-
-
Notifications
You must be signed in to change notification settings - Fork 5.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Parse external request id from request headers, and print it in access log #22906
Conversation
Maybe these headers could be added to |
I think you're right. i will put it into access log. thank you for your suggestion! |
linting is failing I'm afraid |
It should be ok now. |
BTW: chi router uses value from |
hi. |
Agree. Just pointed to chi solution in case gitea will need reqid in the future in other places also not just for logging (passing reqid with context sounds good). |
Thanks for this PR :) I wonder if it should only accept overrides from the trusted reverse proxy setting to prevent an end user being able to set the request ID (same protections we have in place for accepting forwarded IPs) |
Fetching reqid from header should be disabled by default and enabled only if admin knows what they are doing. Don't know giteas forwarded IPs protections and if they are suitable here. |
That's incorrect, unlike However, you reminded me, we should have some protection, maybe length limitation is enough, to prevent printing a huge request id in log. |
Consider limiting to 36 or 40 bytes for UUID not to be truncated in logs. |
It makes sense if someone wants to trace request flow between many internal systems and sets such header on front proxy (replacing any value provided by client). |
I understand, as you said, "only if admin knows what they are doing". |
In this case, the header is always set by the front proxy, still no need to disable it if it doesn't come from "trusted-ip". IMO this request header is just like
Admins could just use access logs without the RequestID field if they do not want to see or trust the RequestID. At least, this header shouldn't be mixed with |
What about X-Correlation-Id and Correlation-Id? |
custom/conf/app.example.ini
Outdated
;; * E.g: | ||
;; * In reuqest Header: X-Request-ID: test-id-123 | ||
;; * Configuration in app.ini: REQUEST_ID_HEADERS = X-Request-ID | ||
;; * Print in log: 127.0.0.1:58384 - - [14/Feb/2023:16:33:51 +0800] "test-id-123" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh wait, the +
should be +
. There is no HTML, do not use HTML entity.
(And below, many +
)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
emmm...
It seems that template.Execute()
escapes the +
to the HTML entity.
I will try to fix it
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh wait, the
+
should be+
. There is no HTML, do not use HTML entity.(And below, many
+
)
I solved the problem.
Use "text/template"
instead of "html/template"
and no escaping will occur~
But this PR have been passed, do I keep pushing on my own branch?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry, I don't understand why you need text/template or html/template. Aren't these just some comments? Feel free to ignore my comment if that's done by purpose.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This may be a previous bug? Need to create a new PR?
gitea/modules/context/access_log.go
Line 9 in 36d1d5f
"html/template" |
gitea/modules/context/access_log.go
Line 30 in 36d1d5f
logTemplate, _ := template.New("log").Parse(setting.Log.AccessLogTemplate) |
gitea/modules/context/access_log.go
Line 41 in 36d1d5f
err := logTemplate.Execute(buf, routerLoggerOptions{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This may be a previous bug? Need to create a new PR?
It depends. If I was the PR author, I would fix the bug together to save maintainer's time.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
okey, I get it~thx
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@sillyguodong Could you also merge #23013 into this PR?
Hi, you can configure it in |
# Conflicts: # modules/context/access_log.go
Backport #23013 Fix #22906 (comment) Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
…o-gitea#23025) Backport go-gitea#23013 Fix go-gitea#22906 (comment) Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> (cherry picked from commit 8fa62be)
custom/conf/app.example.ini
Outdated
;; * E.g: | ||
;; * In reuqest Header: X-Trace-ID: trace-id-1q2w3e4r | ||
;; * Configuration in app.ini: REQUEST_ID_HEADERS = X-Request-ID, X-Trace-ID, X-Req-ID | ||
;; * Print in log: 127.0.0.1:58384 - - [14/Feb/2023:16:33:51 +0800] "trace-id-1q2w3e4r" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The +
should be fixed.
Codecov Report
📣 This organization is not using Codecov’s GitHub App Integration. We recommend you install it so Codecov can continue to function properly for your repositories. Learn more @@ Coverage Diff @@
## main #22906 +/- ##
==========================================
- Coverage 47.61% 47.58% -0.03%
==========================================
Files 1147 1147
Lines 151196 151213 +17
==========================================
- Hits 71985 71950 -35
- Misses 70700 70761 +61
+ Partials 8511 8502 -9
... and 11 files with indirect coverage changes Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. |
🎺 🤖 |
* giteaofficial/main: Scoped label display and documentation tweaks (go-gitea#23430) Deduplicate template code for label selection menu (go-gitea#23431) Show edit/close/delete button on organization wide repositories (go-gitea#23388) Sync the class change of Edit Column Button to JS code (go-gitea#23400) Preserve file size when creating attachments (go-gitea#23406) [skip ci] Updated translations via Crowdin Use buildkit for docker builds (go-gitea#23415) Refactor branch/tag selector dropdown (first step) (go-gitea#23394) [skip ci] Updated translations via Crowdin Hide target selector if tag exists when creating new release (go-gitea#23171) Parse external request id from request headers, and print it in access log (go-gitea#22906) Add missing tabs to org projects page (go-gitea#22705) Add user webhooks (go-gitea#21563) Handle OpenID discovery URL errors a little nicer when creating/editing sources (go-gitea#23397) Split CI pipelines (go-gitea#23385)
Close: #22890.
Configure in .ini file:
Params in Request Header
Log output: