annotate mod_http_logging/mod_http_logging.lua @ 5404:1087f697c3f3

mod_http_oauth2: Strip unknown extra fields from client registration We shouldn't sign things we don't understand! RFC 7591 section-2 states: > The authorization server MUST ignore any client metadata sent by the > client that it does not understand (for instance, by silently removing > unknown metadata from the client's registration record during > processing). Prevents grandfathering in of unvalidated data that might become used later, especially since the 'additionalProperties' schema keyword was removed in 698fef74ce53
author Kim Alvefur <zash@zash.se>
date Tue, 02 May 2023 16:23:40 +0200
parents c89be016a075
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1882
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 -- mod_http_logging
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2 --
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3 -- Copyright (C) 2015 Kim Alvefur
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4 --
1883
c625ed20ebda mod_http_logging: MIT
Kim Alvefur <zash@zash.se>
parents: 1882
diff changeset
5 -- This project is MIT/X11 licensed. Please see the
c625ed20ebda mod_http_logging: MIT
Kim Alvefur <zash@zash.se>
parents: 1882
diff changeset
6 -- COPYING file in the source package for more information.
c625ed20ebda mod_http_logging: MIT
Kim Alvefur <zash@zash.se>
parents: 1882
diff changeset
7 --
1882
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
8 -- Produces HTTP logs in the style of Apache
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
9 --
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10 -- TODO
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11 -- * Configurable format?
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
13 module:set_global();
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
14
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
15 local server = require "net.http.server";
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
16
2966
678be8ea4d38 mod_http_logging: Factor out body length calculation
Kim Alvefur <zash@zash.se>
parents: 2965
diff changeset
17 local function get_content_len(response, body)
678be8ea4d38 mod_http_logging: Factor out body length calculation
Kim Alvefur <zash@zash.se>
parents: 2965
diff changeset
18 local len = response.headers.content_length;
678be8ea4d38 mod_http_logging: Factor out body length calculation
Kim Alvefur <zash@zash.se>
parents: 2965
diff changeset
19 if len then return len; end
2971
c89be016a075 mod_http_logging: Fix typo [luacheck]
Kim Alvefur <zash@zash.se>
parents: 2969
diff changeset
20 if not body then body = response.body; end
2966
678be8ea4d38 mod_http_logging: Factor out body length calculation
Kim Alvefur <zash@zash.se>
parents: 2965
diff changeset
21 if body then return #tostring(body); end
678be8ea4d38 mod_http_logging: Factor out body length calculation
Kim Alvefur <zash@zash.se>
parents: 2965
diff changeset
22 end
678be8ea4d38 mod_http_logging: Factor out body length calculation
Kim Alvefur <zash@zash.se>
parents: 2965
diff changeset
23
2965
557c976735e1 mod_http_logging: Factor out logging into a function for future reuse
Kim Alvefur <zash@zash.se>
parents: 2163
diff changeset
24 local function log_response(response, body)
2966
678be8ea4d38 mod_http_logging: Factor out body length calculation
Kim Alvefur <zash@zash.se>
parents: 2965
diff changeset
25 local len = tostring(get_content_len(response, body) or "-");
2965
557c976735e1 mod_http_logging: Factor out logging into a function for future reuse
Kim Alvefur <zash@zash.se>
parents: 2163
diff changeset
26 local request = response.request;
2968
569b98d6fca1 mod_http_logging: Be robust against missing connection object
Kim Alvefur <zash@zash.se>
parents: 2967
diff changeset
27 local ip = request.ip;
569b98d6fca1 mod_http_logging: Be robust against missing connection object
Kim Alvefur <zash@zash.se>
parents: 2967
diff changeset
28 if not ip and request.conn then
569b98d6fca1 mod_http_logging: Be robust against missing connection object
Kim Alvefur <zash@zash.se>
parents: 2967
diff changeset
29 ip = request.conn:ip();
569b98d6fca1 mod_http_logging: Be robust against missing connection object
Kim Alvefur <zash@zash.se>
parents: 2967
diff changeset
30 end
2965
557c976735e1 mod_http_logging: Factor out logging into a function for future reuse
Kim Alvefur <zash@zash.se>
parents: 2163
diff changeset
31 local req = string.format("%s %s HTTP/%s", request.method, request.path, request.httpversion);
557c976735e1 mod_http_logging: Factor out logging into a function for future reuse
Kim Alvefur <zash@zash.se>
parents: 2163
diff changeset
32 local date = os.date("%d/%m/%Y:%H:%M:%S %z");
2966
678be8ea4d38 mod_http_logging: Factor out body length calculation
Kim Alvefur <zash@zash.se>
parents: 2965
diff changeset
33 module:log("info", "%s - - [%s] \"%s\" %d %s", ip, date, req, response.status_code, len);
2965
557c976735e1 mod_http_logging: Factor out logging into a function for future reuse
Kim Alvefur <zash@zash.se>
parents: 2163
diff changeset
34 end
557c976735e1 mod_http_logging: Factor out logging into a function for future reuse
Kim Alvefur <zash@zash.se>
parents: 2163
diff changeset
35
1882
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
36 local send_response = server.send_response;
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
37 local function log_and_send_response(response, body)
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
38 if not response.finished then
2965
557c976735e1 mod_http_logging: Factor out logging into a function for future reuse
Kim Alvefur <zash@zash.se>
parents: 2163
diff changeset
39 log_response(response, body);
1882
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
40 end
2163
88fec2b2bd58 mod_http_logging: Fix endless loop on 0.9.x (Thanks Mint)
Kim Alvefur <zash@zash.se>
parents: 1883
diff changeset
41 return send_response(response, body);
1882
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
42 end
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
43
2969
8681729a47d5 mod_http_logging: Wrap API for sending data from file handles
Kim Alvefur <zash@zash.se>
parents: 2968
diff changeset
44 local send_file = server.send_file;
8681729a47d5 mod_http_logging: Wrap API for sending data from file handles
Kim Alvefur <zash@zash.se>
parents: 2968
diff changeset
45 local function log_and_send_file(response, f)
8681729a47d5 mod_http_logging: Wrap API for sending data from file handles
Kim Alvefur <zash@zash.se>
parents: 2968
diff changeset
46 if not response.finished then
8681729a47d5 mod_http_logging: Wrap API for sending data from file handles
Kim Alvefur <zash@zash.se>
parents: 2968
diff changeset
47 log_response(response);
8681729a47d5 mod_http_logging: Wrap API for sending data from file handles
Kim Alvefur <zash@zash.se>
parents: 2968
diff changeset
48 end
8681729a47d5 mod_http_logging: Wrap API for sending data from file handles
Kim Alvefur <zash@zash.se>
parents: 2968
diff changeset
49 return send_file(response, f);
8681729a47d5 mod_http_logging: Wrap API for sending data from file handles
Kim Alvefur <zash@zash.se>
parents: 2968
diff changeset
50 end
8681729a47d5 mod_http_logging: Wrap API for sending data from file handles
Kim Alvefur <zash@zash.se>
parents: 2968
diff changeset
51
1882
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
52 if module.wrap_object_event then
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
53 -- Use object event wrapping, allows clean unloading of the module
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
54 module:wrap_object_event(server._events, false, function (handlers, event_name, event_data)
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
55 if event_data.response then
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
56 event_data.response.send = log_and_send_response;
2969
8681729a47d5 mod_http_logging: Wrap API for sending data from file handles
Kim Alvefur <zash@zash.se>
parents: 2968
diff changeset
57 event_data.response.send_file = log_and_send_file;
1882
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
58 end
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
59 return handlers(event_name, event_data);
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
60 end);
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
61 else
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
62 -- Fall back to monkeypatching, unlikely to behave nicely in the
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
63 -- presence of other modules also doing this
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
64 server.send_response = log_and_send_response;
2969
8681729a47d5 mod_http_logging: Wrap API for sending data from file handles
Kim Alvefur <zash@zash.se>
parents: 2968
diff changeset
65 server.send_file = log_and_send_file;
1882
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
66 function module.unload()
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
67 server.send_response = send_response;
2969
8681729a47d5 mod_http_logging: Wrap API for sending data from file handles
Kim Alvefur <zash@zash.se>
parents: 2968
diff changeset
68 server.send_file = send_file;
1882
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
69 end
99863a6a7b8c mod_http_logging: Produce HTTP logs in the style of Apache
Kim Alvefur <zash@zash.se>
parents:
diff changeset
70 end