Page MenuHomePhabricator
Create Task
Maniphest T239713

Citoid is logging all request / response headers as separate fields
Open, MediumPublic
Actions

Description

This is similar but different than T238083: Citoid logs fields explosion in which it looks like citoid will log all headers for its error request/responses as separate fields, e.g.

          "err_headers_accept-ch": {
          "err_headers_accept-ch-lifetime": {
          "err_headers_accept-ranges": {
          "err_headers_access-control-allow-credentials": {
...
          "err_headers_x-via-edge": {
          "err_headers_x-via-fastly": {
          "err_headers_x-wix-request-id": {
          "err_headers_x-xss-protection": {

This is problematic because such headers can be controlled by users and might end up spamming elasticsearch fields. I don't know if this is a citoid thing or a preq library thing though (cc @mobrovac) and it isn't super urgent, but a potential problem for sure.

More context of this (elasticsearch fields explosion) work: T180051 T189333

Related Objects

Event Timeline

fgiunchedi created this task.Dec 3 2019, 1:47 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptDec 3 2019, 1:47 PM
fgiunchedi updated the task description. (Show Details)Dec 3 2019, 1:47 PM
fgiunchedi added a subscriber: Wikimedia-Logstash.
mobrovac added a project: Platform Team Workboards (Clinic Duty Team).Dec 9 2019, 10:44 AM
Mvolz moved this task from Backlog to Production on the Citoid board.Feb 3 2020, 10:05 AM
Mvolz added a project: SRE.
jijiki triaged this task as Medium priority.Feb 5 2020, 6:02 PM
jijiki added a project: serviceops.
AMooney moved this task from Inbox to Teleport on the Platform Team Workboards (Clinic Duty Team) board.Mar 24 2020, 7:07 PM
WDoranWMF edited projects, added Platform Engineering (Icebox); removed Platform Team Workboards (Clinic Duty Team).Mar 24 2020, 9:48 PM
jijiki moved this task from Incoming 🐫 to 🔦Unused2 on the serviceops board.Aug 17 2020, 11:46 PM
Aklapper added a project: Wikimedia-Logstash.Sep 18 2020, 7:52 AM
Aklapper removed a subscriber: Wikimedia-Logstash.
fgiunchedi added a project: observability.Apr 20 2021, 8:43 AM
lmata moved this task from Inbox to Backlog on the observability board.Jun 14 2021, 3:22 PM
lmata edited projects, added SRE Observability; removed observability.Jul 12 2021, 2:21 AM
Maintenance_bot added a project: observability.Jul 12 2021, 2:47 AM
lmata moved this task from Inbox to Backlog on the SRE Observability board.Jul 15 2021, 4:09 AM
lmata edited projects, added Observability-Logging; removed SRE Observability.Aug 9 2021, 3:07 AM
Maintenance_bot edited projects, added SRE Observability; removed Observability-Logging.Aug 9 2021, 3:47 AM
lmata edited projects, added Observability-Logging; removed SRE Observability.Nov 24 2021, 5:09 PM
jijiki moved this task from 🔦Unused2 to 🛎 Services & Oids on the serviceops board.Oct 17 2022, 4:04 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL