Details
-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
1.2.3
-
None
-
Logback 1.2.3
Logback-access config:
<configuration> <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> <evaluator class="ch.qos.logback.access.net.URLEvaluator"> <URL>/ping</URL> </evaluator> <OnMismatch>NEUTRAL</OnMismatch> <OnMatch>DENY</OnMatch> </filter> <encoder> <pattern>%t{ISO8601} [%I] %requestURL | status code: %statusCode | elapsed time: %elapsedTime | request: %magenta(%requestContent) | response: %cyan(%responseContent)</pattern> </encoder> </appender> <appender-ref ref="STDOUT"/> </configuration>Logback 1.2.3 Logback-access config: <configuration> <appender name= "STDOUT" class= "ch.qos.logback.core.ConsoleAppender" > <filter class= "ch.qos.logback.core.filter.EvaluatorFilter" > <evaluator class= "ch.qos.logback.access.net.URLEvaluator" > <URL>/ping</URL> </evaluator> <OnMismatch>NEUTRAL</OnMismatch> <OnMatch>DENY</OnMatch> </filter> <encoder> <pattern>%t{ISO8601} [%I] %requestURL | status code: %statusCode | elapsed time: %elapsedTime | request: %magenta(%requestContent) | response: %cyan(%responseContent)</pattern> </encoder> </appender> <appender-ref ref= "STDOUT" /> </configuration>
Description
Problem
We have a Spring boot app exposing a RESTful API that runs on embedded Tomcat (latest versions) and uses logback-access (also latest 1.2.3). Recently I noticed that access logs include
raw binary content of images/PDF files. Example from logs:
POST /projects/projectId/images HTTP/1.1 | status code: 200 | elapsed time: 664 | request: GIF89a� d �[[ most content ommitted ]]g��� w���� ; | response: {"id":"877f2338-293d-403b-99fb-09fc631ce7b3"}
GET /projects/projectid/images/877f2338-293d-403b-99fb-09fc631ce7b3 HTTP/1.1 | status code: 200 | elapsed time: 538 | request: | response: [IMAGE CONTENTS SUPPRESSED]
As you see, binary content suppression is incomplete. This is how it works currently for different content types:
| image/* | any other binary | |
|---|---|---|
| Request | logged | logged |
| Response | suppressed | logged |
For us it is a problem, as our application has to regularly deal with large (20+ MB) ZIP and PDF files,
Cause
Looking at the code, image content suppression happens in `ch.qos.logback.access.spi.AccessEvent#getResponseContent`, but it only checks if content type starts with `image/`. Equivalent code in `ch.qos.logback.access.spi.AccessEvent#getRequestContent` is not present.
I traced response image content suppression was added with this commit (all the way back in 2007):
https://github.com/qos-ch/logback/commit/69290e182f8db6589eadd5a3c485a37255384893.
Workaround
None, except for ugly classloading hacks or implementing a custom `AccessEvent` that overrides `getRequestContent` and `getResponseContent`.
Resources
Related thread (with no responses) in logback-user mailing list: http://mailman.qos.ch/pipermail/logback-user/2020-September/005086.html