Opened 11 years ago
#426 new enhancement
log entire header and cookie
Reported by: | Chris Cooper | Owned by: | |
---|---|---|---|
Priority: | minor | Milestone: | |
Component: | nginx-module | Version: | |
Keywords: | http-core-module log header | Cc: | |
uname -a: | Linux web1 2.6.32-279.2.1.el6.x86_64 #1 SMP Fri Jul 20 01:55:29 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux | ||
nginx -V: |
nginx version: nginx/1.4.2
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-3) (GCC) TLS SNI support enabled configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-mail --with-mail_ssl_module --with-file-aio --with-ipv6 --with-cc-opt='-O2 -g -pipe -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic' |
Description
http://nginx.2469901.n2.nabble.com/Log-entire-header-amp-cookie-td7388501.html
This above nabble link explains the use case.
Basically I have a client who is getting the 400 request headers too large error. Before I blindly increase our limits, I was hoping to know exactly what it was they were sending that was causing the issue. Unfortunately there doesn't seem to be a way for me to log all headers, I have to specify the header I want logged. I can't even be sure of the header they are sending, perhaps it is a malicious header that I'm unaware of.
If the above nabble just didn't mention that the feature was added, I apologize. I have been unable to find any documentation that leads me to believe the feature was added though.