diff --git a/ext/serializer.c b/ext/serializer.c index fad71b7998..c4f43661af 100644 --- a/ext/serializer.c +++ b/ext/serializer.c @@ -407,9 +407,7 @@ static void dd_add_post_fields_to_meta_recursive(zend_array *meta, const char *t zend_string *postvalconcat = zend_strpprintf(0, "%s=%s", ZSTR_VAL(postkey), ZSTR_VAL(postvalstr)); zend_string_release(postvalstr); - // Match it with the regex to redact if needed and value is not an empty string - zend_string *regex_pattern = get_DD_TRACE_OBFUSCATION_QUERY_STRING_REGEXP(); - if (strlen(regex_pattern) > 0 && zai_match_regex(regex_pattern, postvalconcat)) { + if (zai_match_regex(get_DD_TRACE_OBFUSCATION_QUERY_STRING_REGEXP(), postvalconcat)) { zend_string *replacement = zend_string_init(ZEND_STRL(""), 0); dd_add_post_fields_to_meta(meta, type, postkey, replacement); zend_string_release(replacement); diff --git a/src/DDTrace/Util/Normalizer.php b/src/DDTrace/Util/Normalizer.php index 2c3f67ec4a..042865a2fa 100644 --- a/src/DDTrace/Util/Normalizer.php +++ b/src/DDTrace/Util/Normalizer.php @@ -218,11 +218,13 @@ private static function generateFilteredPostFields($postKey, $postVal, array $wh // Match it with the regex to redact if needed $obfuscationRegex = \ini_get('datadog.trace.obfuscation_query_string_regexp'); - $obfuscationRegex = '(' . $obfuscationRegex . ')'; - if (preg_match($obfuscationRegex, $postField)) { - return [$postKey => '']; - } else { - return [$postKey => $postVal]; + if ($obfuscationRegex !== "") { + $obfuscationRegex = '(' . $obfuscationRegex . ')'; + if (preg_match($obfuscationRegex, $postField)) { + return [$postKey => '']; + } else { + return [$postKey => $postVal]; + } } } else { // The postkey is not in the whitelist, and no wildcard set, then always use diff --git a/tests/Unit/Util/Normalizer/UriTest.php b/tests/Unit/Util/Normalizer/UriTest.php index 2e0b427102..b1014043a7 100644 --- a/tests/Unit/Util/Normalizer/UriTest.php +++ b/tests/Unit/Util/Normalizer/UriTest.php @@ -13,6 +13,7 @@ protected function ddSetUp() 'DD_TRACE_RESOURCE_URI_MAPPING_INCOMING', 'DD_TRACE_RESOURCE_URI_MAPPING_OUTGOING', 'DD_TRACE_RESOURCE_URI_QUERY_PARAM_ALLOWED', + 'DD_TRACE_OBFUSCATION_QUERY_STRING_REGEXP', ]); parent::ddSetUp(); } @@ -25,6 +26,7 @@ protected function ddTearDown() 'DD_TRACE_RESOURCE_URI_MAPPING_INCOMING', 'DD_TRACE_RESOURCE_URI_MAPPING_OUTGOING', 'DD_TRACE_RESOURCE_URI_QUERY_PARAM_ALLOWED', + 'DD_TRACE_OBFUSCATION_QUERY_STRING_REGEXP', ]); } @@ -486,6 +488,40 @@ public function testQueryParamPreserveWildcard() ); } + public function testObfuscationQueryStringConfigured() + { + $this->putEnvAndReloadConfig([ + 'DD_TRACE_OBFUSCATION_QUERY_STRING_REGEXP=\d{3}-\d{2}-\d{4}', + ]); + + $this->assertSame( + '/?', + \DDTrace\Util\Normalizer::uriNormalizeIncomingPath('/?ssn=123-45-6789') + ); + + $this->assertSame( + '/?', + \DDTrace\Util\Normalizer::uriNormalizeOutgoingPath('/?ssn=123-45-6789') + ); + } + + public function testObfuscationQueryStringWithEmptyRegex() + { + $this->putEnvAndReloadConfig([ + 'DD_TRACE_OBFUSCATION_QUERY_STRING_REGEXP=""', + ]); + + $this->assertSame( + '/?application_key=123', + \DDTrace\Util\Normalizer::uriNormalizeIncomingPath('/?application_key=123') + ); + + $this->assertSame( + '/?application_key=123', + \DDTrace\Util\Normalizer::uriNormalizeOutgoingPath('/?application_key=123') + ); + } + /** * @dataProvider dataProviderSanitizeNoDropUserinfo * @param string $url