Closed manuel-alvarez-alvarez closed 1 week ago
Baseline | Candidate | |
---|---|---|
baseline_or_candidate | baseline | candidate |
git_branch | master | malvarez/waf-session-fingerprint |
git_commit_date | 1726677448 | 1726688377 |
git_commit_sha | da9ecfbbcd | fff9d3586c |
release_version | 1.40.0-SNAPSHOT~da9ecfbbcd | 1.40.0-SNAPSHOT~fff9d3586c |
Found 0 performance improvements and 1 performance regressions! Performance is the same for 49 metrics, 13 unstable metrics.
scenario | Δ mean execution_time | candidate mean execution_time | baseline mean execution_time |
---|---|---|---|
scenario:startup:petclinic:profiling:AppSec | worse [+1.280ms; +2.777ms] or [+2.414%; +5.235%] |
55.082ms | 53.053ms |
Baseline | Candidate | |
---|---|---|
baseline_or_candidate | baseline | candidate |
end_time | 2024-09-18T19:50:20 | 2024-09-18T19:57:11 |
git_branch | master | malvarez/waf-session-fingerprint |
git_commit_date | 1726677448 | 1726688377 |
git_commit_sha | da9ecfbbcd | fff9d3586c |
release_version | 1.40.0-SNAPSHOT~da9ecfbbcd | 1.40.0-SNAPSHOT~fff9d3586c |
start_time | 2024-09-18T19:50:07 | 2024-09-18T19:56:58 |
Found 0 performance improvements and 0 performance regressions! Performance is the same for 10 metrics, 18 unstable metrics.
Baseline | Candidate | |
---|---|---|
baseline_or_candidate | baseline | candidate |
git_branch | master | malvarez/waf-session-fingerprint |
git_commit_date | 1726677448 | 1726688377 |
git_commit_sha | da9ecfbbcd | fff9d3586c |
release_version | 1.40.0-SNAPSHOT~da9ecfbbcd | 1.40.0-SNAPSHOT~fff9d3586c |
Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 1 unstable metrics.
What Does This Do
Add support for tracking the requested session ids for those frameworks supporting sessions. It also adds required WAF with the session ids to be able to generate session fingerprints.
Motivation
Fingerprinting is a technique used to identify and track users through the use of available data which, when combined through a certain set of algorithms, can provide a unique fingerprint for said user.
Additional Notes
See original RFC
Contributor Checklist
type:
and (comp:
orinst:
) labels in addition to any usefull labelsclose
,fix
or any linking keywords when referencing an issue.Use
solves
instead, and assign the PR milestone to the issueJira ticket: APPSEC-54838