-
Notifications
You must be signed in to change notification settings - Fork 10.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HttpLoggingMiddleware could allow custom code to decide whether to log or not #39200
Comments
Couldn't you wrap |
|
Similar to #31844 |
Thanks for contacting us. We're moving this issue to the |
Rather than on/off, you'd want something more granular like HttpLoggingFields (and return None for off). namespace Microsoft.AspNetCore.HttpLogging
{
public sealed class HttpLoggingOptions
{
+ public Func<HttpContext, HttpLoggingFields>? FieldSelector { get; set; }
}
} This is similar to the proposed endpoint attribute in #43222. |
Thank you for submitting this for API review. This will be reviewed by @dotnet/aspnet-api-review at the next meeting of the ASP.NET Core API Review group. Please ensure you take a look at the API review process documentation and ensure that:
|
As mentioned in the description, it should be possible to log or not log a specific request. Not by route or smth static. Two requests to the same endpoint may be handled differently depending on a specific criteria, like the status code. |
API Review Notes:
builder.Services.AddHttpLogging(options =>
{
//options.LoggingFields = FieldSelector.RequestPropertiesAndHeaders;
options.FieldSelector = context =>
{
if (<some condition that means the request should not be logged>)
{
return HttpLoggingFields.None;
}
return null;
};
});
API Approved with nullable return type! namespace Microsoft.AspNetCore.HttpLogging
{
public sealed class HttpLoggingOptions
{
+ public Func<HttpContext, HttpLoggingFields?>? FieldSelector { get; set; }
}
} |
I was thinking about whether the builder.Services.AddHttpLogging(options =>
{
var defaultOptions = HttpLoggingFields.RequestPropertiesAndHeaders;
options.LoggingFields = defaultOptions;
options.FieldSelector = context =>
{
if (<some condition to remove request headers>)
{
return defaultOptions & ~HttpLoggingFields.RequestHeaders;
}
return null;
};
}); But, not everyone uses WAB, and we are using + public Func<HttpContext, HttpLoggingFields, HttpLoggingFields?>? FieldSelector { get; set; } Also, thinking about
It seems like we would need a way of expressing this in the + public Func<HttpContext, bool, HttpLoggingFields, HttpLoggingFields?>? FieldSelector { get; set; } And optionally adding a delegate so that the parameters can be named. + public FieldSelectorDelegate? FieldSelector { get; set; }
+ public delegate HttpLoggingFields? FieldSelectorDelegate(HttpContext context, bool afterResponse, HttpLoggingFields currentFields); Or, adding a context object like we do in other middleware, in case we want to add more settings in the future, such as changing the response/request body log limits. |
If you're going to include the current HttpLoggingFields as an input, then the output doesn't need to be nullable, you can return the original input. + public Func<HttpContext, HttpLoggingFields, HttpLoggingFields>? FieldSelector { get; set; } |
You'd also need a separate option to enable the delayed call. Or even a two stage flow where you call it once, it says what to preserve, and then you call it again with the results and it decides if the logs should happen. This seems more complicated than we want to pursue right now. And by the time you have this many parameters you should be passing a context object. |
Yes, I was assuming that since it was already called out by Stephen.
Yes, that's what I said at the end of my comment.
I'm not saying we should add the delayed call right now. But we should design for potential future changes. |
API Review Notes:
API needs feedback still namespace Microsoft.AspNetCore.HttpLogging;
+public sealed class HttpLoggingContext
+{
+ public HttpLoggingContext();
+ public HttpContext HttpContext { get; set; }
+ public HttpLoggingFields LoggingFields { get; set; }
+ public int? RequestBodyLogLimit { get; }
+ public int? ResponseBodyLogLimit { get; }
+}
namespace Microsoft.AspNetCore.HttpLogging;
public sealed class HttpLoggingOptions
{
+ public Action<HttpLoggingContext>? HttpLoggingSelector { get; set; }
} |
Triage: it would be interesting to think about how you could do this in ILogger instead of here. cc @JamesNK who is working on other logging things that may be related. |
ILogger seems too late. Collecting these fields from the HttpContext and creating the log message, especially with the request body, is expensive. |
I think this is replaced by #31844 (comment) |
Closing as duplicate ^ |
Background and Motivation
The
HttpLoggingMiddleware
added recently works based on configuration options inHttpLoggingOptions
.The currently implementation is basically all or nothing. You either add the middleware or not. Even if you can decide what is redacted or not and if request/response bodies are included.
It would be nice if
HttpLoggingOptions
included a delegate to let the application (custom code) decide whether to log or not for a specific request.Proposed API
namespace Microsoft.AspNetCore.HttpLogging { public sealed class HttpLoggingOptions { + public Func<HttpContext, bool> Selector { get; set; } = context => true; } }
Usage Examples
Alternative Designs
You can implement your own middleware but that beats the whole purpose of implementing this feature in the framework.
An alternative would be to make
HttpLoggingMiddleware
public and add some kind of extensibility to it. At least one could implement that custom middleware but reuse the framework implementation (e.g. request buffering).Risks
The risk is that performance of HTTP logging would depend on the custom code implemented in the delegate.
The text was updated successfully, but these errors were encountered: