Comments (4)
georgefeakes
commented on May 25, 2024
I've been looking into doing this with a custom filter but the documentation is fairly limited around this.
So far I have this:
public class SensitiveDataFilter : IErrorFilter
{
public void OnErrorModuleFiltering(object sender, ExceptionFilterEventArgs args)
{
var httpContext = args.Context as HttpContext;
var formkeys = httpContext.Request.Form.Keys;
var sensitiveFormData = formkeys.Where(key => key.Contains("Password", StringComparison.OrdinalIgnoreCase)).ToList();
if (sensitiveFormData.Count == 0)
return;
var error = new Error(args.Exception, httpContext);
sensitiveFormData.ForEach(x => error.Form.Set(x, "*****"));
args.Dismiss();
}
}
Struggling to rethrow the newly created error so that the log still contains the entry without the sensitive data. If I remove the arg.Dismiss(); line the log entry is made but no changes to the form data obviously.
Any ideas how to throw a new error as part of this hook?
from elmahcore.
danielDevelops
commented on May 25, 2024
I ended up creating a fork off of this project and adding Func<HttpContext, Error, Task> onError as a parameter to the init. Then I could intercept the error and modify the values prior to them being logged to the db.
from elmahcore.
georgefeakes
commented on May 25, 2024
@danielDevelops Not quite sure I follow what you mean. Got an example of this at all? Thanks
from elmahcore.
cbolivar82
commented on May 25, 2024
Hey There,
I found a solution to remove values in the Request Form. In my case, our project is in dotnet core 6 and We saved the errors in a table in SQL Server, so I have created a custom SqlErrorLog to override the Log() method and remove the value in the form collection.
This is my Elmah settings:
.AddElmah<MySQLErr>(options => { options.Path = "myerrors"; options.ApplicationName = "WebAPI"; options.ConnectionString = "xxx"; });
This is my custom class:
`
public class MySQLErr : SqlErrorLog
{
public mySQLErr(IOptions option) : base(option)
{
}
public mySQLErr(string connectionString) : base(connectionString)
{
}
public mySQLErr(string connectionString, string schemaName, string tableName) : base(connectionString, schemaName, tableName)
{
}
public override string Log(Error error)
{
var formKeys = error.Form.AllKeys;
if (formKeys.HasValue())
{
int formKeysLength = formKeys.Length;
for (int i = 0; i < formKeysLength; i++)
{
if (formKeys[i].Equals("password", StringComparison.InvariantCultureIgnoreCase))
{
// Remove password
error.Form.Remove(formKeys[i]);
}
}
}
return base.Log(error);
}
}
`
from elmahcore.
Related Issues (20)
- High CPU usage when a specific log appear HOT 1
- is publish package available
- Elmah Generates Error Request did not match any endpoints
- ElmahCore.Mvc.ErrorWrapper IsMobile method requires length check
- UI - Scrollbar not showing until window resize
- Possible to disable connections to ip-api.com? HOT 1
- ElmahCore in ASPNET Core 7 Web API throws 404 /favicon.ico Not Found error... HOT 6
- Out Of Memory Exception
- The log file path can't change to my desired path HOT 1
- Secure error page without authentication? HOT 1
- 2.2 Version Available in the NuGet Package? HOT 3
- Remove Sensitive Information HOT 4
- UI not coming up with React SPA
- How to remove Source tab in the ElmahCore Dashboard
- Remove SqlLogs from AllXml?
- Notifiers (and probably Filters as well) should be registered through Dependency Injection HOT 1
- Very slow ErrorDetailHelper.MarkupStackTrace call with text from in a docker container.
- Repo & project link wrong way around
- Set license expression on nuget packages
- Optimise dependencies by using frameworks
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from elmahcore.