Missing http.response.headers.content-type span tag on blocking responses - netty fix

[jandro996]

What Does This Do

Fixes missing http.response.headers.* span tags on blocking responses for Netty-based runtimes (Vert.x, Play) and Akka-HTTP (Play).

Changes:

• Netty 3.8, 4.0 & 4.1 blocking: BlockingResponseHandler now writes http.response.headers.content-type and content-length directly via setTagTop() on the span after building the blocking response. The IG response header callbacks were already being fired but are insufficient here because GatewayBridge clears the collected headers when the WAF returns a second blocking action on the response.
• Non-AppSec requests: GatewayBridge.onRequestEnded() now writes response header span tags for all requests, not only those that triggered AppSec events.
• Akka-HTTP (Play) blocking: BlockingResponseHelper now writes the header tags directly in both maybeCreateBlockingResponse() (request-time blocking) and handleFinishForWaf() (response-time blocking detected by the WAF).

Motivation

Blocking handlers in Netty and Akka-HTTP fire the IG response header callbacks on the 403 they build, but the collected headers never reach the span. When the WAF analyses the blocking response headers, it returns another blocking action, causing GatewayBridge.onResponseHeaderDone() to call clearResponseHeadersForBlocking(), which wipes the headers before onRequestEnded() can write them as span tags. The fix bypasses that chain and writes the tags directly. The same issue affected non-AppSec requests where GatewayBridge.onRequestEnded() only wrote response header tags inside the !collectedEvents.isEmpty() branch.

Additional Notes

Contributor Checklist

• Format the title according to the contribution guidelines
• Assign the type: and (comp: or inst:) labels in addition to any other useful labels
• Avoid using close, fix, or any linking keywords when referencing an issue
  Use solves instead, and assign the PR milestone to the issue
• Update the CODEOWNERS file on source file addition, migration, or deletion
• Update public documentation with any new configuration flags or behaviors

Jira ticket: APPSEC-61447

Note: Once your PR is ready to merge, add it to the merge queue by commenting /merge. /merge -c cancels the queue request. /merge -f --reason "reason" skips all merge queue checks; please use this judiciously, as some checks do not run at the PR-level. For more information, see this doc.

[pr-commenter]

Benchmarks

Startup

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	alejandro.gonzalez/APPSEC-61289-netty
git_commit_date	1772556429	1772619403
git_commit_sha	9b93366	47b551a
release_version	1.61.0-SNAPSHOT~9b93366972	1.61.0-SNAPSHOT~47b551a1c3

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1772621252	1772621252
ci_job_id	1474396312	1474396312
ci_pipeline_id	100291702	100291702
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-zfyrx7zua-project-304-concurrent-0-0iv2z19z 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-zfyrx7zua-project-304-concurrent-0-0iv2z19z 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module	Agent	Agent
parent	None	None

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 64 metrics, 7 unstable metrics.

Startup time reports for insecure-bank

gantt
    title insecure-bank - global startup overhead: candidate=1.61.0-SNAPSHOT~47b551a1c3, baseline=1.61.0-SNAPSHOT~9b93366972

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.058 s) : 0, 1058404
Total [baseline] (8.841 s) : 0, 8841170
Agent [candidate] (1.055 s) : 0, 1055406
Total [candidate] (8.825 s) : 0, 8825485
section iast
Agent [baseline] (1.226 s) : 0, 1225943
Total [baseline] (9.563 s) : 0, 9562903
Agent [candidate] (1.23 s) : 0, 1229590
Total [candidate] (9.579 s) : 0, 9578912

Loading

• baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.058 s	-
Agent	iast	1.226 s	167.539 ms (15.8%)
Total	tracing	8.841 s	-
Total	iast	9.563 s	721.733 ms (8.2%)

• candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.055 s	-
Agent	iast	1.23 s	174.183 ms (16.5%)
Total	tracing	8.825 s	-
Total	iast	9.579 s	753.427 ms (8.5%)

gantt
    title insecure-bank - break down per module: candidate=1.61.0-SNAPSHOT~47b551a1c3, baseline=1.61.0-SNAPSHOT~9b93366972

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.193 ms) : 0, 1193
crashtracking [candidate] (1.191 ms) : 0, 1191
BytebuddyAgent [baseline] (627.683 ms) : 0, 627683
BytebuddyAgent [candidate] (627.798 ms) : 0, 627798
AgentMeter [baseline] (29.174 ms) : 0, 29174
AgentMeter [candidate] (29.102 ms) : 0, 29102
GlobalTracer [baseline] (256.298 ms) : 0, 256298
GlobalTracer [candidate] (256.727 ms) : 0, 256727
AppSec [baseline] (31.497 ms) : 0, 31497
AppSec [candidate] (31.387 ms) : 0, 31387
Debugger [baseline] (58.445 ms) : 0, 58445
Debugger [candidate] (58.374 ms) : 0, 58374
Remote Config [baseline] (584.061 µs) : 0, 584
Remote Config [candidate] (586.687 µs) : 0, 587
Telemetry [baseline] (8.601 ms) : 0, 8601
Telemetry [candidate] (8.576 ms) : 0, 8576
Flare Poller [baseline] (8.861 ms) : 0, 8861
Flare Poller [candidate] (5.603 ms) : 0, 5603
section iast
crashtracking [baseline] (1.216 ms) : 0, 1216
crashtracking [candidate] (1.199 ms) : 0, 1199
BytebuddyAgent [baseline] (795.465 ms) : 0, 795465
BytebuddyAgent [candidate] (799.142 ms) : 0, 799142
AgentMeter [baseline] (11.358 ms) : 0, 11358
AgentMeter [candidate] (11.384 ms) : 0, 11384
GlobalTracer [baseline] (247.02 ms) : 0, 247020
GlobalTracer [candidate] (247.817 ms) : 0, 247817
AppSec [baseline] (26.42 ms) : 0, 26420
AppSec [candidate] (26.351 ms) : 0, 26351
Debugger [baseline] (62.903 ms) : 0, 62903
Debugger [candidate] (62.234 ms) : 0, 62234
Remote Config [baseline] (520.452 µs) : 0, 520
Remote Config [candidate] (519.786 µs) : 0, 520
Telemetry [baseline] (14.831 ms) : 0, 14831
Telemetry [candidate] (14.722 ms) : 0, 14722
Flare Poller [baseline] (4.897 ms) : 0, 4897
Flare Poller [candidate] (4.884 ms) : 0, 4884
IAST [baseline] (25.128 ms) : 0, 25128
IAST [candidate] (25.19 ms) : 0, 25190

Loading

Startup time reports for petclinic

gantt
    title petclinic - global startup overhead: candidate=1.61.0-SNAPSHOT~47b551a1c3, baseline=1.61.0-SNAPSHOT~9b93366972

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.07 s) : 0, 1070132
Total [baseline] (11.09 s) : 0, 11089834
Agent [candidate] (1.071 s) : 0, 1070716
Total [candidate] (11.068 s) : 0, 11067780
section appsec
Agent [baseline] (1.253 s) : 0, 1253041
Total [baseline] (11.195 s) : 0, 11194880
Agent [candidate] (1.245 s) : 0, 1245430
Total [candidate] (11.247 s) : 0, 11246751
section iast
Agent [baseline] (1.243 s) : 0, 1243452
Total [baseline] (11.389 s) : 0, 11389120
Agent [candidate] (1.229 s) : 0, 1229379
Total [candidate] (11.434 s) : 0, 11433524
section profiling
Agent [baseline] (1.189 s) : 0, 1188568
Total [baseline] (11.124 s) : 0, 11123572
Agent [candidate] (1.189 s) : 0, 1188841
Total [candidate] (11.079 s) : 0, 11079019

Loading

• baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.07 s	-
Agent	appsec	1.253 s	182.909 ms (17.1%)
Agent	iast	1.243 s	173.32 ms (16.2%)
Agent	profiling	1.189 s	118.436 ms (11.1%)
Total	tracing	11.09 s	-
Total	appsec	11.195 s	105.046 ms (0.9%)
Total	iast	11.389 s	299.286 ms (2.7%)
Total	profiling	11.124 s	33.738 ms (0.3%)

• candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.071 s	-
Agent	appsec	1.245 s	174.715 ms (16.3%)
Agent	iast	1.229 s	158.664 ms (14.8%)
Agent	profiling	1.189 s	118.125 ms (11.0%)
Total	tracing	11.068 s	-
Total	appsec	11.247 s	178.971 ms (1.6%)
Total	iast	11.434 s	365.744 ms (3.3%)
Total	profiling	11.079 s	11.239 ms (0.1%)

gantt
    title petclinic - break down per module: candidate=1.61.0-SNAPSHOT~47b551a1c3, baseline=1.61.0-SNAPSHOT~9b93366972

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.193 ms) : 0, 1193
crashtracking [candidate] (1.204 ms) : 0, 1204
BytebuddyAgent [baseline] (632.915 ms) : 0, 632915
BytebuddyAgent [candidate] (635.008 ms) : 0, 635008
AgentMeter [baseline] (29.554 ms) : 0, 29554
AgentMeter [candidate] (29.419 ms) : 0, 29419
GlobalTracer [baseline] (259.878 ms) : 0, 259878
GlobalTracer [candidate] (259.538 ms) : 0, 259538
AppSec [baseline] (32.013 ms) : 0, 32013
AppSec [candidate] (31.932 ms) : 0, 31932
Debugger [baseline] (60.266 ms) : 0, 60266
Debugger [candidate] (60.076 ms) : 0, 60076
Remote Config [baseline] (600.704 µs) : 0, 601
Remote Config [candidate] (590.239 µs) : 0, 590
Telemetry [baseline] (8.724 ms) : 0, 8724
Telemetry [candidate] (8.739 ms) : 0, 8739
Flare Poller [baseline] (8.842 ms) : 0, 8842
Flare Poller [candidate] (8.097 ms) : 0, 8097
section appsec
crashtracking [baseline] (1.197 ms) : 0, 1197
crashtracking [candidate] (1.182 ms) : 0, 1182
BytebuddyAgent [baseline] (662.241 ms) : 0, 662241
BytebuddyAgent [candidate] (658.106 ms) : 0, 658106
AgentMeter [baseline] (12.081 ms) : 0, 12081
AgentMeter [candidate] (11.997 ms) : 0, 11997
GlobalTracer [baseline] (259.45 ms) : 0, 259450
GlobalTracer [candidate] (258.25 ms) : 0, 258250
AppSec [baseline] (178.234 ms) : 0, 178234
AppSec [candidate] (177.198 ms) : 0, 177198
Debugger [baseline] (65.128 ms) : 0, 65128
Debugger [candidate] (65.354 ms) : 0, 65354
Remote Config [baseline] (575.512 µs) : 0, 576
Remote Config [candidate] (572.945 µs) : 0, 573
Telemetry [baseline] (9.169 ms) : 0, 9169
Telemetry [candidate] (9.043 ms) : 0, 9043
Flare Poller [baseline] (4.422 ms) : 0, 4422
Flare Poller [candidate] (3.587 ms) : 0, 3587
IAST [baseline] (24.162 ms) : 0, 24162
IAST [candidate] (23.888 ms) : 0, 23888
section iast
crashtracking [baseline] (1.207 ms) : 0, 1207
crashtracking [candidate] (1.19 ms) : 0, 1190
BytebuddyAgent [baseline] (806.847 ms) : 0, 806847
BytebuddyAgent [candidate] (797.192 ms) : 0, 797192
AgentMeter [baseline] (11.804 ms) : 0, 11804
AgentMeter [candidate] (11.329 ms) : 0, 11329
GlobalTracer [baseline] (249.857 ms) : 0, 249857
GlobalTracer [candidate] (247.96 ms) : 0, 247960
AppSec [baseline] (26.738 ms) : 0, 26738
AppSec [candidate] (26.48 ms) : 0, 26480
Debugger [baseline] (64.421 ms) : 0, 64421
Debugger [candidate] (63.524 ms) : 0, 63524
Remote Config [baseline] (545.794 µs) : 0, 546
Remote Config [candidate] (523.123 µs) : 0, 523
Telemetry [baseline] (15.148 ms) : 0, 15148
Telemetry [candidate] (14.947 ms) : 0, 14947
Flare Poller [baseline] (4.988 ms) : 0, 4988
Flare Poller [candidate] (4.897 ms) : 0, 4897
IAST [baseline] (25.625 ms) : 0, 25625
IAST [candidate] (25.241 ms) : 0, 25241
section profiling
crashtracking [baseline] (1.181 ms) : 0, 1181
crashtracking [candidate] (1.192 ms) : 0, 1192
BytebuddyAgent [baseline] (686.301 ms) : 0, 686301
BytebuddyAgent [candidate] (687.48 ms) : 0, 687480
AgentMeter [baseline] (8.613 ms) : 0, 8613
AgentMeter [candidate] (8.64 ms) : 0, 8640
GlobalTracer [baseline] (216.217 ms) : 0, 216217
GlobalTracer [candidate] (216.655 ms) : 0, 216655
AppSec [baseline] (32.02 ms) : 0, 32020
AppSec [candidate] (32.059 ms) : 0, 32059
Debugger [baseline] (62.604 ms) : 0, 62604
Debugger [candidate] (62.059 ms) : 0, 62059
Remote Config [baseline] (608.725 µs) : 0, 609
Remote Config [candidate] (573.582 µs) : 0, 574
Telemetry [baseline] (11.352 ms) : 0, 11352
Telemetry [candidate] (10.586 ms) : 0, 10586
Flare Poller [baseline] (3.537 ms) : 0, 3537
Flare Poller [candidate] (4.351 ms) : 0, 4351
ProfilingAgent [baseline] (94.978 ms) : 0, 94978
ProfilingAgent [candidate] (94.069 ms) : 0, 94069
Profiling [baseline] (95.558 ms) : 0, 95558
Profiling [candidate] (94.629 ms) : 0, 94629

Loading

Load

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	alejandro.gonzalez/APPSEC-61289-netty
git_commit_date	1772556429	1772619403
git_commit_sha	9b93366	47b551a
release_version	1.61.0-SNAPSHOT~9b93366972	1.61.0-SNAPSHOT~47b551a1c3

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1772621694	1772621694
ci_job_id	1474396314	1474396314
ci_pipeline_id	100291702	100291702
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-zfyrx7zua-project-304-concurrent-0-7hgkcu4p 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-zfyrx7zua-project-304-concurrent-0-7hgkcu4p 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 1 performance improvements and 2 performance regressions! Performance is the same for 17 metrics, 16 unstable metrics.

scenario	Δ mean agg_http_req_duration_p50	Δ mean agg_http_req_duration_p95	Δ mean throughput	candidate mean agg_http_req_duration_p50	candidate mean agg_http_req_duration_p95	candidate mean throughput	baseline mean agg_http_req_duration_p50	baseline mean agg_http_req_duration_p95	baseline mean throughput
scenario:load:insecure-bank:iast:high_load	better [-165.841µs; -69.897µs] or [-6.596%; -2.780%]	unsure [-366.482µs; -32.725µs] or [-5.041%; -0.450%]	unstable [-104.471op/s; +205.159op/s] or [-7.325%; +14.384%]	2.397ms	7.070ms	1476.656op/s	2.514ms	7.269ms	1426.312op/s
scenario:load:petclinic:profiling:high_load	worse [+0.790ms; +1.445ms] or [+4.282%; +7.830%]	worse [+0.789ms; +2.409ms] or [+2.629%; +8.028%]	unstable [-36.399op/s; +10.961op/s] or [-14.710%; +4.430%]	19.578ms	31.610ms	234.719op/s	18.460ms	30.010ms	247.438op/s

Request duration reports for petclinic

gantt
    title petclinic - request duration [CI 0.99] : candidate=1.61.0-SNAPSHOT~47b551a1c3, baseline=1.61.0-SNAPSHOT~9b93366972
    dateFormat X
    axisFormat %s
section baseline
no_agent (18.538 ms) : 18347, 18728
.   : milestone, 18538,
appsec (19.057 ms) : 18860, 19254
.   : milestone, 19057,
code_origins (18.171 ms) : 17989, 18353
.   : milestone, 18171,
iast (17.87 ms) : 17696, 18044
.   : milestone, 17870,
profiling (18.865 ms) : 18675, 19055
.   : milestone, 18865,
tracing (17.89 ms) : 17712, 18069
.   : milestone, 17890,
section candidate
no_agent (19.304 ms) : 19111, 19497
.   : milestone, 19304,
appsec (19.626 ms) : 19427, 19826
.   : milestone, 19626,
code_origins (18.637 ms) : 18452, 18822
.   : milestone, 18637,
iast (17.936 ms) : 17761, 18112
.   : milestone, 17936,
profiling (19.887 ms) : 19683, 20090
.   : milestone, 19887,
tracing (17.686 ms) : 17509, 17862
.   : milestone, 17686,

Loading

• baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	18.538 ms [18.347 ms, 18.728 ms]	-
appsec	19.057 ms [18.86 ms, 19.254 ms]	519.748 µs (2.8%)
code_origins	18.171 ms [17.989 ms, 18.353 ms]	-366.908 µs (-2.0%)
iast	17.87 ms [17.696 ms, 18.044 ms]	-667.41 µs (-3.6%)
profiling	18.865 ms [18.675 ms, 19.055 ms]	327.652 µs (1.8%)
tracing	17.89 ms [17.712 ms, 18.069 ms]	-647.086 µs (-3.5%)

• candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	19.304 ms [19.111 ms, 19.497 ms]	-
appsec	19.626 ms [19.427 ms, 19.826 ms]	322.25 µs (1.7%)
code_origins	18.637 ms [18.452 ms, 18.822 ms]	-666.882 µs (-3.5%)
iast	17.936 ms [17.761 ms, 18.112 ms]	-1.368 ms (-7.1%)
profiling	19.887 ms [19.683 ms, 20.09 ms]	582.534 µs (3.0%)
tracing	17.686 ms [17.509 ms, 17.862 ms]	-1.618 ms (-8.4%)

Request duration reports for insecure-bank

gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.61.0-SNAPSHOT~47b551a1c3, baseline=1.61.0-SNAPSHOT~9b93366972
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.177 ms) : 1166, 1189
.   : milestone, 1177,
iast (3.208 ms) : 3165, 3251
.   : milestone, 3208,
iast_FULL (5.792 ms) : 5734, 5849
.   : milestone, 5792,
iast_GLOBAL (3.575 ms) : 3507, 3642
.   : milestone, 3575,
profiling (2.094 ms) : 2075, 2113
.   : milestone, 2094,
tracing (1.743 ms) : 1729, 1757
.   : milestone, 1743,
section candidate
no_agent (1.194 ms) : 1182, 1206
.   : milestone, 1194,
iast (3.095 ms) : 3053, 3137
.   : milestone, 3095,
iast_FULL (5.74 ms) : 5683, 5797
.   : milestone, 5740,
iast_GLOBAL (3.55 ms) : 3495, 3605
.   : milestone, 3550,
profiling (2.283 ms) : 2261, 2304
.   : milestone, 2283,
tracing (1.806 ms) : 1791, 1821
.   : milestone, 1806,

Loading

• baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.177 ms [1.166 ms, 1.189 ms]	-
iast	3.208 ms [3.165 ms, 3.251 ms]	2.03 ms (172.4%)
iast_FULL	5.792 ms [5.734 ms, 5.849 ms]	4.614 ms (391.9%)
iast_GLOBAL	3.575 ms [3.507 ms, 3.642 ms]	2.397 ms (203.6%)
profiling	2.094 ms [2.075 ms, 2.113 ms]	916.794 µs (77.9%)
tracing	1.743 ms [1.729 ms, 1.757 ms]	565.602 µs (48.0%)

• candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.194 ms [1.182 ms, 1.206 ms]	-
iast	3.095 ms [3.053 ms, 3.137 ms]	1.901 ms (159.2%)
iast_FULL	5.74 ms [5.683 ms, 5.797 ms]	4.546 ms (380.7%)
iast_GLOBAL	3.55 ms [3.495 ms, 3.605 ms]	2.356 ms (197.3%)
profiling	2.283 ms [2.261 ms, 2.304 ms]	1.089 ms (91.2%)
tracing	1.806 ms [1.791 ms, 1.821 ms]	611.749 µs (51.2%)

Dacapo

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	alejandro.gonzalez/APPSEC-61289-netty
git_commit_date	1772556429	1772619403
git_commit_sha	9b93366	47b551a
release_version	1.61.0-SNAPSHOT~9b93366972	1.61.0-SNAPSHOT~47b551a1c3

See matching parameters

	Baseline	Candidate
application	biojava	biojava
ci_job_date	1772621459	1772621459
ci_job_id	1474396316	1474396316
ci_pipeline_id	100291702	100291702
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-zfyrx7zua-project-304-concurrent-0-7xnirq0z 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-zfyrx7zua-project-304-concurrent-0-7xnirq0z 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 1 unstable metrics.

Execution time for tomcat

gantt
    title tomcat - execution time [CI 0.99] : candidate=1.61.0-SNAPSHOT~47b551a1c3, baseline=1.61.0-SNAPSHOT~9b93366972
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.477 ms) : 1465, 1488
.   : milestone, 1477,
appsec (3.846 ms) : 3619, 4072
.   : milestone, 3846,
iast (2.265 ms) : 2196, 2334
.   : milestone, 2265,
iast_GLOBAL (2.298 ms) : 2228, 2367
.   : milestone, 2298,
profiling (2.073 ms) : 2018, 2128
.   : milestone, 2073,
tracing (2.059 ms) : 2005, 2112
.   : milestone, 2059,
section candidate
no_agent (1.473 ms) : 1461, 1484
.   : milestone, 1473,
appsec (3.817 ms) : 3595, 4039
.   : milestone, 3817,
iast (2.257 ms) : 2188, 2326
.   : milestone, 2257,
iast_GLOBAL (2.299 ms) : 2230, 2368
.   : milestone, 2299,
profiling (2.081 ms) : 2027, 2136
.   : milestone, 2081,
tracing (2.074 ms) : 2020, 2127
.   : milestone, 2074,

Loading

• baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.477 ms [1.465 ms, 1.488 ms]	-
appsec	3.846 ms [3.619 ms, 4.072 ms]	2.369 ms (160.4%)
iast	2.265 ms [2.196 ms, 2.334 ms]	787.904 µs (53.4%)
iast_GLOBAL	2.298 ms [2.228 ms, 2.367 ms]	820.947 µs (55.6%)
profiling	2.073 ms [2.018 ms, 2.128 ms]	596.286 µs (40.4%)
tracing	2.059 ms [2.005 ms, 2.112 ms]	581.896 µs (39.4%)

• candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.473 ms [1.461 ms, 1.484 ms]	-
appsec	3.817 ms [3.595 ms, 4.039 ms]	2.344 ms (159.1%)
iast	2.257 ms [2.188 ms, 2.326 ms]	783.951 µs (53.2%)
iast_GLOBAL	2.299 ms [2.23 ms, 2.368 ms]	825.733 µs (56.1%)
profiling	2.081 ms [2.027 ms, 2.136 ms]	608.314 µs (41.3%)
tracing	2.074 ms [2.02 ms, 2.127 ms]	600.614 µs (40.8%)

Execution time for biojava

gantt
    title biojava - execution time [CI 0.99] : candidate=1.61.0-SNAPSHOT~47b551a1c3, baseline=1.61.0-SNAPSHOT~9b93366972
    dateFormat X
    axisFormat %s
section baseline
no_agent (14.988 s) : 14988000, 14988000
.   : milestone, 14988000,
appsec (14.893 s) : 14893000, 14893000
.   : milestone, 14893000,
iast (17.919 s) : 17919000, 17919000
.   : milestone, 17919000,
iast_GLOBAL (17.777 s) : 17777000, 17777000
.   : milestone, 17777000,
profiling (15.015 s) : 15015000, 15015000
.   : milestone, 15015000,
tracing (15.083 s) : 15083000, 15083000
.   : milestone, 15083000,
section candidate
no_agent (15.66 s) : 15660000, 15660000
.   : milestone, 15660000,
appsec (15.152 s) : 15152000, 15152000
.   : milestone, 15152000,
iast (18.119 s) : 18119000, 18119000
.   : milestone, 18119000,
iast_GLOBAL (17.822 s) : 17822000, 17822000
.   : milestone, 17822000,
profiling (15.423 s) : 15423000, 15423000
.   : milestone, 15423000,
tracing (15.201 s) : 15201000, 15201000
.   : milestone, 15201000,

Loading

• baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	14.988 s [14.988 s, 14.988 s]	-
appsec	14.893 s [14.893 s, 14.893 s]	-95.0 ms (-0.6%)
iast	17.919 s [17.919 s, 17.919 s]	2.931 s (19.6%)
iast_GLOBAL	17.777 s [17.777 s, 17.777 s]	2.789 s (18.6%)
profiling	15.015 s [15.015 s, 15.015 s]	27.0 ms (0.2%)
tracing	15.083 s [15.083 s, 15.083 s]	95.0 ms (0.6%)

• candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	15.66 s [15.66 s, 15.66 s]	-
appsec	15.152 s [15.152 s, 15.152 s]	-508.0 ms (-3.2%)
iast	18.119 s [18.119 s, 18.119 s]	2.459 s (15.7%)
iast_GLOBAL	17.822 s [17.822 s, 17.822 s]	2.162 s (13.8%)
profiling	15.423 s [15.423 s, 15.423 s]	-237.0 ms (-1.5%)
tracing	15.201 s [15.201 s, 15.201 s]	-459.0 ms (-2.9%)

[jandro996]

We can discard it since this approach requires implementation for each blocking implementation and is not necessary.

The new approach in #10711 solves everything directly in GatewayBridge.