Don't log requests (#1370)
Fixes #1331 HTTP logging leaks sensitive request information. This PR removes HTTP request logging during panics.
This commit is contained in:
parent
5a75dc7127
commit
ad53619b15
@ -39,8 +39,12 @@ func RecoveryWithWriter(out io.Writer) HandlerFunc {
|
|||||||
if err := recover(); err != nil {
|
if err := recover(); err != nil {
|
||||||
if logger != nil {
|
if logger != nil {
|
||||||
stack := stack(3)
|
stack := stack(3)
|
||||||
httprequest, _ := httputil.DumpRequest(c.Request, false)
|
if IsDebugging() {
|
||||||
logger.Printf("[Recovery] %s panic recovered:\n%s\n%s\n%s%s", timeFormat(time.Now()), string(httprequest), err, stack, reset)
|
httprequest, _ := httputil.DumpRequest(c.Request, false)
|
||||||
|
logger.Printf("[Recovery] %s panic recovered:\n%s\n%s\n%s%s", timeFormat(time.Now()), string(httprequest), err, stack, reset)
|
||||||
|
} else {
|
||||||
|
logger.Printf("[Recovery] %s panic recovered:\n%s\n%s%s", timeFormat(time.Now()), err, stack, reset)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
c.AbortWithStatus(http.StatusInternalServerError)
|
c.AbortWithStatus(http.StatusInternalServerError)
|
||||||
}
|
}
|
||||||
|
@ -24,9 +24,19 @@ func TestPanicInHandler(t *testing.T) {
|
|||||||
w := performRequest(router, "GET", "/recovery")
|
w := performRequest(router, "GET", "/recovery")
|
||||||
// TEST
|
// TEST
|
||||||
assert.Equal(t, http.StatusInternalServerError, w.Code)
|
assert.Equal(t, http.StatusInternalServerError, w.Code)
|
||||||
assert.Contains(t, buffer.String(), "GET /recovery")
|
assert.Contains(t, buffer.String(), "panic recovered")
|
||||||
assert.Contains(t, buffer.String(), "Oupps, Houston, we have a problem")
|
assert.Contains(t, buffer.String(), "Oupps, Houston, we have a problem")
|
||||||
assert.Contains(t, buffer.String(), "TestPanicInHandler")
|
assert.Contains(t, buffer.String(), "TestPanicInHandler")
|
||||||
|
assert.NotContains(t, buffer.String(), "GET /recovery")
|
||||||
|
|
||||||
|
// Debug mode prints the request
|
||||||
|
SetMode(DebugMode)
|
||||||
|
// RUN
|
||||||
|
w = performRequest(router, "GET", "/recovery")
|
||||||
|
// TEST
|
||||||
|
assert.Equal(t, http.StatusInternalServerError, w.Code)
|
||||||
|
assert.Contains(t, buffer.String(), "GET /recovery")
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// TestPanicWithAbort assert that panic has been recovered even if context.Abort was used.
|
// TestPanicWithAbort assert that panic has been recovered even if context.Abort was used.
|
||||||
|
Loading…
Reference in New Issue
Block a user