dd-trace-rb
dd-trace-rb copied to clipboard
Pass HTTP client IP to WAF
What does this PR do?
Pass HTTP client IP to WAF, which in turn makes it blockable.
Motivation
IP blocking.
How to test the change?
Specs, or manually:
# with Datadog.configure { |c| c.appsec.ip_denylist = ['1.2.3.4'] }
curl -vv -H 'X-Forwarded-For: 1.2.3.4' -H 'Accept: text/html' http://127.0.0.1:9292/
curl -vv -H 'X-Forwarded-For: 1.2.3.4' -H 'Accept: application/json' http://127.0.0.1:9292/
curl -vv -H 'X-Forwarded-For: 1.2.3.4' -H 'Accept: text/plain' http://127.0.0.1:9292/
curl -vv -H 'X-Forwarded-For: 1.2.3.4' http://127.0.0.1:9292/