Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

✨ [RUM-4052] Sanitize site parameter in configuration #2735

Merged
merged 5 commits into from
May 6, 2024
Merged

✨ [RUM-4052] Sanitize site parameter in configuration #2735

merged 5 commits into from
May 6, 2024

Conversation

cy-moi
Copy link
Contributor

@cy-moi cy-moi commented Apr 30, 2024
edited
Loading

Motivation

site is a Datadog-wide parameter. The current non-sanitized implementation of site config parameter offers backward compatibility when a new datacenter is created. But in the context of a browser, site has a completely different meaning and could be mistaken for “my website”.

Changes

Add a non-breaking change to only accept values meeting a pattern like:/(datadog|ddog|datad0g|dd0g)/.

This would allow to retain backward compatibility and some degree of flexibility, while adding an extra protection layer.

Testing

  • Local
  • Staging
  • Unit
  • End to end

I have gone over the contributing documentation.

@cit-pr-commenter cit-pr-commenter
Copy link

cit-pr-commenter bot commented Apr 30, 2024
edited
Loading

Bundles Sizes Evolution

📦 Bundle Name Base Size Local Size 𝚫 𝚫% Status
Rum 157.47 KiB 157.67 KiB 207 B +0.13%
Logs 56.09 KiB 56.29 KiB 211 B +0.37%
Rum Slim 103.96 KiB 104.16 KiB 207 B +0.19%
Worker 25.21 KiB 25.21 KiB 0 B 0.00%
🚀 CPU Performance
Action Name Base Average Cpu Time (ms) Local Average Cpu Time (ms) 𝚫
adderror 0.031 0.064 0.033
addaction 0.016 0.016 -0.001
logmessage 0.005 0.008 0.003
startview 0.920 1.248 0.328
startstopsessionreplayrecording 1.017 1.119 0.103
addtiming 0.001 0.001 0.000
addglobalcontext 0.001 0.001 -0.000

@cy-moi cy-moi marked this pull request as ready for review April 30, 2024 12:13
@cy-moi cy-moi requested a review from a team as a code owner April 30, 2024 12:13
@cy-moi cy-moi marked this pull request as draft April 30, 2024 12:35
thomas-lebeau
thomas-lebeau reviewed Apr 30, 2024
View reviewed changes
packages/core/src/domain/configuration/configuration.ts Outdated
@@ -148,6 +151,11 @@ export function validateAndBuildConfiguration(initConfiguration: InitConfigurati
return
}

if (initConfiguration.site && !isDatadogSite(initConfiguration.site)) {
display.error('Site should be a valid Datadog site.')
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💭 thought: ‏ Should we link the the valid datadog site documentation? (i.e. https://docs.datadoghq.com/getting_started/site/)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have included the documentation link.

@codecov-commenter
Copy link

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 93.27%. Comparing base (5249c39) to head (f4872fb).

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #2735   +/-   ##
=======================================
  Coverage   93.26%   93.27%           
=======================================
  Files         241      241           
  Lines        7028     7034    +6     
  Branches     1553     1554    +1     
=======================================
+ Hits         6555     6561    +6     
  Misses        473      473

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@cy-moi cy-moi marked this pull request as ready for review May 2, 2024 09:22
@cy-moi cy-moi merged commit a8923eb into main May 6, 2024
20 checks passed
@cy-moi cy-moi deleted the congyao/RUM-4052-sanitize-site-param branch May 6, 2024 05:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@RomanGaignault RomanGaignault RomanGaignault approved these changes

@N-Boutaib N-Boutaib N-Boutaib approved these changes

@thomas-lebeau thomas-lebeau thomas-lebeau approved these changes

@nulrich nulrich nulrich approved these changes

@acorretti acorretti acorretti approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@cy-moi @codecov-commenter @acorretti @nulrich @thomas-lebeau @N-Boutaib @RomanGaignault