Skip to content

Commit

Permalink
fix(http-logger): avoid empty Authorization header by default (apache…
Browse files Browse the repository at this point in the history
…#7444)

Signed-off-by: spacewander <spacewanderlzx@gmail.com>
  • Loading branch information
spacewander authored and Liu-Junlin committed Nov 4, 2022
1 parent 5393ada commit 1bf61ab
Show file tree
Hide file tree
Showing 4 changed files with 59 additions and 3 deletions.
2 changes: 1 addition & 1 deletion apisix/plugins/http-logger.lua
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ local schema = {
type = "object",
properties = {
uri = core.schema.uri_def,
auth_header = {type = "string", default = ""},
auth_header = {type = "string"},
timeout = {type = "integer", minimum = 1, default = 3},
include_req_body = {type = "boolean", default = false},
include_resp_body = {type = "boolean", default = false},
Expand Down
2 changes: 1 addition & 1 deletion docs/en/latest/plugins/http-logger.md
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ This will allow the ability to send log data requests as JSON objects to monitor
| Name | Type | Required | Default | Valid values | Description |
| ---------------------- | ------- | -------- | ------------- | -------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| uri | string | True | | | URI of the HTTP/HTTPS server. |
| auth_header | string | False | "" | | Authorization headers if required. |
| auth_header | string | False | | | Authorization headers if required. |
| timeout | integer | False | 3 | [1,...] | Time to keep the connection alive for after sending a request. |
| name | string | False | "http logger" | | Unique identifier to identify the logger. |
| include_req_body | boolean | False | false | [false, true] | When set to `true` includes the request body in the log. If the request body is too big to be kept in the memory, it can't be logged due to Nginx's limitations. |
Expand Down
2 changes: 1 addition & 1 deletion docs/zh/latest/plugins/http-logger.md
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ title: http-logger
| 名称 | 类型 | 必选项 | 默认值 | 有效值 | 描述 |
| ---------------- | ------- | ------ | ------------- | ------- | ------------------------------------------------ |
| uri | string | 必须 | | | `HTTP/HTTPS` 服务器的 URI。 |
| auth_header | string | 可选 | "" | | 授权头部。 |
| auth_header | string | 可选 | | | 授权头部。 |
| timeout | integer | 可选 | 3 | [1,...] | 发送请求后保持连接活动的时间。 |
| name | string | 可选 | "http logger" | | 标识 logger 的唯一标识符。 |
| include_req_body | boolean | 可选 | false | [false, true] | 是否包括请求 body。false: 表示不包含请求的 body ; true: 表示包含请求的 body 。 |
Expand Down
56 changes: 56 additions & 0 deletions t/plugin/http-logger2.t
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,13 @@ add_block_preprocessor(sub {
}
}
location /http-logger/Authorization {
content_by_lua_block {
ngx.log(ngx.WARN, "received Authorization header: [", ngx.var.http_authorization, "]")
ngx.say("OK")
}
}
location /http-logger/center {
content_by_lua_block {
local function str_split(str, reps)
Expand Down Expand Up @@ -253,3 +260,52 @@ test-http-logger-response
request.body:test-http-logger-request
response.body:test-http-logger-response
--- wait: 1.5
=== TEST 8: test default Authorization header sent to the log server
--- config
location /t {
content_by_lua_block {
local t = require("lib.test_admin").test
local code, body = t('/apisix/admin/routes/1',
ngx.HTTP_PUT,
[[{
"methods": ["POST"],
"plugins": {
"http-logger": {
"uri": "http://127.0.0.1:12001/http-logger/Authorization",
"batch_max_size": 1,
"max_retry_count": 1,
"retry_delay": 2,
"buffer_duration": 2,
"inactive_timeout": 2
}
},
"upstream": {
"nodes": {
"127.0.0.1:12001": 1
},
"type": "roundrobin"
},
"uri": "/http-logger/test"
}]])
if code >= 300 then
ngx.status = code
end
ngx.say(body)
}
}
--- response_body
passed
=== TEST 9: hit
--- request
POST /http-logger/test
test-http-logger-request
--- error_log
received Authorization header: [nil]
--- wait: 1.5

0 comments on commit 1bf61ab

Please sign in to comment.