Change to allow controlling data collected for exceptions. Like post data, headers, cookies, etc

Author: mwatson

Dlls/StackifyLib.ELMAH/StackifyLib.ELMAH.dll

@@ -3,23 +3,104 @@
 using System.Linq;
 using System.Text;
 using System.Configuration;
+using System.Diagnostics;
+using Newtonsoft.Json;
 
 namespace StackifyLib
 {
 	/// <summary>
 	/// Encapsulate settings retrieval mechanism. Currently supports config file and environment variables.
 	/// Could be expanded to include other type of configuration servers later.
 	/// </summary>
-	sealed class Config
+	public class Config
 	{
-		/// <summary>
-		/// Attempts to fetch a setting value given the key.
-		/// .NET configuration file will be used first, if the key is not found, environment variable will be used next.
-		/// </summary>
-		/// <param name="key">configuration key in config file or environment variable name.</param>
-		/// <param name="defaultValue">If nothing is found, return optional defaultValue provided.</param>
-		/// <returns>string value for the requested setting key.</returns>
-		public static string Get(string key, string defaultValue = null)
+	    public static void LoadSettings()
+	    {
+	        try
+	        {
+                CaptureErrorPostdata = Get("Stackify.CaptureErrorPostdata")
+                    .Equals("true", StringComparison.CurrentCultureIgnoreCase);
+
+                CaptureServerVariables = Get("Stackify.CaptureServerVariables")
+                    .Equals("true", StringComparison.CurrentCultureIgnoreCase);
+                CaptureSessionVariables = Get("Stackify.CaptureSessionVariables")
+                    .Equals("true", StringComparison.CurrentCultureIgnoreCase);
+
+                CaptureErrorHeaders = Get("Stackify.CaptureErrorHeaders")
+                    .Equals("true", StringComparison.CurrentCultureIgnoreCase);
+
+                CaptureErrorCookies = Get("Stackify.CaptureErrorCookies")
+                    .Equals("true", StringComparison.CurrentCultureIgnoreCase);
+
+                CaptureErrorHeadersWhitelist = Get("Stackify.CaptureErrorHeadersWhitelist");
+
+	            if (!string.IsNullOrEmpty(CaptureErrorHeadersWhitelist))
+	            {
+	                ErrorHeaderGoodKeys = CaptureErrorHeadersWhitelist.Split(",".ToCharArray(), StringSplitOptions.RemoveEmptyEntries).ToList();
+	            }
+
+                CaptureErrorHeadersBlacklist = Get("Stackify.CaptureErrorHeadersBlacklist");
+                if (!string.IsNullOrEmpty(CaptureErrorHeadersBlacklist))
+                {
+                    ErrorHeaderBadKeys = CaptureErrorHeadersBlacklist.Split(",".ToCharArray(), StringSplitOptions.RemoveEmptyEntries).ToList();
+                }
+
+                CaptureErrorCookiesWhitelist = Get("Stackify.CaptureErrorCookiesWhitelist");
+                if (!string.IsNullOrEmpty(CaptureErrorCookiesWhitelist))
+                {
+                    ErrorCookiesGoodKeys = CaptureErrorCookiesWhitelist.Split(",".ToCharArray(), StringSplitOptions.RemoveEmptyEntries).ToList();
+                }
+
+                CaptureErrorCookiesBlacklist = Get("Stackify.CaptureErrorCookiesBlacklist");
+                if (!string.IsNullOrEmpty(CaptureErrorCookiesBlacklist))
+                {
+                    ErrorCookiesBadKeys = CaptureErrorCookiesBlacklist.Split(",".ToCharArray(), StringSplitOptions.RemoveEmptyEntries).ToList();
+                }
+
+                CaptureErrorSessionWhitelist = Get("Stackify.CaptureErrorSessionWhitelist");
+                if (!string.IsNullOrEmpty(CaptureErrorSessionWhitelist))
+                {
+                    ErrorSessionGoodKeys = CaptureErrorSessionWhitelist.Split(",".ToCharArray(), StringSplitOptions.RemoveEmptyEntries).ToList();
+                }
+	            
+            }
+            catch (Exception ex)
+	        {
+	            Debug.WriteLine(ex.ToString());
+	        }
+        }
+
+        public static List<string> ErrorHeaderGoodKeys = new List<string>();
+        public static List<string> ErrorHeaderBadKeys = new List<string>();
+        public static List<string> ErrorCookiesGoodKeys = new List<string>();
+        public static List<string> ErrorCookiesBadKeys = new List<string>();
+        public static List<string> ErrorSessionGoodKeys = new List<string>();
+
+        public static bool CaptureSessionVariables { get; set; } = false;
+        public static bool CaptureServerVariables { get; set; } = false;
+        public static bool CaptureErrorPostdata { get; set; } = false;
+        public static bool CaptureErrorHeaders { get; set; } = true;
+        public static bool CaptureErrorCookies { get; set; } = false;
+
+        public static string CaptureErrorSessionWhitelist { get; set; } = null;
+
+        public static string CaptureErrorHeadersWhitelist { get; set; } = null;
+
+        public static string CaptureErrorHeadersBlacklist { get; set; } = "cookie,authorization";
+
+        public static string CaptureErrorCookiesWhitelist { get; set; } = null;
+
+        public static string CaptureErrorCookiesBlacklist { get; set; } = ".ASPXAUTH";
+
+
+        /// <summary>
+        /// Attempts to fetch a setting value given the key.
+        /// .NET configuration file will be used first, if the key is not found, environment variable will be used next.
+        /// </summary>
+        /// <param name="key">configuration key in config file or environment variable name.</param>
+        /// <param name="defaultValue">If nothing is found, return optional defaultValue provided.</param>
+        /// <returns>string value for the requested setting key.</returns>
+        internal static string Get(string key, string defaultValue = null)
 		{
 			string v = null;
 			try
@@ -36,7 +117,7 @@ public static string Get(string key, string defaultValue = null)
 				if (v == null)
 					v = defaultValue;
 			}
-			return v;
+			return v ?? "";
 		}
 	}
 }

Dlls/StackifyLib.log4net.Sitecore/StackifyLib.log4net.dll

@@ -26,7 +26,7 @@ public class LogClient : ILogClient
 
         public LogClient(string loggerName, string apikey = null, string apiurl = null)
         {
-
+            Config.LoadSettings();
             StackifyAPILogger.Log("Creating new LogClient " + loggerName);
 
             _LoggerName = loggerName;

Dlls/StackifyLib.log4net.v1_2_10/StackifyLib.log4net.dll

@@ -20,7 +20,7 @@ public override string ToString()
         {
             if (json != null)
             {
-                return message + " " + JsonConvert.SerializeObject(json);
+                return message + " " + JsonConvert.SerializeObject(json, new JsonSerializerSettings{ReferenceLoopHandling = ReferenceLoopHandling.Serialize});
             }
             else
             {

Dlls/StackifyLib.log4net/StackifyLib.log4net.dll

@@ -4,6 +4,7 @@
 using System.Collections.Generic;
 using System.Collections.Specialized;
 using System.IO;
+using System.Linq;
 using System.Web;
 using System.Web.Routing;
 
@@ -132,86 +133,93 @@ private void Load(HttpContext context)
             {
                 if (request.QueryString != null)
                 {
-                    QueryString = ToKeyValues(request.QueryString, false);
+                    QueryString = ToKeyValues(request.QueryString, null, null);
                 }
 
-                if (request.ServerVariables != null)
+                if (request.ServerVariables != null && Config.CaptureServerVariables)
                 {
                     List<string> badKeys = new List<string>();
                     badKeys.AddRange(new string[] { "all_http", "all_raw", "http_cookie" });
 
-                    var serverVars = ToKeyValues(request.ServerVariables, false, badKeys);
+                    var serverVars = ToKeyValues(request.ServerVariables,  null, badKeys);
                     foreach (var serverVar in serverVars)
                     {
                         _Error.ServerVariables[serverVar.Key] = serverVar.Value;
                     }
                 }
 
-                if (request.Headers != null)
+                if (request.Headers != null && Config.CaptureErrorHeaders)
                 {
-                    List<string> badKeys = new List<string>();
-                    badKeys.AddRange(new string[] { "cookie" });
+                    if (Config.ErrorHeaderBadKeys == null)
+                    {
+                        Config.ErrorHeaderBadKeys = new List<string>();
+                    }
+
+                    if (!Config.ErrorHeaderBadKeys.Contains("cookie"))
+                    {
+                        Config.ErrorHeaderBadKeys.Add("cookie");
+                    }
 
-                    Headers = ToKeyValues(request.Headers, false, badKeys);
+                    Headers = ToKeyValues(request.Headers, Config.ErrorHeaderGoodKeys, Config.ErrorHeaderBadKeys);
                 }
 
-                if (request.Cookies != null)
+                if (request.Cookies != null && Config.CaptureErrorCookies)
                 {
-                    Cookies = ToKeyValues(request.Cookies, true);
-
-                    //if (Cookies != null)
-                    //{
-                    //    foreach (var item in Cookies)
-                    //    {
-                    //        Cookies[item.Key] = "X-MASKED-X";
-                    //    }
-                    //}
-
-                    //if (Cookies.ContainsKey(".ASPXAUTH"))
-                    //{
-                    //    Cookies[".ASPXAUTH"] = "X-MASKED-X";
-                    //}
+                    Cookies = ToKeyValues(request.Cookies, Config.ErrorCookiesGoodKeys, Config.ErrorCookiesBadKeys);
                 }
 
-                if (request.Form != null)
+                if (request.Form != null && Config.CaptureErrorPostdata)
                 {
-                    PostData = ToKeyValues(request.Form, true);
-
-                    //if (PostData != null)
-                    //{
-                    //    foreach (var item in PostData)
-                    //    {
-                    //        PostData[item.Key] = "X-MASKED-X";
-                    //    }
-                    //}
+                    PostData = ToKeyValues(request.Form,null, null);
                 }
 
-                if (context.Session != null)
+                if (context.Session != null && Config.CaptureSessionVariables && Config.ErrorSessionGoodKeys.Any())
                 {
-                    SessionData = ToKeyValues(context.Session, true);
+                    SessionData = ToKeyValues(context.Session, Config.ErrorSessionGoodKeys, null);
                 }
 
-                var contentType = context.Request.Headers["Content-Type"];
-
-                if (contentType != "text/html" && contentType != "application/x-www-form-urlencoded" && context.Request.RequestType != "GET")
+                if (Config.CaptureErrorPostdata)
                 {
-                    int length = 4096;
-                    string postBody = new StreamReader(context.Request.InputStream).ReadToEnd();
-                    if (postBody.Length < length)
+                    var contentType = context.Request.Headers["Content-Type"];
+
+                    if (contentType != "text/html" && contentType != "application/x-www-form-urlencoded" &&
+                        context.Request.RequestType != "GET")
                     {
-                        length = postBody.Length;
-                    }
+                        int length = 4096;
+                        string postBody = new StreamReader(context.Request.InputStream).ReadToEnd();
+                        if (postBody.Length < length)
+                        {
+                            length = postBody.Length;
+                        }
 
-                    PostDataRaw = postBody.Substring(0, length);
+                        PostDataRaw = postBody.Substring(0, length);
+                    }
                 }
             }
             catch (Exception)
             {
             }
         }
 
+        internal static void AddKey(string key, string value, Dictionary<string, string> dictionary, List<string> goodKeys, List<string> badKeys)
+        {
+            //is this key in the bad key list?
+            if (badKeys != null && badKeys.Any(x => x.Equals(key, StringComparison.CurrentCultureIgnoreCase)))
+            {
+                dictionary[key] = "X-MASKED-X";
+                return;
+            }
+            //if not in the good key list, return
+            //if good key list is empty, we let it take it
+            else if (goodKeys != null && goodKeys.Any() && !goodKeys.Any(x => x.Equals(key, StringComparison.CurrentCultureIgnoreCase)))
+            {
+                return;
+            }
+
+            dictionary[key] = value;
+        }
 
-        internal static Dictionary<string, string> ToKeyValues(HttpCookieCollection collection, bool keysOnly)
+        internal static Dictionary<string, string> ToKeyValues(HttpCookieCollection collection, List<string> goodKeys, List<string> badKeys)
         {
             var keys = collection.AllKeys;
             var items = new Dictionary<string, string>();
@@ -224,17 +232,8 @@ internal static Dictionary<string, string> ToKeyValues(HttpCookieCollection coll
 
                     if (cookie != null &&  !string.IsNullOrWhiteSpace(cookie.Value) && !items.ContainsKey(key))
                     {
-                     
-                        if (keysOnly)
-                        {
-                            items.Add(key, "X-MASKED-X");
-                        }
-                        else
-                        {
-                            items.Add(key, cookie.Value);
-                        }
+                         AddKey(key, cookie.Value, items, goodKeys, badKeys);
                     }
-
                 }
                 catch (Exception)
                 {
@@ -245,7 +244,7 @@ internal static Dictionary<string, string> ToKeyValues(HttpCookieCollection coll
             return items;
         }
 
-        internal static Dictionary<string, string> ToKeyValues(NameValueCollection collection, bool keysOnly, List<string> skipKeysList = null)
+        internal static Dictionary<string, string> ToKeyValues(NameValueCollection collection, List<string> goodKeys, List<string> badKeys)
         {
             var keys = collection.AllKeys;
             var items = new Dictionary<string, string>();
@@ -254,25 +253,8 @@ internal static Dictionary<string, string> ToKeyValues(NameValueCollection colle
             {
                 try
                 {
-                    if (skipKeysList != null && skipKeysList.Contains(key.ToLower()))
-                    {
-                        continue;
-                    }
-
                     string val = collection[key];
-
-                    if (!string.IsNullOrWhiteSpace(val))
-                    {
-                        if (keysOnly)
-                        {
-                            items.Add(key, "X-MASKED-X");
-                        }
-                        else
-                        {
-                            items.Add(key, val);
-                        }
-                    }
-
+                    AddKey(key, val, items, goodKeys, badKeys);
                 }
                 catch (Exception)
                 {
@@ -284,7 +266,7 @@ internal static Dictionary<string, string> ToKeyValues(NameValueCollection colle
         }
 
 
-        internal static Dictionary<string, string> ToKeyValues(System.Web.SessionState.HttpSessionState collection, bool keysOnly)
+        internal static Dictionary<string, string> ToKeyValues(System.Web.SessionState.HttpSessionState collection, List<string> goodKeys, List<string> badKeys)
         {
             var keys = collection.Keys;
             var items = new Dictionary<string, string>();
@@ -297,14 +279,7 @@ internal static Dictionary<string, string> ToKeyValues(System.Web.SessionState.H
 
                     if (val != null && !string.IsNullOrWhiteSpace(val.ToString()) && items.ContainsKey(key))
                     {
-                        if (keysOnly)
-                        {
-                            items.Add(key, "X-MASKED-X");
-                        }
-                        else
-                        {
-                            items.Add(key, val.ToString());
-                        }
+                        AddKey(key, val.ToString(), items, goodKeys, badKeys);
                     }
 
                 }