Opened 6 years ago

#426 new enhancement

log entire header and cookie

Reported by: www.google.com/accounts/o8/id?id=AItOawkZRxeOpA8QUFR-umPsJIlUk5oirEbLJSs Owned by:
Priority: minor Milestone:
Component: nginx-module Version:
Keywords: http-core-module log header Cc:
uname -a: Linux web1 2.6.32-279.2.1.el6.x86_64 #1 SMP Fri Jul 20 01:55:29 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux
nginx -V: nginx version: nginx/1.4.2 built by gcc 4.4.7 20120313 (Red Hat 4.4.7-3) (GCC) TLS SNI support enabled configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-mail --with-mail_ssl_module --with-file-aio --with-ipv6 --with-cc-opt='-O2 -g -pipe -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic'

Description

http://nginx.2469901.n2.nabble.com/Log-entire-header-amp-cookie-td7388501.html

This above nabble link explains the use case.

Basically I have a client who is getting the 400 request headers too large error. Before I blindly increase our limits, I was hoping to know exactly what it was they were sending that was causing the issue. Unfortunately there doesn't seem to be a way for me to log all headers, I have to specify the header I want logged. I can't even be sure of the header they are sending, perhaps it is a malicious header that I'm unaware of.

If the above nabble just didn't mention that the feature was added, I apologize. I have been unable to find any documentation that leads me to believe the feature was added though.

Change History (0)

Note: See TracTickets for help on using tickets.