You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by sp...@apache.org on 2022/08/17 09:29:13 UTC
[apisix] 11/12: fix(http-logger): avoid empty Authorization header by default (#7444)
This is an automated email from the ASF dual-hosted git repository.
spacewander pushed a commit to branch release/2.13
in repository https://gitbox.apache.org/repos/asf/apisix.git
commit 7268fe7aa689aa08a5113f73d627db42a63d1b0f
Author: 罗泽轩 <sp...@gmail.com>
AuthorDate: Wed Jul 13 13:49:54 2022 +0800
fix(http-logger): avoid empty Authorization header by default (#7444)
Signed-off-by: spacewander <sp...@gmail.com>
---
apisix/plugins/http-logger.lua | 2 +-
docs/en/latest/plugins/http-logger.md | 23 +++++++-------
docs/zh/latest/plugins/http-logger.md | 2 +-
t/plugin/http-logger2.t | 56 +++++++++++++++++++++++++++++++++++
4 files changed, 69 insertions(+), 14 deletions(-)
diff --git a/apisix/plugins/http-logger.lua b/apisix/plugins/http-logger.lua
index 3d3ebdfb4..93cd8c9be 100644
--- a/apisix/plugins/http-logger.lua
+++ b/apisix/plugins/http-logger.lua
@@ -33,7 +33,7 @@ local schema = {
type = "object",
properties = {
uri = core.schema.uri_def,
- auth_header = {type = "string", default = ""},
+ auth_header = {type = "string"},
timeout = {type = "integer", minimum = 1, default = 3},
include_req_body = {type = "boolean", default = false},
include_resp_body = {type = "boolean", default = false},
diff --git a/docs/en/latest/plugins/http-logger.md b/docs/en/latest/plugins/http-logger.md
index 0cfffefc5..673ba001b 100644
--- a/docs/en/latest/plugins/http-logger.md
+++ b/docs/en/latest/plugins/http-logger.md
@@ -29,18 +29,17 @@ This will provide the ability to send Log data requests as JSON objects to Monit
## Attributes
-| Name | Type | Requirement | Default | Valid | Description |
-| ---------------- | ------- | ----------- | ------------- | ------- | ---------------------------------------------------------------------------------------- |
-| uri | string | required | | | The URI of the `HTTP/HTTPS` server. |
-| auth_header | string | optional | "" | | Any authorization headers. |
-| timeout | integer | optional | 3 | [1,...] | Time to keep the connection alive after sending a request. |
-| name | string | optional | "http logger" | | A unique identifier to identity the logger. |
-| include_req_body | boolean | optional | false | [false, true] | Whether to include the request body. false: indicates that the requested body is not included; true: indicates that the requested body is included. Note: if the request body is too big to be kept in the memory, it can't be logged due to Nginx's limitation. |
-| include_resp_body| boolean | optional | false | [false, true] | Whether to include the response body. The response body is included if and only if it is `true`. |
-| include_resp_body_expr | array | optional | | | When `include_resp_body` is true, control the behavior based on the result of the [lua-resty-expr](https://github.com/api7/lua-resty-expr) expression. If present, only log the response body when the result is true. |
-| concat_method | string | optional | "json" | ["json", "new_line"] | Enum type: `json` and `new_line`. **json**: use `json.encode` for all pending logs. **new_line**: use `json.encode` for each pending log and concat them with "\n" line. |
-| ssl_verify | boolean | optional | false | [false, true] | Whether to verify certificate. |
-
+| Name | Type | Required | Default | Valid values | Description |
+| ---------------------- | ------- | -------- | ------------- | -------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
+| uri | string | True | | | URI of the HTTP/HTTPS server. |
+| auth_header | string | False | | | Authorization headers if required. |
+| timeout | integer | False | 3 | [1,...] | Time to keep the connection alive for after sending a request. |
+| name | string | False | "http logger" | | Unique identifier to identify the logger. |
+| include_req_body | boolean | False | false | [false, true] | When set to `true` includes the request body in the log. If the request body is too big to be kept in the memory, it can't be logged due to Nginx's limitations. |
+| include_resp_body | boolean | False | false | [false, true] | When set to `true` includes the response body in the log. |
+| include_resp_body_expr | array | False | | | When the `include_resp_body` attribute is set to `true`, use this to filter based on [lua-resty-expr](https://github.com/api7/lua-resty-expr). If present, only logs the response if the expression evaluates to `true`. |
+| concat_method | string | False | "json" | ["json", "new_line"] | Sets how to concatenate logs. When set to `json`, uses `json.encode` for all pending logs and when set to `new_line`, also uses `json.encode` but uses the newline (`\n`) to concatenate lines. |
+| ssl_verify | boolean | False | false | [false, true] | When set to `true` verifies the SSL certificate. |
The plugin supports the use of batch processors to aggregate and process entries(logs/data) in a batch. This avoids frequent data submissions by the plugin, which by default the batch processor submits data every `5` seconds or when the data in the queue reaches `1000`. For information or custom batch processor parameter settings, see [Batch-Processor](../batch-processor.md#configuration) configuration section.
## How To Enable
diff --git a/docs/zh/latest/plugins/http-logger.md b/docs/zh/latest/plugins/http-logger.md
index ddb270b20..e0d384761 100644
--- a/docs/zh/latest/plugins/http-logger.md
+++ b/docs/zh/latest/plugins/http-logger.md
@@ -32,7 +32,7 @@ title: http-logger
| 名称 | 类型 | 必选项 | 默认值 | 有效值 | 描述 |
| ---------------- | ------- | ------ | ------------- | ------- | ------------------------------------------------ |
| uri | string | 必须 | | | `HTTP/HTTPS` 服务器的 URI。 |
-| auth_header | string | 可选 | "" | | 授权头部。 |
+| auth_header | string | 可选 | | | 授权头部。 |
| timeout | integer | 可选 | 3 | [1,...] | 发送请求后保持连接活动的时间。 |
| name | string | 可选 | "http logger" | | 标识 logger 的唯一标识符。 |
| include_req_body | boolean | 可选 | false | [false, true] | 是否包括请求 body。false: 表示不包含请求的 body ; true: 表示包含请求的 body 。 |
diff --git a/t/plugin/http-logger2.t b/t/plugin/http-logger2.t
index 688bc8bc3..f99c11483 100644
--- a/t/plugin/http-logger2.t
+++ b/t/plugin/http-logger2.t
@@ -42,6 +42,13 @@ add_block_preprocessor(sub {
}
}
+ location /http-logger/Authorization {
+ content_by_lua_block {
+ ngx.log(ngx.WARN, "received Authorization header: [", ngx.var.http_authorization, "]")
+ ngx.say("OK")
+ }
+ }
+
location /http-logger/center {
content_by_lua_block {
local function str_split(str, reps)
@@ -253,3 +260,52 @@ test-http-logger-response
request.body:test-http-logger-request
response.body:test-http-logger-response
--- wait: 1.5
+
+
+
+=== TEST 8: test default Authorization header sent to the log server
+--- config
+ location /t {
+ content_by_lua_block {
+ local t = require("lib.test_admin").test
+ local code, body = t('/apisix/admin/routes/1',
+ ngx.HTTP_PUT,
+ [[{
+ "methods": ["POST"],
+ "plugins": {
+ "http-logger": {
+ "uri": "http://127.0.0.1:12001/http-logger/Authorization",
+ "batch_max_size": 1,
+ "max_retry_count": 1,
+ "retry_delay": 2,
+ "buffer_duration": 2,
+ "inactive_timeout": 2
+ }
+ },
+ "upstream": {
+ "nodes": {
+ "127.0.0.1:12001": 1
+ },
+ "type": "roundrobin"
+ },
+ "uri": "/http-logger/test"
+ }]])
+
+ if code >= 300 then
+ ngx.status = code
+ end
+ ngx.say(body)
+ }
+ }
+--- response_body
+passed
+
+
+
+=== TEST 9: hit
+--- request
+POST /http-logger/test
+test-http-logger-request
+--- error_log
+received Authorization header: [nil]
+--- wait: 1.5