Class: RightSupport::Rack::RequestLogger

Inherits:

Object

• Object
• RightSupport::Rack::RequestLogger

Defined in:

lib/right_support/rack/request_logger.rb

Overview

A Rack middleware that logs information about every HTTP request received and every exception raised while processing a request.

The middleware can be configured to use its own logger, but defaults to using env for logging if it is present. If ‘rack.logger’ is not set, this middleware will set it before calling the next middleware. Therefore, RequestLogger can be used standalone to fulfill all logging needs, or combined with Rack::Logger or another middleware that provides logging services.

Constant Summary

BACKTRACE_LIMIT =

default backtrace limit that can be overridden by configuring the middleware with a specific :backtrace_limit value.

10

DEBUG_MODE_ENV_KEY =

for debug-mode only logging. debug-mode can also be enabled by the “X-Debug=<anything>” header.

'rack.debug-mode'.freeze

DEBUG_MODE =

::ENV['DEBUG_MODE'] == 'true'

DEBUG_MODE_HTTP_HEADER =

'HTTP_X_DEBUG'

RACK_LOGGER =

defaults to STDERR by Rack but usually overridden to use syslog, etc.

'rack.logger'.freeze

RACK_LOGGING_ENABLED =

indicates whether current request is enabled for logging by filter, etc.

'rack.logging.enabled'.freeze

NORMALIZE_40X =

list of status codes that are ‘normalized’ when :normalize_40x=true normalization means stripping any developer-provided details to avoid leaking information about the service. overridden by DEBUG_MODE=true but specifically not affected by the ‘X-Debug’ header.

[401, 403, 404]

Class Method Summary

• .canonicalize_header_key(key) ⇒ Object deprecated Deprecated.

  in favor of RightSupport::Data::HashTools.canonicalize_header_key

• .format_exception_message(e, backtrace_decoder = nil) ⇒ String

  Formats a concise error message with limited backtrace, etc.

• .header_value_get(headers, key) ⇒ Object deprecated Deprecated.

  in favor of RightSupport::Data::HashTools.header_value_get

• .header_value_set(headers, key, value) ⇒ Object deprecated Deprecated.

  in favor of RightSupport::Data::HashTools.header_value_set

• .request_uuid_from_env(env) ⇒ String

  Accepted/generated request UUID or else ‘missing’ to indicate that the RequestTracker middleware is missing.

Instance Method Summary

• #call(env) ⇒ Object

  Add a logger to the Rack environment and call the next middleware.

• #initialize(app, options = {}) ⇒ RequestLogger constructor

  Initialize an instance of the middleware, optionally providing a whitelist (:only) or a blacklist (:except) of path regexps to which request logging will apply.

Constructor Details

#initialize(app, options = {}) ⇒ RequestLogger

Initialize an instance of the middleware, optionally providing a whitelist

(:only) or a blacklist (:except) of path regexps to which request logging
will apply.

Parameters:

• app (Object) —

  inner application or middleware layer; must respond to #call.

• options (Hash) (defaults to: {})

Options Hash (options):

• :only (Array) —

  log for these path Regexps unless in debug mode.

• :except (Array) —

  log except for these path Regexps unless in debug mode; this option is ignored if :only is provided.

• :include_query_string (Array) —

  log the contents of the query string.

• :logger (Logger) —

  to override any previously set logger or nil. Rack sets a STDERR logger by default or it may be set by other framework middleware so this is only for when those are not used.

• :normalize_40x (TrueClass|FalseClass) —

  to remove detail from some 40x responses for security reasons. default=false.

• :normalize_40x_set_cookie (TrueClass|FalseClass) —

  to override the usual global session behavior of always responding with a ‘Set-Cookie’ header regardless of status code. defaults to having the same value as the :normalize_40x option.

• :backtrace_limit (Integer) —

  maximum number of stack frames to display on error or negative for all (default = 10)

# File 'lib/right_support/rack/request_logger.rb', line 84

def initialize(app, options = {})
  @app = app
  @only = options[:only] || []
  @except = options[:except] || []
  # by default we don't log the query string contents because it may have sensitive data.
  @include_query_string = options[:include_query_string] || false
  @logger = options[:logger]
  @normalize_40x = !!options[:normalize_40x]
  @normalize_40x_set_cookie = options[:normalize_40x_set_cookie]
  @normalize_40x_set_cookie = @normalize_40x if @normalize_40x_set_cookie.nil?
  @backtrace_decoder = ::RightSupport::Notifier::Utility::BacktraceDecoder.new(
    backtrace_limit: Integer(options[:backtrace_limit] || BACKTRACE_LIMIT))
end

Class Method Details

.canonicalize_header_key(key) ⇒ Object

Deprecated.

in favor of RightSupport::Data::HashTools.canonicalize_header_key

# File 'lib/right_support/rack/request_logger.rb', line 189

def self.canonicalize_header_key(key)
  # the legacy implementation is train-case but HashTools uses the more
  # commonly accepted Canonical-Key style (preferred by golang, etc).
  key.downcase.gsub('_', '-')
end

.format_exception_message(e, backtrace_decoder = nil) ⇒ String

Formats a concise error message with limited backtrace, etc.

Parameters:

• e (Exception) —

  to format

• e (Exception) —

  to format

Returns:

• (String) —

  formatted error

# File 'lib/right_support/rack/request_logger.rb', line 211

def self.format_exception_message(e, backtrace_decoder = nil)
  backtrace_decoder ||= ::RightSupport::Notifier::Utility::BacktraceDecoder.new
  trace = ::RightSupport::Notifier::Utility::BacktraceDecoder.format_frames(
    backtrace_decoder.decode(e.backtrace))
  kind = e.class.name
  if (msg = e.message) && !msg.empty? && msg != kind
    kind = "#{kind}: #{msg}"
  end
  [kind, trace].join("\n")
end

.header_value_get(headers, key) ⇒ Object

Deprecated.

in favor of RightSupport::Data::HashTools.header_value_get

# File 'lib/right_support/rack/request_logger.rb', line 196

def self.header_value_get(headers, key)
  return ::RightSupport::Data::HashTools.header_value_get(headers, key)
end

.header_value_set(headers, key, value) ⇒ Object

Deprecated.

in favor of RightSupport::Data::HashTools.header_value_set

# File 'lib/right_support/rack/request_logger.rb', line 201

def self.header_value_set(headers, key, value)
  return ::RightSupport::Data::HashTools.header_value_set(headers, key, value)
end

.request_uuid_from_env(env) ⇒ String

Returns accepted/generated request UUID or else ‘missing’ to indicate that the RequestTracker middleware is missing.

Returns:

• (String) —

  accepted/generated request UUID or else ‘missing’ to indicate that the RequestTracker middleware is missing.

# File 'lib/right_support/rack/request_logger.rb', line 224

def self.request_uuid_from_env(env)
  env[RequestTracker::REQUEST_UUID_ENV_NAME] || 'missing'
end

Instance Method Details

#call(env) ⇒ Object

Add a logger to the Rack environment and call the next middleware.

Parameters:

• env (Hash) —

  Rack environment

Options Hash (env):

• 'rack.logging.enabled' (TrueClass|FalseClass) —

  in Rack environment to indicate whether logging is enabled for this request for use by other middleware in the call chain.

• 'sinatra.error' (TrueClass|FalseClass) —

  is set by Sinatra to pass error info (exception object) to handlers.

• 'sinatra.error.handled' (TrueClass|FalseClass) —

  is true to prevent any additional error handlers in the call chain from processing an error that has already handled been handled (i.e. log and response) (default = false).

Returns:

• (Object) —

  always returns whatever value is returned by the next layer of middleware

# File 'lib/right_support/rack/request_logger.rb', line 113

def call(env)
  # forward-declare in case of exception.
  enabled = true

  # override logger, if necessary.
  if @logger
    logger = env[RACK_LOGGER] = @logger
  else
    logger = env[RACK_LOGGER]
  end

  # determine if debug-mode is enabled.
  env[DEBUG_MODE_ENV_KEY] = debug_enabled?(env)

  # log request only when enabled.
  env[RACK_LOGGING_ENABLED] = enabled = logging_enabled?(logger, env)
  began_at = Time.now
  log_request_begin(logger, env) if enabled

  # next
  status, headers, body = @app.call(env)

  # log exception, if necessary.
  if env['sinatra.error'] && !env['sinatra.error.handled']
    if !enabled
      # after the fact but better than logging exception without its request.
      log_request_begin(logger, env)
      enabled = true
    end
    log_exception(logger, env['sinatra.error'])
  elsif !enabled && env[RACK_LOGGING_ENABLED]
    # controller can conditionally enable logging for the current request
    # even though by default such requests are not logged. an example is a
    # periodic request for a listing (scheduled tasks, etc.) that is only
    # logged when not empty.
    log_request_begin(logger, env)
    enabled = true
  end

  # respond identically to some 40Xs; do not reveal any internals by
  # varying the response headers or body (as developers tend to do for
  # debugging reasons). public APIs will receive such requests frequently
  # but this is generally not needed for internal APIs.
  #
  # note that it is important to *not* accept the "X-Debug" header override
  # and show more information in response ;)
  if @normalize_40x && !DEBUG_MODE && NORMALIZE_40X.include?(status)
    # note that ::Rack::CONTENT_LENGTH was not defined before rack v1.6+ :@
    headers = { 'Content-Length' => '0' }
    body = []
    env[DEBUG_MODE_ENV_KEY] = false  # disable any verbose debugging
  end

  # defeat global session renew, update and set-cookie for normalized 40x.
  # has no effect if the app is not using global session middleware.
  if @normalize_40x_set_cookie && NORMALIZE_40X.include?(status)
    env['global_session.req.renew'] = false
    env['global_session.req.update'] = false
  end

  # log response only when enabled.
  if enabled
    log_request_end(logger, env, status, headers, body, began_at)
  end

  return [status, headers, body]
rescue Exception => e
  if !enabled
    # after the fact but better than logging exception without its request.
    log_request_begin(logger, env)
  end
  log_exception(logger, e)
  raise
end