Method: RhaproxyFrontend#capture_cookie
- Defined in:
- lib/rhaproxy/frontend.rb
#capture_cookie ⇒ Object
capture cookie <name> len <length>
Capture and log a in the request and in the response.
May be used in sections : defaults | frontend | listen | backend
no | yes | yes | no
Arguments :
<name> is the beginning of the name of the to capture. In order
to match the exact name, simply suffix the name with an equal
sign ('='). The full name will appear in the logs, which is
useful with application servers which adjust both the name
and value (eg: ASPSESSIONXXXXX).
<length> is the maximum number of characters to report in the logs, which
include the name, the equal sign and the value, all in the
standard "name=value" form. The string will be truncated on the
right if it exceeds <length>.
Only the first is captured. Both the "cookie" request headers and the
"set-cookie" response headers are monitored. This is particularly useful to
check for application bugs causing session crossing or stealing between
users, because generally the user's cookies can only change on a login page.
When the cookie was not presented by the client, the associated log column
will report "-". When a request does not cause a cookie to be assigned by the
server, a "-" is reported in the response column.
The capture is performed in the frontend only because it is necessary that
the log format does not change for a given frontend depending on the
backends. This may change in the future. Note that there can be only one
"capture cookie" statement in a frontend. The maximum capture length is
configured in the sources by default to 64 characters. It is not possible to
specify a capture in a "defaults" section.
Example:
capture cookie ASPSESSION len 32
See also : "capture request header", "capture response header" as well as
section 8 about logging.
254 255 256 |
# File 'lib/rhaproxy/frontend.rb', line 254 def end |