- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Alex_Oliveira
Engager
09-16-2022
02:16 AM
Hi,
I'm trying to use match-pattern - regex inside the app-agent-config.xml in our java microservice, but it does not work properly.
E.g.:
<sensitive-url-filter delimiter="/"
segment="3,4,5,6"
match-filter="REGEX"
match-pattern=":"
param-pattern="myParam|myAnotherParam"/>this should mask selected segments that contains : but it masks everything.
If I do match-pattern="=" it works as expected (masking segment that contains "=" in the string)
Another examples that do not work (they mask everything):
match-pattern=":"
match-pattern="\x3A" (3A is ":" in ASCII table)
match-pattern="[^a-z¦-]+" (should return true if there is anything other than lower letters and "-")
match-pattern=":|="
Thank you
Best regards,
Alex Oliveira
1 Solution
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Kenji_Kumada
Path Finder
10-04-2022
01:10 AM
Hi @Alex.Oliveira,
I have checked the implementation for this URL filtering feature in the Java agent in version 22.9.0, the latest version as of now. This feature matches the specified "match-pattern" against the whole URL, not against each segment content. After finding matches against the URL, it masks the segments specified in the configuration regardless of the segments' content.
I tested your configuration
<sensitive-url-filter delimiter="/"
segment="3,4,5,6"
match-filter="REGEX"
match-pattern=":"
param-pattern="myParam|myAnotherParam"/>with this URL
http://dummy.com:443/seg2/seg3/seg4/seg5/seg6/seg7?myParam=1&yourParam=2It resulted in
http://dummy.com:443/seg2/*****/*****/*****/*****/seg7?myParam=*****&yourParam=2
This is because `:` matches in the http protocol and segments 3, 4, 5 and 6 are specified.
When I changed match-patter from ":" to "=", the result was the same
http://dummy.com:443/seg2/*****/*****/*****/*****/seg7?myParam=*****&yourParam=2This is because '=' matches in the last segment `seg7?myParam=1&yourParam=2`.
This is different from the result you described when you put match-pattern=":". This may be due to different java agent versions or different java environments. If you share information about your environment and example URLs, maybe we can investigate further.
Best regards,
Kenji
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Kenji_Kumada
Path Finder
10-04-2022
01:10 AM
Hi @Alex.Oliveira,
I have checked the implementation for this URL filtering feature in the Java agent in version 22.9.0, the latest version as of now. This feature matches the specified "match-pattern" against the whole URL, not against each segment content. After finding matches against the URL, it masks the segments specified in the configuration regardless of the segments' content.
I tested your configuration
<sensitive-url-filter delimiter="/"
segment="3,4,5,6"
match-filter="REGEX"
match-pattern=":"
param-pattern="myParam|myAnotherParam"/>with this URL
http://dummy.com:443/seg2/seg3/seg4/seg5/seg6/seg7?myParam=1&yourParam=2It resulted in
http://dummy.com:443/seg2/*****/*****/*****/*****/seg7?myParam=*****&yourParam=2
This is because `:` matches in the http protocol and segments 3, 4, 5 and 6 are specified.
When I changed match-patter from ":" to "=", the result was the same
http://dummy.com:443/seg2/*****/*****/*****/*****/seg7?myParam=*****&yourParam=2This is because '=' matches in the last segment `seg7?myParam=1&yourParam=2`.
This is different from the result you described when you put match-pattern=":". This may be due to different java agent versions or different java environments. If you share information about your environment and example URLs, maybe we can investigate further.
Best regards,
Kenji
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Alex_Oliveira
Engager
10-05-2022
05:37 PM
Hi Kenji,
I didn't realize that the regex would consider the full url.
Now I did a proper regex taking this into consideration.
Thank you
