Change usage stats check for first-party request headers

First implementation made a best-effort attempt to determine whether or not a request was "first-party" (from the Kibana client) by checking "kbn-version", "origin", and "referer". If these three headers are all present, we thought it was very likely that the request was first-party. However, further testing after adding usage stats collection for additional SO APIs determined this to be inaccurate; some actual first-party requests do not include the "origin" header. I am not sure exactly why this is the case, but I have changed the check to use "user-agent" instead. This is another indicator that a request likely did not come from a programmatic consumer.
elastic · Dec 12, 2020 · 4d9d7f8 · 4d9d7f8
1 parent 7fcaf5f
commit 4d9d7f8
Show file tree

Hide file tree

Showing 4 changed files with 4 additions and 4 deletions.
diff --git a/src/core/server/core_usage_data/core_usage_stats_client.test.ts b/src/core/server/core_usage_data/core_usage_stats_client.test.ts
@@ -53,7 +53,7 @@ describe('CoreUsageStatsClient', () => {
     );
     return { usageStatsClient, debugLoggerMock, basePathMock, repositoryMock };
   };
-  const firstPartyRequestHeaders = { 'kbn-version': 'a', origin: 'b', referer: 'c' }; // as long as these three header fields are truthy, this will be treated like a first-party request
+  const firstPartyRequestHeaders = { 'kbn-version': 'a', 'user-agent': 'b', referer: 'c' }; // as long as these three header fields are truthy, this will be treated like a first-party request
   const incrementOptions = { refresh: false };
 
   describe('#getUsageStats', () => {

diff --git a/src/core/server/core_usage_data/core_usage_stats_client.ts b/src/core/server/core_usage_data/core_usage_stats_client.ts
@@ -224,5 +224,5 @@ function getAllCommonFields(prefix: string) {
 function getIsKibanaRequest({ headers }: KibanaRequest) {
   // The presence of these three request headers gives us a good indication that this is a first-party request from the Kibana client.
   // We can't be 100% certain, but this is a reasonable attempt.
-  return headers && headers['kbn-version'] && headers.origin && headers.referer;
+  return headers && headers['kbn-version'] && headers['user-agent'] && headers.referer;
 }
diff --git a/x-pack/plugins/spaces/server/usage_stats/usage_stats_client.test.ts b/x-pack/plugins/spaces/server/usage_stats/usage_stats_client.test.ts
@@ -22,7 +22,7 @@ describe('UsageStatsClient', () => {
     return { usageStatsClient, debugLoggerMock, repositoryMock };
   };
 
-  const firstPartyRequestHeaders = { 'kbn-version': 'a', origin: 'b', referer: 'c' }; // as long as these three header fields are truthy, this will be treated like a first-party request
+  const firstPartyRequestHeaders = { 'kbn-version': 'a', 'user-agent': 'b', referer: 'c' }; // as long as these three header fields are truthy, this will be treated like a first-party request
   const incrementOptions = { refresh: false };
 
   describe('#getUsageStats', () => {

diff --git a/x-pack/plugins/spaces/server/usage_stats/usage_stats_client.ts b/x-pack/plugins/spaces/server/usage_stats/usage_stats_client.ts
@@ -104,5 +104,5 @@ export class UsageStatsClient {
 function getIsKibanaRequest(headers?: Headers) {
   // The presence of these three request headers gives us a good indication that this is a first-party request from the Kibana client.
   // We can't be 100% certain, but this is a reasonable attempt.
-  return headers && headers['kbn-version'] && headers.origin && headers.referer;
+  return headers && headers['kbn-version'] && headers['user-agent'] && headers.referer;
 }