Last active
February 3, 2018 12:48
-
-
Save Aaron-P/9834c69deb0283af56e367fe4b62824e to your computer and use it in GitHub Desktop.
Remove http basic auth headers from elmah logs.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| protected void ErrorLog_Filtering(object sender, Elmah.ExceptionFilterEventArgs e) | |
| { | |
| var request = System.Web.HttpContext.Current.Request; | |
| var auth = request.ServerVariables["HTTP_AUTHORIZATION"]; | |
| if (!String.IsNullOrEmpty(auth)) | |
| { | |
| var authPattern = new Regex(@"(Authorization|HTTP_AUTHORIZATION):\s*" + auth + @"\s*", RegexOptions.ExplicitCapture); | |
| request.ServerVariables["ALL_HTTP"] = authPattern.Replace(request.ServerVariables["ALL_HTTP"], String.Empty); | |
| request.ServerVariables["ALL_RAW"] = authPattern.Replace(request.ServerVariables["ALL_RAW"], String.Empty); | |
| } | |
| request.ServerVariables["AUTH_PASSWORD"] = null; | |
| request.ServerVariables.Remove("AUTH_PASSWORD"); | |
| request.ServerVariables["HTTP_AUTHORIZATION"] = null; | |
| request.ServerVariables.Remove("HTTP_AUTHORIZATION"); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment