-0-vt96dhnu 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 3 performance improvements and 1 performance regressions! Performance is the same for 8 metrics, 12 unstable metrics.

scenario Δ mean http_req_duration Δ mean throughput candidate mean http_req_duration candidate mean throughput baseline mean http_req_duration baseline mean throughput
scenario:load:insecure-bank:iast:high_load worse
[+212.947µs; +532.917µs] or [+2.374%; +5.942%]		 unstable
[-78.990op/s; +37.928op/s] or [-15.269%; +7.332%]		 9.341ms 496.781op/s 8.968ms 517.312op/s
scenario:load:petclinic:appsec:high_load better
[-2.530ms; -1.625ms] or [-5.243%; -3.368%]		 unstable
[-2.498op/s; +11.223op/s] or [-2.576%; +11.572%]		 46.170ms 101.350op/s 48.247ms 96.987op/s
scenario:load:petclinic:code_origins:high_load better
[-1.983ms; -1.152ms] or [-4.421%; -2.569%]		 unstable
[-3.553op/s; +11.103op/s] or [-3.406%; +10.643%]		 43.275ms 108.100op/s 44.842ms 104.325op/s
scenario:load:petclinic:profiling:high_load better
[-2.829ms; -1.888ms] or [-5.776%; -3.855%]		 unstable
[-2.282op/s; +11.857op/s] or [-2.389%; +12.410%]		 46.622ms 100.338op/s 48.980ms 95.550op/s
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.52.0-SNAPSHOT~fde01640db, baseline=1.52.0-SNAPSHOT~956f5703a5
    dateFormat X
    axisFormat %s
section baseline
no_agent (37.57 ms) : 37275, 37866
.   : milestone, 37570,
appsec (48.247 ms) : 47816, 48678
.   : milestone, 48247,
code_origins (44.842 ms) : 44451, 45234
.   : milestone, 44842,
iast (43.465 ms) : 43083, 43846
.   : milestone, 43465,
profiling (48.98 ms) : 48535, 49426
.   : milestone, 48980,
tracing (43.651 ms) : 43280, 44022
.   : milestone, 43651,
section candidate
no_agent (37.348 ms) : 37046, 37650
.   : milestone, 37348,
appsec (46.17 ms) : 45760, 46579
.   : milestone, 46170,
code_origins (43.275 ms) : 42894, 43656
.   : milestone, 43275,
iast (43.935 ms) : 43555, 44314
.   : milestone, 43935,
profiling (46.622 ms) : 46193, 47051
.   : milestone, 46622,
tracing (43.451 ms) : 43082, 43820
.   : milestone, 43451,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 37.57 ms [37.275 ms, 37.866 ms] -
appsec 48.247 ms [47.816 ms, 48.678 ms] 10.677 ms (28.4%)
code_origins 44.842 ms [44.451 ms, 45.234 ms] 7.272 ms (19.4%)
iast 43.465 ms [43.083 ms, 43.846 ms] 5.894 ms (15.7%)
profiling 48.98 ms [48.535 ms, 49.426 ms] 11.41 ms (30.4%)
tracing 43.651 ms [43.28 ms, 44.022 ms] 6.081 ms (16.2%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 37.348 ms [37.046 ms, 37.65 ms] -
appsec 46.17 ms [45.76 ms, 46.579 ms] 8.822 ms (23.6%)
code_origins 43.275 ms [42.894 ms, 43.656 ms] 5.927 ms (15.9%)
iast 43.935 ms [43.555 ms, 44.314 ms] 6.587 ms (17.6%)
profiling 46.622 ms [46.193 ms, 47.051 ms] 9.274 ms (24.8%)
tracing 43.451 ms [43.082 ms, 43.82 ms] 6.103 ms (16.3%)
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.52.0-SNAPSHOT~fde01640db, baseline=1.52.0-SNAPSHOT~956f5703a5
    dateFormat X
    axisFormat %s
section baseline
no_agent (4.341 ms) : 4293, 4390
.   : milestone, 4341,
iast (8.968 ms) : 8822, 9114
.   : milestone, 8968,
iast_FULL (13.791 ms) : 13519, 14063
.   : milestone, 13791,
iast_GLOBAL (10.459 ms) : 10274, 10643
.   : milestone, 10459,
profiling (8.709 ms) : 8574, 8843
.   : milestone, 8709,
tracing (7.628 ms) : 7519, 7737
.   : milestone, 7628,
section candidate
no_agent (4.283 ms) : 4232, 4334
.   : milestone, 4283,
iast (9.341 ms) : 9190, 9493
.   : milestone, 9341,
iast_FULL (13.916 ms) : 13640, 14192
.   : milestone, 13916,
iast_GLOBAL (10.592 ms) : 10404, 10780
.   : milestone, 10592,
profiling (8.99 ms) : 8849, 9131
.   : milestone, 8990,
tracing (7.459 ms) : 7351, 7566
.   : milestone, 7459,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 4.341 ms [4.293 ms, 4.39 ms] -
iast 8.968 ms [8.822 ms, 9.114 ms] 4.627 ms (106.6%)
iast_FULL 13.791 ms [13.519 ms, 14.063 ms] 9.45 ms (217.7%)
iast_GLOBAL 10.459 ms [10.274 ms, 10.643 ms] 6.117 ms (140.9%)
profiling 8.709 ms [8.574 ms, 8.843 ms] 4.367 ms (100.6%)
tracing 7.628 ms [7.519 ms, 7.737 ms] 3.286 ms (75.7%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 4.283 ms [4.232 ms, 4.334 ms] -
iast 9.341 ms [9.19 ms, 9.493 ms] 5.058 ms (118.1%)
iast_FULL 13.916 ms [13.64 ms, 14.192 ms] 9.633 ms (224.9%)
iast_GLOBAL 10.592 ms [10.404 ms, 10.78 ms] 6.309 ms (147.3%)
profiling 8.99 ms [8.849 ms, 9.131 ms] 4.707 ms (109.9%)
tracing 7.459 ms [7.351 ms, 7.566 ms] 3.176 ms (74.1%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/add-http-route-play-in-iast
git_commit_date 1752137230 1752138064
git_commit_sha 956f570 fde0164
release_version 1.52.0-SNAPSHOT~956f5703a5 1.52.0-SNAPSHOT~fde01640db
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1752140114 1752140114
ci_job_id 1022307790 1022307790
ci_pipeline_id 70146519 70146519
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-1-jdsufjsr 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-1-jdsufjsr 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.52.0-SNAPSHOT~fde01640db, baseline=1.52.0-SNAPSHOT~956f5703a5
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.479 ms) : 1467, 1490
.   : milestone, 1479,
appsec (2.423 ms) : 2372, 2473
.   : milestone, 2423,
iast (2.219 ms) : 2156, 2282
.   : milestone, 2219,
iast_GLOBAL (2.259 ms) : 2195, 2322
.   : milestone, 2259,
profiling (2.085 ms) : 2033, 2138
.   : milestone, 2085,
tracing (2.031 ms) : 1982, 2080
.   : milestone, 2031,
section candidate
no_agent (1.481 ms) : 1469, 1492
.   : milestone, 1481,
appsec (2.425 ms) : 2375, 2475
.   : milestone, 2425,
iast (2.205 ms) : 2142, 2268
.   : milestone, 2205,
iast_GLOBAL (2.24 ms) : 2177, 2303
.   : milestone, 2240,
profiling (2.044 ms) : 1994, 2094
.   : milestone, 2044,
tracing (2.024 ms) : 1975, 2074
.   : milestone, 2024,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.479 ms [1.467 ms, 1.49 ms] -
appsec 2.423 ms [2.372 ms, 2.473 ms] 943.841 µs (63.8%)
iast 2.219 ms [2.156 ms, 2.282 ms] 739.779 µs (50.0%)
iast_GLOBAL 2.259 ms [2.195 ms, 2.322 ms] 779.947 µs (52.7%)
profiling 2.085 ms [2.033 ms, 2.138 ms] 606.62 µs (41.0%)
tracing 2.031 ms [1.982 ms, 2.08 ms] 552.426 µs (37.4%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.481 ms [1.469 ms, 1.492 ms] -
appsec 2.425 ms [2.375 ms, 2.475 ms] 944.507 µs (63.8%)
iast 2.205 ms [2.142 ms, 2.268 ms] 724.437 µs (48.9%)
iast_GLOBAL 2.24 ms [2.177 ms, 2.303 ms] 759.202 µs (51.3%)
profiling 2.044 ms [1.994 ms, 2.094 ms] 563.38 µs (38.1%)
tracing 2.024 ms [1.975 ms, 2.074 ms] 543.777 µs (36.7%)
Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.52.0-SNAPSHOT~fde01640db, baseline=1.52.0-SNAPSHOT~956f5703a5
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.083 s) : 15083000, 15083000
.   : milestone, 15083000,
appsec (14.655 s) : 14655000, 14655000
.   : milestone, 14655000,
iast (18.42 s) : 18420000, 18420000
.   : milestone, 18420000,
iast_GLOBAL (17.902 s) : 17902000, 17902000
.   : milestone, 17902000,
profiling (15.138 s) : 15138000, 15138000
.   : milestone, 15138000,
tracing (14.81 s) : 14810000, 14810000
.   : milestone, 14810000,
section candidate
no_agent (15.006 s) : 15006000, 15006000
.   : milestone, 15006000,
appsec (14.819 s) : 14819000, 14819000
.   : milestone, 14819000,
iast (18.43 s) : 18430000, 18430000
.   : milestone, 18430000,
iast_GLOBAL (18.222 s) : 18222000, 18222000
.   : milestone, 18222000,
profiling (15.164 s) : 15164000, 15164000
.   : milestone, 15164000,
tracing (14.971 s) : 14971000, 14971000
.   : milestone, 14971000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.083 s [15.083 s, 15.083 s] -
appsec 14.655 s [14.655 s, 14.655 s] -428.0 ms (-2.8%)
iast 18.42 s [18.42 s, 18.42 s] 3.337 s (22.1%)
iast_GLOBAL 17.902 s [17.902 s, 17.902 s] 2.819 s (18.7%)
profiling 15.138 s [15.138 s, 15.138 s] 55.0 ms (0.4%)
tracing 14.81 s [14.81 s, 14.81 s] -273.0 ms (-1.8%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.006 s [15.006 s, 15.006 s] -
appsec 14.819 s [14.819 s, 14.819 s] -187.0 ms (-1.2%)
iast 18.43 s [18.43 s, 18.43 s] 3.424 s (22.8%)
iast_GLOBAL 18.222 s [18.222 s, 18.222 s] 3.216 s (21.4%)
profiling 15.164 s [15.164 s, 15.164 s] 158.0 ms (1.1%)
tracing 14.971 s [14.971 s, 14.971 s] -35.0 ms (-0.2%)

@jandro996 jandro996 changed the title Alejandro.gonzalez/add http route play in iast Store the http.route tag value inside the iast request context in Play Jul 7, 2025
@jandro996 jandro996 marked this pull request as ready for review July 8, 2025 11:33
@jandro996 jandro996 requested review from a team as code owners July 8, 2025 11:33
PerfectSlayer
PerfectSlayer reviewed Jul 9, 2025
View reviewed changes
Copy link
Contributor

@PerfectSlayer PerfectSlayer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Mainly looked at smoke tests (left instrumentations to IDM) and left a minor comment

dd-smoke-tests/play-2.4/build.gradle Outdated
@@ -64,6 +64,8 @@ dependencies {

testImplementation project(':dd-smoke-tests')
testImplementation project(':dd-smoke-tests:appsec')
testImplementation(testFixtures(project(":dd-smoke-tests:iast-util")))
implementation project(':dd-smoke-tests:iast-util')
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is the implementation needed? Can't find related import used in the IastController

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! I forgot to remove that one

@jandro996 jandro996 requested a review from PerfectSlayer July 9, 2025 08:25
amarziali
amarziali reviewed Jul 10, 2025
View reviewed changes
.../instrumentation/play-2.6/src/main/java/datadog/trace/instrumentation/play26/PlayAdvice.java
@@ -47,6 +47,9 @@ public static ContextScope onEnter(

req = req.addAttr(HasPlayRequestSpan.KEY, HasPlayRequestSpan.INSTANCE);

// Call onRequest on return after tags are populated.
DECORATE.onRequest(span, req, req, extractedContext);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I will leave a comment here that's it has been moved to onEntry in case we have issues in future because of this.

amarziali
amarziali reviewed Jul 10, 2025
View reviewed changes
Copy link
Contributor

@amarziali amarziali left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm for tracing

PerfectSlayer
PerfectSlayer approved these changes Jul 10, 2025
View reviewed changes
Copy link
Contributor

@PerfectSlayer PerfectSlayer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good for LP / smoke tests

manuel-alvarez-alvarez
manuel-alvarez-alvarez approved these changes Jul 10, 2025
View reviewed changes
Copy link
Member

@manuel-alvarez-alvarez manuel-alvarez-alvarez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@jandro996 jandro996 added this to the 1.52.0 milestone Jul 10, 2025
@jandro996 jandro996 merged commit be7f9d3 into master Jul 10, 2025
507 checks passed
@jandro996 jandro996 deleted the alejandro.gonzalez/add-http-route-play-in-iast branch July 10, 2025 10:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@amarziali amarziali amarziali left review comments

@PerfectSlayer PerfectSlayer PerfectSlayer approved these changes

@manuel-alvarez-alvarez manuel-alvarez-alvarez manuel-alvarez-alvarez approved these changes

@robertpi robertpi Awaiting requested review from robertpi robertpi is a code owner automatically assigned from DataDog/asm-java

@sezen-datadog sezen-datadog Awaiting requested review from sezen-datadog sezen-datadog is a code owner automatically assigned from DataDog/asm-java

Assignees
No one assigned
Labels
comp: asm iast Application Security Management (IAST) inst: play framework Play Framework instrumentation tag: no release notes Changes to exclude from release notes type: enhancement Enhancements and improvements
Projects
None yet
Milestone
1.52.0
Development

Successfully merging this pull request may close these issues.
4 participants
@jandro996 @PerfectSlayer @manuel-alvarez-alvarez @amarziali