any way to escape logged bytes?
Maxim Dounin
mdounin at mdounin.ru
Thu Jul 30 14:21:41 UTC 2020
Hello!
On Thu, Jul 30, 2020 at 08:48:54PM +0800, Jeffrey 'jf' Lim wrote:
> On Thu, Jul 30, 2020 at 8:06 PM Maxim Dounin <mdounin at mdounin.ru> wrote:
> >
> > Hello!
> >
> > On Tue, Jul 28, 2020 at 01:08:32PM +0800, Jeffrey 'jf' Lim wrote:
> >
> > > I am discovering that nginx is logging the bytes sent by a client - in
> > > raw form - in my error.log for the following error:
> > >
> > > client sent invalid method while reading client request line, client:
> > > NN.N.N.N, server: NAME, request: ",'�Cookie: mstshash=eltons"
> > >
> > > Is there a way to get nginx to escape the bytes, as per what happens
> > > with access_log / log_format
> > > (https://nginx.org/en/docs/http/ngx_http_log_module.html#log_format)?
> >
> > No, currently error logs are written as is and not escaped.
> > Relevant ticket is here:
> >
> > https://trac.nginx.org/nginx/ticket/191
> >
>
> gotcha. Thank you! Will you accept a patch which would make error_log
> escape the same way as per log_format's default escaping? That's if I
> even manage to get it figured out.
Sure. Note though that there is more than one thing to consider,
including:
1. nginx uses multiline output in its own log messages, notably
debug logging of HTTP requests and responses, and it might not be
the best idea to escape all the error logs. Probably this needs
some discretion on what to escape.
2. There can be a lot of debug log output, and it is bad idea to
slow things down. Again, may need some discretion on what to
escape.
3. Error logging cannot allocate additional memory since it is
used, in particular, to log out-of-memory conditions.
--
Maxim Dounin
http://mdounin.ru/
More information about the nginx
mailing list