Skip to content

Commit

Permalink
Handle missing X-Forwarded-For header in TableErrorLog (#9444)
Browse files Browse the repository at this point in the history 
This helps reduce debugging locally when AzureStorage is being used.
  • Loading branch information
@joelverhagen
joelverhagen authored Mar 30, 2023
1 parent 659510b commit a656006
Show file tree
Hide file tree
Showing 3 changed files with 63 additions and 5 deletions.
19 changes: 14 additions & 5 deletions src/NuGetGallery.Core/Infrastructure/TableErrorLog.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -186,7 +186,7 @@ public override string Log(Error error)
return pos.ToString(CultureInfo.InvariantCulture);
}

private void Obfuscate(Error error)
public static void Obfuscate(Error error)
{
error.User = string.Empty;
if (error.Form != null)
Expand Down Expand Up @@ -218,10 +218,19 @@ private void Obfuscate(Error error)

error.ServerVariables["HTTP_X_NUGET_APIKEY"] = string.Empty;

var forwardedIps = error.ServerVariables["HTTP_X_FORWARDED_FOR"].Split(',');
var obfuscatedIps = forwardedIps.Select(Obfuscator.ObfuscateIp);

error.ServerVariables["HTTP_X_FORWARDED_FOR"] = string.Join(",", obfuscatedIps);
var forwardedIps = error.ServerVariables["HTTP_X_FORWARDED_FOR"]?
.Split(',')
.Select(x => x.Trim())
.Where(x => x.Length > 0)
.ToList();
if (forwardedIps != null)
{
var obfuscatedIps = string.Join(",", forwardedIps.Select(Obfuscator.ObfuscateIp));
if (!string.IsNullOrWhiteSpace(obfuscatedIps))
{
error.ServerVariables["HTTP_X_FORWARDED_FOR"] = obfuscatedIps;
}
}
}
}
}
48 changes: 48 additions & 0 deletions tests/NuGetGallery.Core.Facts/Infrastructure/TableErrorLogFacts.cs
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
// Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.

using System.Linq;
using Elmah;
using Xunit;

namespace NuGetGallery.Infrastructure
{
public class TableErrorLogFacts
{
public class TheObfuscateMethod
{
[Fact]
public void HandlesMissingForwardedHeader()
{
// Arrange
var error = new Error();

// Act
TableErrorLog.Obfuscate(error);

// Assert
Assert.DoesNotContain("HTTP_X_FORWARDED_FOR", error.ServerVariables.Keys.Cast<string>());
}

[Theory]
[InlineData("", "")]
[InlineData(",", ",")]
[InlineData(" ", " ")]
[InlineData("127.0.0.1", "127.0.0.0")]
[InlineData("127.1.2.3,127.1.2.4", "127.1.2.0,127.1.2.0")]
[InlineData("127.1.2.3 , 127.1.2.4", "127.1.2.0,127.1.2.0")]
public void ObfuscatesForwardedHeader(string input, string expected)
{
// Arrange
var error = new Error();
error.ServerVariables["HTTP_X_FORWARDED_FOR"] = input;

// Act
TableErrorLog.Obfuscate(error);

// Assert
Assert.Equal(expected, error.ServerVariables["HTTP_X_FORWARDED_FOR"]);
}
}
}
}
1 change: 1 addition & 0 deletions tests/NuGetGallery.Core.Facts/NuGetGallery.Core.Facts.csproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,7 @@
<Compile Include="Infrastructure\Mail\Messages\SymbolPackageValidationFailedMessageFacts.cs" />
<Compile Include="Infrastructure\Mail\Messages\SymbolPackageValidationTakingTooLongMessageFacts.cs" />
<Compile Include="Infrastructure\Mail\TestMessageServiceConfiguration.cs" />
<Compile Include="Infrastructure\TableErrorLogFacts.cs" />
<Compile Include="Packaging\ManifestValidatorFacts.cs" />
<Compile Include="Packaging\PackageIdValidatorTest.cs" />
<Compile Include="Packaging\PackageMetadataFacts.cs" />
Expand Down

0 comments on commit a656006

Please sign in to comment.