From ea96a9845ac2a52e00ade7e9b2c3082415d821d6 Mon Sep 17 00:00:00 2001 From: Sergey Fedorov Date: Wed, 30 Apr 2025 14:12:52 +0200 Subject: [PATCH 1/7] Fix description for authenticated user tracking --- .../devise/authenticated_multi_user_tracking_spec.rb | 2 +- .../devise/authenticated_single_user_tracking_spec.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/spec/datadog/appsec/contrib/integration/devise/authenticated_multi_user_tracking_spec.rb b/spec/datadog/appsec/contrib/integration/devise/authenticated_multi_user_tracking_spec.rb index aa044d5cd11..ff6b3a604c5 100644 --- a/spec/datadog/appsec/contrib/integration/devise/authenticated_multi_user_tracking_spec.rb +++ b/spec/datadog/appsec/contrib/integration/devise/authenticated_multi_user_tracking_spec.rb @@ -9,7 +9,7 @@ require 'sqlite3' require 'devise' -RSpec.describe 'Devise auto login and signup events tracking' do +RSpec.describe 'Devise auto authenticated multi-user tracking' do include Rack::Test::Methods include Warden::Test::Helpers diff --git a/spec/datadog/appsec/contrib/integration/devise/authenticated_single_user_tracking_spec.rb b/spec/datadog/appsec/contrib/integration/devise/authenticated_single_user_tracking_spec.rb index 0c5bd2842df..2e353f962ff 100644 --- a/spec/datadog/appsec/contrib/integration/devise/authenticated_single_user_tracking_spec.rb +++ b/spec/datadog/appsec/contrib/integration/devise/authenticated_single_user_tracking_spec.rb @@ -9,7 +9,7 @@ require 'sqlite3' require 'devise' -RSpec.describe 'Devise auto login and signup events tracking' do +RSpec.describe 'Devise auto authenticated sing-user tracking' do include Rack::Test::Methods include Warden::Test::Helpers From 4e79c731720a1399e3c7c7ed4c2d889066f47695 Mon Sep 17 00:00:00 2001 From: Sergey Fedorov Date: Wed, 30 Apr 2025 14:14:56 +0200 Subject: [PATCH 2/7] Add session_id to the user argument --- lib/datadog/appsec/instrumentation/gateway/argument.rb | 7 +++++-- lib/datadog/kit/identity.rb | 2 +- sig/datadog/appsec/instrumentation/gateway/argument.rbs | 6 +++++- 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/lib/datadog/appsec/instrumentation/gateway/argument.rb b/lib/datadog/appsec/instrumentation/gateway/argument.rb index 91c76d3f045..4cd740739ac 100644 --- a/lib/datadog/appsec/instrumentation/gateway/argument.rb +++ b/lib/datadog/appsec/instrumentation/gateway/argument.rb @@ -8,14 +8,17 @@ class Gateway class Argument; end # rubocop:disable Lint/EmptyClass # Gateway User argument + # NOTE: This class is a subject of elimination and will be removed when + # the event system is refactored. class User < Argument - attr_reader :id, :login + attr_reader :id, :login, :session_id - def initialize(id, login) + def initialize(id, login = nil, session_id = nil) super() @id = id @login = login + @session_id = session_id end end end diff --git a/lib/datadog/kit/identity.rb b/lib/datadog/kit/identity.rb index cae10026967..ce612219234 100644 --- a/lib/datadog/kit/identity.rb +++ b/lib/datadog/kit/identity.rb @@ -70,7 +70,7 @@ def set_user( if Datadog::AppSec.active_context active_span.set_tag('_dd.appsec.user.collection_mode', 'sdk') - user = ::Datadog::AppSec::Instrumentation::Gateway::User.new(id, others[:login]) + user = ::Datadog::AppSec::Instrumentation::Gateway::User.new(id, others[:login], session_id) ::Datadog::AppSec::Instrumentation.gateway.push('identity.set_user', user) end end diff --git a/sig/datadog/appsec/instrumentation/gateway/argument.rbs b/sig/datadog/appsec/instrumentation/gateway/argument.rbs index 913c0d19f6e..8d2b3d50263 100644 --- a/sig/datadog/appsec/instrumentation/gateway/argument.rbs +++ b/sig/datadog/appsec/instrumentation/gateway/argument.rbs @@ -11,11 +11,15 @@ module Datadog @login: String? + @session_id: String? + attr_reader id: String attr_reader login: String? - def initialize: (String id, String? login) -> void + attr_reader session_id: String? + + def initialize: (String id, String? login, String? session_id) -> void end end end From 6bc684b48cb0ad95d2f5119e22768db8f9585d8b Mon Sep 17 00:00:00 2001 From: Sergey Fedorov Date: Wed, 30 Apr 2025 18:08:36 +0200 Subject: [PATCH 3/7] Fix processors and scanners reloading --- lib/datadog/appsec/component.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/datadog/appsec/component.rb b/lib/datadog/appsec/component.rb index c9c66976798..5c145dc4484 100644 --- a/lib/datadog/appsec/component.rb +++ b/lib/datadog/appsec/component.rb @@ -63,8 +63,8 @@ def create_processor(settings, telemetry) # NOTE: This is a temporary solution before the RuleMerger refactoring # with new RemoteConfig setup - processors = rules.delete('processors') - scanners = rules.delete('scanners') + processors = rules['processors'] + scanners = rules['scanners'] ruleset = AppSec::Processor::RuleMerger.merge( rules: [rules], From 303b640a12589cfa38ff2389422b49aa700b9c49 Mon Sep 17 00:00:00 2001 From: Sergey Fedorov Date: Wed, 30 Apr 2025 18:09:13 +0200 Subject: [PATCH 4/7] Add session tracking to the devise contrib --- lib/datadog/appsec/contrib/devise/ext.rb | 1 + .../contrib/devise/tracking_middleware.rb | 21 +- lib/datadog/appsec/monitor/gateway/watcher.rb | 10 +- sig/datadog/appsec/contrib/devise/ext.rbs | 2 + .../contrib/devise/tracking_middleware.rbs | 2 + ...cated_single_user_session_tracking_spec.rb | 355 ++++++++++++++++++ 6 files changed, 383 insertions(+), 8 deletions(-) create mode 100644 spec/datadog/appsec/contrib/integration/devise/authenticated_single_user_session_tracking_spec.rb diff --git a/lib/datadog/appsec/contrib/devise/ext.rb b/lib/datadog/appsec/contrib/devise/ext.rb index b8109537dd5..c4db0bf5af6 100644 --- a/lib/datadog/appsec/contrib/devise/ext.rb +++ b/lib/datadog/appsec/contrib/devise/ext.rb @@ -18,6 +18,7 @@ module Ext TAG_DD_LOGIN_FAILURE_MODE = '_dd.appsec.events.users.login.failure.auto.mode' TAG_USR_ID = 'usr.id' + TAG_SESSION_ID = 'usr.session_id' TAG_SIGNUP_TRACK = 'appsec.events.users.signup.track' TAG_SIGNUP_USR_ID = 'appsec.events.users.signup.usr.id' TAG_SIGNUP_USR_LOGIN = 'appsec.events.users.signup.usr.login' diff --git a/lib/datadog/appsec/contrib/devise/tracking_middleware.rb b/lib/datadog/appsec/contrib/devise/tracking_middleware.rb index d8d192ee749..7fb5a972332 100644 --- a/lib/datadog/appsec/contrib/devise/tracking_middleware.rb +++ b/lib/datadog/appsec/contrib/devise/tracking_middleware.rb @@ -10,6 +10,7 @@ module Devise # A Rack middleware capable of tracking currently signed user class TrackingMiddleware WARDEN_KEY = 'warden' + SESSION_ID_KEY = 'session_id' def initialize(app) @app = app @@ -32,16 +33,28 @@ def call(env) return @app.call(env) end + # NOTE: Rails session id will be set for unauthenticated users as well, + # so we need to make sure we are tracking only authenticated users. id = transform(extract_id(env[WARDEN_KEY])) + session_id = env[WARDEN_KEY].raw_session[SESSION_ID_KEY] if id + if id - unless context.span.has_tag?(Ext::TAG_USR_ID) - context.span[Ext::TAG_USR_ID] = id + # NOTE: There is no option to set session id without setting user id via SDK. + unless context.span.has_tag?(Ext::TAG_USR_ID) && context.span.has_tag?(Ext::TAG_SESSION_ID) + user_id = context.span[Ext::TAG_USR_ID] || id + user_session_id = context.span[Ext::TAG_SESSION_ID] || session_id + + # FIXME: The current implementation of event arguments is forsing us + # to bloat User class, and pass nil-value instead of skip + # passing them at first place. + # This is a temporary situation until we refactor events model. AppSec::Instrumentation.gateway.push( - 'identity.set_user', AppSec::Instrumentation::Gateway::User.new(id, nil) + 'identity.set_user', AppSec::Instrumentation::Gateway::User.new(user_id, nil, user_session_id) ) end - context.span[Ext::TAG_DD_USR_ID] = id.to_s + context.span[Ext::TAG_USR_ID] ||= id + context.span[Ext::TAG_DD_USR_ID] = id context.span[Ext::TAG_DD_COLLECTION_MODE] ||= Configuration.auto_user_instrumentation_mode end diff --git a/lib/datadog/appsec/monitor/gateway/watcher.rb b/lib/datadog/appsec/monitor/gateway/watcher.rb index 4bf28f0e383..a7c4ee58252 100644 --- a/lib/datadog/appsec/monitor/gateway/watcher.rb +++ b/lib/datadog/appsec/monitor/gateway/watcher.rb @@ -21,7 +21,7 @@ def watch_user_id(gateway = Instrumentation.gateway) gateway.watch('identity.set_user', :appsec) do |stack, user| context = AppSec.active_context - if user.id.nil? && user.login.nil? + if user.id.nil? && user.login.nil? && user.session_id.nil? Datadog.logger.debug { 'AppSec: skipping WAF check because no user information was provided' } next stack.call(user) end @@ -29,16 +29,18 @@ def watch_user_id(gateway = Instrumentation.gateway) persistent_data = {} persistent_data['usr.id'] = user.id if user.id persistent_data['usr.login'] = user.login if user.login + persistent_data['usr.session_id'] = user.session_id if user.session_id result = context.run_waf(persistent_data, {}, Datadog.configuration.appsec.waf_timeout) - if result.match? - AppSec::Event.tag_and_keep!(context, result) - + if result.match? || !result.derivatives.empty? context.events.push( AppSec::SecurityEvent.new(result, trace: context.trace, span: context.span) ) + end + if result.match? + AppSec::Event.tag_and_keep!(context, result) AppSec::ActionsHandler.handle(result.actions) end diff --git a/sig/datadog/appsec/contrib/devise/ext.rbs b/sig/datadog/appsec/contrib/devise/ext.rbs index 526cca3bdc7..c32a80ff16f 100644 --- a/sig/datadog/appsec/contrib/devise/ext.rbs +++ b/sig/datadog/appsec/contrib/devise/ext.rbs @@ -11,6 +11,8 @@ module Datadog TAG_USR_ID: ::String + TAG_SESSION_ID: ::String + TAG_LOGIN_SUCCESS_TRACK: ::String TAG_LOGIN_SUCCESS_USR_LOGIN: ::String diff --git a/sig/datadog/appsec/contrib/devise/tracking_middleware.rbs b/sig/datadog/appsec/contrib/devise/tracking_middleware.rbs index c340188c2e5..8b57519b3cb 100644 --- a/sig/datadog/appsec/contrib/devise/tracking_middleware.rbs +++ b/sig/datadog/appsec/contrib/devise/tracking_middleware.rbs @@ -5,6 +5,8 @@ module Datadog class TrackingMiddleware WARDEN_KEY: ::String + SESSION_ID_KEY: ::String + @app: untyped def initialize: (untyped app) -> void diff --git a/spec/datadog/appsec/contrib/integration/devise/authenticated_single_user_session_tracking_spec.rb b/spec/datadog/appsec/contrib/integration/devise/authenticated_single_user_session_tracking_spec.rb new file mode 100644 index 00000000000..a96b5751b68 --- /dev/null +++ b/spec/datadog/appsec/contrib/integration/devise/authenticated_single_user_session_tracking_spec.rb @@ -0,0 +1,355 @@ +# frozen_string_literal: true + +require 'datadog/tracing/contrib/support/spec_helper' +require 'datadog/appsec/spec_helper' +require 'rack/test' + +require 'action_controller/railtie' +require 'active_record' +require 'sqlite3' +require 'devise' + +RSpec.describe 'Devise auto login and signup events session tracking' do + include Rack::Test::Methods + include Warden::Test::Helpers + + before do + # NOTE: By doing this we are emulating the initial load of the devise rails + # engine for every test case. It will install the required middleware. + # WARNING: This is a hack! + Devise.send(:remove_const, :Engine) + load File.join(Gem.loaded_specs['devise'].full_gem_path, 'lib/devise/rails.rb') + + Devise.setup do |config| + config.secret_key = 'test-secret-key' + + require 'devise/orm/active_record' + + config.sign_out_via = :delete + config.responder.error_status = :unprocessable_entity + config.responder.redirect_status = :see_other + config.sign_out_all_scopes = false + config.parent_controller = 'TestApplicationController' + config.paranoid = true + config.stretches = 1 + config.password_length = 6..8 + config.http_authenticatable = true + end + + # app/models + stub_const('User', Class.new(ActiveRecord::Base)).tap do |klass| + klass.establish_connection({ adapter: 'sqlite3', database: ':memory:' }) + klass.connection.create_table 'users', force: :cascade do |t| + t.string :username, null: false + t.string :email, default: '', null: false + t.string :encrypted_password, default: '', null: false + end + + klass.class_eval do + devise :database_authenticatable, :registerable, :validatable + end + + # prevent internal sql requests from showing up + klass.count + end + + stub_const('TestApplicationController', Class.new(ActionController::Base)).class_eval do + before_action :configure_permitted_parameters, if: :devise_controller? + + def configure_permitted_parameters + devise_parameter_sanitizer.permit(:sign_up) do |user| + user.permit(:username, :email, :password, :password_confirmation) + end + end + end + + # NOTE: Unfortunately, can't figure out why devise receives 3 times `finalize!` + # of the RouteSet patch, hence it's bypassed with below hack. + # The order of hacks matters! + allow(Devise).to receive(:regenerate_helpers!) + + # Customer middleware + customer_middleware + + # Rails app + # NOTE: https://github.com/heartcombo/devise/blob/fec67f98f26fcd9a79072e4581b1bd40d0c7fa1d/guides/bug_report_templates/integration_test.rb#L43-L57 + app = Class.new(Rails::Application) do + config.root = __dir__ + config.secret_key_base = 'test-secret-key-base' + config.action_dispatch.show_exceptions = :rescuable + config.hosts.clear + config.eager_load = false + config.consider_all_requests_local = true + # NOTE: For debugging replace with $stdout + config.logger = Rails.logger = Logger.new(StringIO.new) + + config.middleware.insert_before(Warden::Manager, CustomerMiddleware) + + config.file_watcher = Class.new(ActiveSupport::FileUpdateChecker) do + def initialize(files, dirs = {}, &block) + dirs = dirs.delete('') if dirs.include?('') + + super(files, dirs, &block) + end + end + end + + stub_const('RailsTest::Application', app) + + Datadog.configure do |config| + config.tracing.enabled = true + config.tracing.instrument :rails + config.tracing.instrument :http + + config.appsec.enabled = true + config.appsec.ruleset = custom_rules + config.appsec.instrument :rails + config.appsec.instrument :devise + config.appsec.auto_user_instrumentation.mode = 'identification' + + config.remote.enabled = false + end + + app.initialize! + app.routes.draw do + devise_for :users, controllers: { registrations: 'test_registrations' } + + get '/public' => 'public#index' + end + + # NOTE: Unfortunately, can't figure out why devise receives 3 times `finalize!` + # of the RouteSet patch, hence it's bypassed with below hack. + # The order of hacks matters! + Devise.class_variable_set(:@@warden_configured, nil) # rubocop:disable Style/ClassVars + Devise.configure_warden! + + # app/controllers + stub_const('PublicController', Class.new(ActionController::Base)).class_eval do + def index + respond_to do |format| + format.html { render plain: 'This is public page' } + end + end + end + + allow(Rails).to receive(:application).and_return(app) + allow(Datadog::AppSec::Instrumentation).to receive(:gateway).and_return(gateway) + + # NOTE: Don't reach the agent in any way + allow_any_instance_of(Datadog::Tracing::Transport::HTTP::Client).to receive(:send_request) + allow_any_instance_of(Datadog::Tracing::Transport::Traces::Transport).to receive(:native_events_supported?) + .and_return(true) + + Datadog::AppSec::Monitor::Gateway::Watcher.watch + end + + after do + clear_traces! + + Datadog.configuration.reset! + Datadog.registry[:rack].reset_configuration! + + ActiveSupport::Dependencies.clear if Rails.application + ActiveSupport::Dependencies.autoload_paths = [] + ActiveSupport::Dependencies.autoload_once_paths = [] + ActiveSupport::Dependencies._eager_load_paths = Set.new + ActiveSupport::Dependencies._autoloaded_tracked_classes = Set.new + + # rubocop:disable Style/ClassVars + Rails::Railtie::Configuration.class_variable_set(:@@eager_load_namespaces, nil) + Rails::Railtie::Configuration.class_variable_set(:@@watchable_files, nil) + Rails::Railtie::Configuration.class_variable_set(:@@watchable_dirs, nil) + Rails::Railtie::Configuration.class_variable_set(:@@app_generators, nil) + Rails::Railtie::Configuration.class_variable_set(:@@to_prepare_blocks, nil) + Rails::Railtie::Configuration.class_variable_set(:@@app_middleware, nil) + Devise.class_variable_set(:@@mappings, {}) + Devise.class_variable_set(:@@warden_configured, nil) + # rubocop:enable Style/ClassVars + + # Remnove Rails caches + Rails.app_class = nil + Rails.cache = nil + end + + let(:custom_rules) do + { + 'version' => '2.1', + 'metadata' => { 'rules_version' => '1.2.6' }, + 'rules' => [ + { + 'id' => 'arachni_rule', + 'name' => 'Arachni', + 'tags' => { 'type' => 'security_scanner', 'category' => 'attack_attempt' }, + 'conditions' => [ + { + 'parameters' => { + 'inputs' => [ + { + 'address' => 'server.request.headers.no_cookies', + 'key_path' => ['user-agent'] + } + ], + 'regex' => '^Arachni\\/v' + }, + 'operator' => 'match_regex' + } + ], + 'on_match' => ['block'] + } + ], + 'scanners' => [], + 'processors' => [ + { + 'id' => 'session-fingerprint', + 'generator' => 'session_fingerprint', + 'conditions' => [], + 'parameters' => { + 'mappings' => [ + { + 'cookies' => [{ 'address' => 'server.request.cookies' }], + 'session_id' => [{ 'address' => 'usr.session_id' }], + 'user_id' => [{ 'address' => 'usr.id' }], + 'output' => '_dd.appsec.fp.session' + } + ] + }, + 'evaluate' => true, + 'output' => true + } + ] + } + end + + let(:customer_middleware) do + stub_const('CustomerMiddleware', Class.new).class_eval do + def initialize(app) + @app = app + end + + def call(env) + @app.call(env) + end + end + end + + let(:http_service_entry_span) { spans.find { |s| s.name == 'rack.request' } } + let(:http_service_entry_trace) { traces.find { |t| t.id == http_service_entry_span.trace_id } } + + let(:gateway) { Datadog::AppSec::Instrumentation::Gateway.new } + let(:response) { last_response } + let(:app) { Rails.application } + + context 'when user is not authenticated' do + it 'allows unauthenticated user to visit public page and does not track it' do + get('/public') + + expect(response).to be_ok + expect(response.body).to eq('This is public page') + + expect(http_service_entry_span.tags).not_to have_key('usr.id') + expect(http_service_entry_span.tags).not_to have_key('usr.session_id') + expect(http_service_entry_span.tags).not_to have_key('_dd.appsec.fp.session') + end + end + + context 'when user is authenticated' do + before do + user = User.create!(username: 'JohnDoe', email: 'john.doe@example.com', password: '123456') + login_as(user) + end + + it 'allows authenticated user to visit public page and tracks it' do + get('/public') + + expect(response).to be_ok + expect(response.body).to eq('This is public page') + + expect(http_service_entry_span.tags).not_to have_key('usr.session_id') + expect(http_service_entry_span.tags).to include( + 'usr.id' => '1', + '_dd.appsec.fp.session' => String + ) + end + end + + context 'when user is authenticated and customer already uses SDK to set user' do + before do + allow_any_instance_of(Datadog::AppSec::Context).to receive(:run_waf).and_call_original + + user = User.create!(username: 'JohnDoe', email: 'john.doe@example.com', password: '123456') + login_as(user) + end + + context 'when only user id was set' do + let(:customer_middleware) do + stub_const('CustomerMiddleware', Class.new).class_eval do + def initialize(app) + @app = app + end + + def call(env) + span = Datadog::Tracing.active_span + trace = Datadog::Tracing.active_trace + + Datadog::Kit::Identity.set_user(trace, span, id: '42') + + @app.call(env) + end + end + end + + it 'tracks it with SDK values and session id from auto-instrumentation' do + expect_any_instance_of(Datadog::AppSec::Context).to receive(:run_waf) + .with(hash_including('usr.session_id' => String), anything, anything).once + .and_call_original + + get('/public') + + expect(response).to be_ok + expect(response.body).to eq('This is public page') + + expect(http_service_entry_span.tags).not_to have_key('usr.session_id') + expect(http_service_entry_span.tags).to include( + 'usr.id' => '42', + '_dd.appsec.fp.session' => String + ) + end + end + + context 'when user id and session id were set' do + let(:customer_middleware) do + stub_const('CustomerMiddleware', Class.new).class_eval do + def initialize(app) + @app = app + end + + def call(env) + span = Datadog::Tracing.active_span + trace = Datadog::Tracing.active_trace + + Datadog::Kit::Identity.set_user(trace, span, id: '42', session_id: '1234567890') + + @app.call(env) + end + end + end + + it 'tracks it with SDK values and customer session id' do + expect_any_instance_of(Datadog::AppSec::Context).to receive(:run_waf) + .with(hash_including('usr.session_id' => '1234567890'), anything, anything).once + .and_call_original + + get('/public') + + expect(response).to be_ok + expect(response.body).to eq('This is public page') + + expect(http_service_entry_span.tags).to include( + 'usr.id' => '42', + 'usr.session_id' => '1234567890', + '_dd.appsec.fp.session' => String + ) + end + end + end +end From 07ede056b0899927e66461c2eaaff499da36eede Mon Sep 17 00:00:00 2001 From: Sergey Fedorov Date: Tue, 6 May 2025 13:26:19 +0200 Subject: [PATCH 5/7] Force session processor system tests --- .github/forced-tests-list.json | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/forced-tests-list.json b/.github/forced-tests-list.json index e5d72647589..3a87e347fe4 100644 --- a/.github/forced-tests-list.json +++ b/.github/forced-tests-list.json @@ -1,6 +1,7 @@ { "APPSEC_BLOCKING": [ "tests/appsec/test_fingerprinting.py::Test_Fingerprinting_Endpoint_Preprocessor", + "tests/appsec/test_fingerprinting.py::Test_Fingerprinting_Session_Preprocessor", "tests/appsec/test_fingerprinting.py::Test_Fingerprinting_Header_And_Network_Preprocessor" ] } From 9d028adafb40eb80dc4d1f4c039a4eac1d402e9a Mon Sep 17 00:00:00 2001 From: Sergey Fedorov Date: Wed, 7 May 2025 11:12:22 +0200 Subject: [PATCH 6/7] Switch system-tests to branch with tests enabled --- .github/workflows/system-tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/system-tests.yml b/.github/workflows/system-tests.yml index 19391b801bf..22c41ff1f40 100644 --- a/.github/workflows/system-tests.yml +++ b/.github/workflows/system-tests.yml @@ -22,7 +22,7 @@ permissions: {} env: REGISTRY: ghcr.io REPO: ghcr.io/datadog/dd-trace-rb - SYSTEM_TESTS_REF: main # This must always be set to `main` on dd-trace-rb's master branch + SYSTEM_TESTS_REF: appsec-57504-enable-session-tracking-and-fingerprinting # This must always be set to `main` on dd-trace-rb's master branch jobs: changes: From 9e87f46cfd5f2827d6a7f8dbc1f8ba588d92dc68 Mon Sep 17 00:00:00 2001 From: Sergey Fedorov Date: Wed, 7 May 2025 14:47:00 +0200 Subject: [PATCH 7/7] Remove session forced tests --- .github/forced-tests-list.json | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/forced-tests-list.json b/.github/forced-tests-list.json index 3a87e347fe4..e5d72647589 100644 --- a/.github/forced-tests-list.json +++ b/.github/forced-tests-list.json @@ -1,7 +1,6 @@ { "APPSEC_BLOCKING": [ "tests/appsec/test_fingerprinting.py::Test_Fingerprinting_Endpoint_Preprocessor", - "tests/appsec/test_fingerprinting.py::Test_Fingerprinting_Session_Preprocessor", "tests/appsec/test_fingerprinting.py::Test_Fingerprinting_Header_And_Network_Preprocessor" ] }