logging: filter out http 403 messages in request context filter (#56711)
This commit is contained in:
parent
f9de8f6f6d
commit
ded8905ebc
|
@ -54,6 +54,10 @@ class RequestContextFilter(logging.Filter):
|
|||
|
||||
Inspired by django-log-request-id
|
||||
"""
|
||||
# remove http 403 records, already logged by uwsgi
|
||||
if hasattr(record, 'status_code') and record.status_code == 403:
|
||||
return False
|
||||
|
||||
# prevent multiple execution on the same record
|
||||
if getattr(record, 'request_context', False):
|
||||
return True
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
import logging
|
||||
|
||||
from django.conf.urls import url
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.http import HttpResponse
|
||||
|
||||
|
||||
|
@ -8,6 +9,8 @@ def helloworld(request):
|
|||
logging.getLogger(__name__).error('wat!')
|
||||
if 'raise' in request.GET:
|
||||
raise Exception('wat!')
|
||||
if 'forbidden' in request.GET:
|
||||
raise PermissionDenied('forbidden access')
|
||||
request.META['CSRF_COOKIE_USED'] = True
|
||||
request.META['CSRF_COOKIE'] = 'xxx'
|
||||
return HttpResponse('Hello world %s' % request.META['REMOTE_ADDR'])
|
||||
|
|
|
@ -3,6 +3,7 @@ import logging
|
|||
import pytest
|
||||
from _pytest.logging import LogCaptureHandler
|
||||
from django.contrib.auth.models import User
|
||||
from django.test import override_settings
|
||||
from tenant_schemas.utils import tenant_context
|
||||
|
||||
from hobo.journal import JournalHandler
|
||||
|
@ -35,6 +36,21 @@ def test_request_context_filter(caplog, settings, tenants, client):
|
|||
user.save()
|
||||
user.saml_identifiers.create(name_id='ab' * 16, issuer='https://idp.example.com')
|
||||
|
||||
for tenant in tenants:
|
||||
settings.ALLOWED_HOSTS.append(tenant.domain_url)
|
||||
with override_settings(ROOT_URLCONF='hobo.test_urls'):
|
||||
client.get(
|
||||
'/?forbidden=123',
|
||||
SERVER_NAME=tenant.domain_url,
|
||||
HTTP_X_FORWARDED_FOR='99.99.99.99, 127.0.0.1',
|
||||
)
|
||||
records = [record for record in caplog.records]
|
||||
assert len(records) == 2 # on test_urls' "wat!" test error has been logged
|
||||
for record in records:
|
||||
assert not hasattr(record, 'status_code') # hence no 403 logged
|
||||
assert record.msg != 'forbidden access'
|
||||
caplog.clear()
|
||||
|
||||
for tenant in tenants:
|
||||
settings.ALLOWED_HOSTS.append(tenant.domain_url)
|
||||
with tenant_context(tenant):
|
||||
|
|
Loading…
Reference in New Issue