Escape characters in log files
Manlio Perillo
manlio_perillo at libero.it
Tue Jan 15 11:48:39 MSK 2008
David Phillips ha scritto:
> nginx does not escape logged variables. This makes it impossible to
> reliably parse log entries. This is what Apache does:
>
Can you post an example, thanks?
> For security reasons, starting with version 2.0.46, non-printable
> and other special characters in %r, %i and %o are escaped using
> \xhh sequences, where hh stands for the hexadecimal representation
> of the raw byte. Exceptions from this rule are " and \, which are
> escaped by prepending a backslash, and all whitespace characters,
> which are written in their C-style notation (\n, \t, etc). In
> versions prior to 2.0.46, no escaping was performed on these strings
> so you had to be quite careful when dealing with raw log files.
>
> http://httpd.apache.org/docs/2.2/mod/mod_log_config.html
>
> I would like to fix this in nginx. What is the best way to handle this issue?
>
Modify the http log module.
I think you only need to modify the ngx_http_log_variable_getlen and
ngx_http_log_variable functions.
>
Manlio Perillo
More information about the nginx
mailing list