IBM Security Verify

Expand all | Collapse all

Dynatrace extension - how to disable its automatic .js injection ?

  • 1.  Dynatrace extension - how to disable its automatic .js injection ?

    Posted Tue July 20, 2021 03:10 PM
    Hi everybody,

    We installed the Dynatrace OneAgent extension (https://exchange.xforce.ibmcloud.com/hub/extension/46c449543f3570e9f4ffd15370c2c32b) to explore the metrics that are made available..

    After enabling the Dynatrace extension we started encountering a strange behavior when logging in to the LMI : after authentication ISAM redirects the browser to https://myisam.internal.domain/core/ruxitagentjs_ICA2SVfqru_10219210719121502.js
    That javascript file is some sort of Dynatrace web tracker.

    After analyzing the html content of the LMI login page, we identified a line that seems to have been added by the Dynatrace plugin:
        <script type="text/javascript" src="/core/ruxitagentjs_ICA2SVfqru_10219210719121502.js" data-dtconfig="app=2097877e7cf2df46|rcdec=1209600000|featureHash=ICA2SVfqru|vcv=2|rdnt=1|uxrgce=1|bp=3|srmcrv=10|cuc=skgb1fc2|mel=100000|dpvc=1|ssv=4|lastModification=1626731166290|dtVersion=10219210719121502|srmcrl=1|tp=500,50,0,1|uxdcw=1500|vs=2|agentUri=/core/ruxitagentjs_ICA2SVfqru_10219210719121502.js|reportUrl=/core/rb_bf95001xhd|rid=RID_1628671577|rpid=-753908167|domain=ept.lu">
    ​

    When not yet authentified (that's why the login form is displayed) that .js file is not accessible and so, after the authentication, ISAM redirects to the .js file  instead of redirecting to the LMI itself.


    By itself, it's not a blocking issue, as we can manually edit the url to go back to the LMI.
    The real problem is that the same .js is injected in many "management root" pages of ISAM, and we also encounter the same behavior on other public facing services as the OAuth server.
    Furthermore we exported management root pages and template files and we were unable to find any reference to that javascript file.
    -=> We are now thinking that the Dynatrace plugin dynamically injects its tracking javascript. (is that even possible?)


    We would like to be able to simply disable the web tracking features from the Dynatrace agent, but the ISAM extension does not expose any parameter allowing to customize that behavior.


    Is this something someone else ran into ?
    Is there any way for us to have a better understanding on how the Dynatrace extension dynamically injects the javascript import ? A way to disable it ?
    Does anyone know the developper(s) of the Dynatrace extension ? :)


    Thank you for any tip that you could think of

    ------------------------------
    André Leruitte
    ------------------------------


  • 2.  RE: Dynatrace extension - how to disable its automatic .js injection ?

    Posted Tue July 20, 2021 04:17 PM

    Hi André.

    Thank you so much for sharing.

    I had the exact same behavior with one appliance where had deployed the Dynatrace agent also as well ... and forgot about it ... and then started experimenting with strange /core/ URIs in the LMI ... which I investigated for quite some time ... even opened a support Case which led to nothing which we abandoned ... and I could not reproduced this behavior elsewhere so in the end I decide to scrap and recreate that appliance which resolved the issue.  I have not re-installed the Dynatrace agent yet.

    Now your post was the missing element linking together the behavior with the Dynatrace agent installation.

    But sorry, I don't have any answer for your other questions.


    Sylvain

    ------------------------------
    Sylvain Gilbert
    ------------------------------



  • 3.  RE: Dynatrace extension - how to disable its automatic .js injection ?

    Posted Tue July 20, 2021 05:14 PM
    Andre,

    The Dynatrace extension is developed by the core Verify Access development team.  However, the development team itself does not have a lot of knowledge on the Dynatrace product - the extension purely installs the Dynatrace agent into the environment.  I've gone through the Dynatrace installation options, and there doesn't appear to be a way to disable JavaScript injection (https://www.dynatrace.com/support/help/setup-and-configuration/dynatrace-oneagent/installation-and-operation/linux/installation/customize-oneagent-installation-on-linux/).  Have you tried reaching out to the Dynatrace support to see if it is possible to disable the JavaScript injection?

    ------------------------------
    Scott Exton
    IBM
    Gold Coast
    ------------------------------



  • 4.  RE: Dynatrace extension - how to disable its automatic .js injection ?

    Posted Fri July 23, 2021 07:23 AM
    Hi @Sylvain Gilbert and @Scott Exton,

    Thank you both for your replies.

    We contacted Dynatrace who seems to have another extension version we have to test. As soon as I am able to check with the coworker involved I will update this thread.

    ​​

    ------------------------------
    André Leruitte
    ------------------------------