Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

log client_ip field with real ip value (#209) #210

Merged
merged 1 commit into from
Sep 9, 2022
Merged

log client_ip field with real ip value (#209) #210

merged 1 commit into from
Sep 9, 2022

Conversation

sk1m
Copy link

@sk1m sk1m commented Sep 8, 2022

log client_ip field with real ip value (#209)

Summary

Type

[] Bug fix
[] Feature request
[+] Enhancement
[] Docs

Why?

Requirements

How to try it?

Documentation

Additional Information

Checklist:

  • My change requires a change to the documentation or CHANGELOG.
  • I have updated the documentation/CHANGELOG accordingly.

@p53
Copy link

p53 commented Sep 9, 2022

i think it would be better to log both, +1 for pull request+tests

@p53 p53 added the enhancement New feature or request label Sep 9, 2022
@p53 p53 added this to In progress in Gatekeeper via automation Sep 9, 2022
@p53 p53 added this to the 1.7.0 milestone Sep 9, 2022
@sk1m
Copy link
Author

sk1m commented Sep 9, 2022

@p53 changed to log both, thanks

github-advanced-security[bot]
github-advanced-security bot found potential problems Sep 9, 2022
View reviewed changes
forwarding.go Fixed Show fixed Hide fixed
handlers.go Fixed Show fixed Hide fixed
handlers.go Fixed Show fixed Hide fixed
github-advanced-security[bot]
github-advanced-security bot found potential problems Sep 9, 2022
View reviewed changes
forwarding.go
r.log.Debug("upgrading the connnection", zap.String("client_ip", req.RemoteAddr))
clientIP := utils.RealIP(req)
r.log.Debug("upgrading the connnection",
zap.String("client_ip", clientIP),

Check failure

Code scanning / CodeQL

Log entries created from user input

This log write receives unsanitized user input from [here](1). This log write receives unsanitized user input from [here](2).
handlers.go

scope.Logger.Debug(
"incoming authorization request from client address",
zap.Any("access_type", accessType),
zap.String("auth_url", authURL),
zap.String("client_ip", req.RemoteAddr),
zap.String("client_ip", clientIP),

Check failure

Code scanning / CodeQL

Log entries created from user input

This log write receives unsanitized user input from [here](1). This log write receives unsanitized user input from [here](2).
handlers.go
scope.Logger.Error(errorMsg,
zap.String("client_ip", req.RemoteAddr),
zap.String("client_ip", clientIP),

Check failure

Code scanning / CodeQL

Log entries created from user input

This log write receives unsanitized user input from [here](1). This log write receives unsanitized user input from [here](2).
@p53 p53 merged commit 5c13a19 into gogatekeeper:master Sep 9, 2022
Gatekeeper automation moved this from In progress to Done Sep 9, 2022
@p53 p53 linked an issue Sep 9, 2022 that may be closed by this pull request
Log client_ip with real ip value #209
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
Gatekeeper
Done
Milestone
1.7.0
Development

Successfully merging this pull request may close these issues.

Log client_ip with real ip value
2 participants
@sk1m @p53