[tomcat] branch 9.0.x updated: BZ 66183. Log all values for given cookie, not just the first.

markt Tue, 23 Aug 2022 01:21:29 -0700

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git



The following commit(s) were added to refs/heads/9.0.x by this push:
     new c88bbac085 BZ 66183. Log all values for given cookie, not just the 
first.
c88bbac085 is described below

commit c88bbac0856ef5134a73031109ae1307294ecd23
Author: Mark Thomas <[email protected]>
AuthorDate: Tue Aug 23 09:20:38 2022 +0100

    BZ 66183. Log all values for given cookie, not just the first.
    
    https://bz.apache.org/bugzilla/show_bug.cgi?id=66183
    Based on #541 by Han Li.
---
 .../apache/catalina/valves/AbstractAccessLogValve.java  | 17 +++++++++++++----
 .../apache/catalina/valves/ExtendedAccessLogValve.java  | 16 ++++++++++++++--
 webapps/docs/changelog.xml                              |  6 ++++++
 webapps/docs/config/valve.xml                           |  4 ++--
 4 files changed, 35 insertions(+), 8 deletions(-)

diff --git a/java/org/apache/catalina/valves/AbstractAccessLogValve.java 
b/java/org/apache/catalina/valves/AbstractAccessLogValve.java
index 5afea9f2c3..668492b0fd 100644
--- a/java/org/apache/catalina/valves/AbstractAccessLogValve.java
+++ b/java/org/apache/catalina/valves/AbstractAccessLogValve.java
@@ -1549,17 +1549,26 @@ public abstract class AbstractAccessLogValve extends 
ValveBase implements Access
         @Override
         public void addElement(CharArrayWriter buf, Date date, Request request,
                 Response response, long time) {
-            String value = "-";
+            StringBuilder value = new StringBuilder();
+            boolean first = true;
             Cookie[] cookies = request.getCookies();
             if (cookies != null) {
                 for (Cookie cookie : cookies) {
                     if (cookieNameToLog.equals(cookie.getName())) {
-                        value = cookie.getValue();
-                        break;
+                        if (first) {
+                            first = false;
+                        } else {
+                            value.append(',');
+                        }
+                        value.append(cookie.getValue());
                     }
                 }
             }
-            escapeAndAppend(value, buf);
+            if (value.length() == 0) {
+                buf.append('-');
+            } else {
+                escapeAndAppend(value.toString(), buf);
+            }
         }
     }
 
diff --git a/java/org/apache/catalina/valves/ExtendedAccessLogValve.java 
b/java/org/apache/catalina/valves/ExtendedAccessLogValve.java
index bc0097cc5a..a128d236b6 100644
--- a/java/org/apache/catalina/valves/ExtendedAccessLogValve.java
+++ b/java/org/apache/catalina/valves/ExtendedAccessLogValve.java
@@ -64,7 +64,7 @@ import org.apache.tomcat.util.ExceptionUtils;
  * <li><code>time-taken</code>:  Time (in seconds) taken to serve the 
request</li>
  * <li><code>x-threadname</code>: Current request thread name (can compare 
later with stacktraces)</li>
  * <li><code>x-A(XXX)</code>: Pull XXX attribute from the servlet context </li>
- * <li><code>x-C(XXX)</code>: Pull the first cookie of the name XXX </li>
+ * <li><code>x-C(XXX)</code>: Pull the cookie(s) of the name XXX </li>
  * <li><code>x-O(XXX)</code>: Pull the all response header values XXX </li>
  * <li><code>x-R(XXX)</code>: Pull XXX attribute from the servlet request </li>
  * <li><code>x-S(XXX)</code>: Pull XXX attribute from the session </li>
@@ -298,12 +298,24 @@ public class ExtendedAccessLogValve extends 
AccessLogValve {
         @Override
         public void addElement(CharArrayWriter buf, Date date, Request request,
                 Response response, long time) {
+            StringBuilder value = new StringBuilder();
+            boolean first = true;
             Cookie[] c = request.getCookies();
             for (int i = 0; c != null && i < c.length; i++) {
                 if (name.equals(c[i].getName())) {
-                    buf.append(wrap(c[i].getValue()));
+                    if (first) {
+                        first = false;
+                    } else {
+                        value.append(',');
+                    }
+                    value.append(c[i].getValue());
                 }
             }
+            if (value.length() == 0 ) {
+                buf.append('-');
+            } else {
+                buf.append(wrap(value.toString()));
+            }
         }
     }
 
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 6608afc8df..26a6d24038 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -128,6 +128,12 @@
         MemoryUserDatabase.save(). Deprecate and discontinue use of MemoryUser,
         MemoryRole, and MemoryGroup classes. (schultz)
       </fix>
+      <fix>
+        <bug>66183</bug>: When logging cookie values in an access log valve and
+        there are multiple cookies with the same name, log all cookie values
+        rather than just the first. Based on pull request <pr>541</pr> by Han
+        Li. (markt)
+      </fix>
       <fix>
         <bug>66184</bug>: Ensure that JULI root loggers have a default level of
         <code>INFO</code>. Pull request <pr>533</pr> provided by Piotr P.
diff --git a/webapps/docs/config/valve.xml b/webapps/docs/config/valve.xml
index 85d5449459..c54d1d0dd0 100644
--- a/webapps/docs/config/valve.xml
+++ b/webapps/docs/config/valve.xml
@@ -336,7 +336,7 @@
         connection peer address (<code>xxx=peer</code>)</li>
     <li><b><code>%{xxx}i</code></b> write value of incoming header with name 
<code>xxx</code> (escaped if required)</li>
     <li><b><code>%{xxx}o</code></b> write value of outgoing header with name 
<code>xxx</code> (escaped if required)</li>
-    <li><b><code>%{xxx}c</code></b> write value of cookie with name 
<code>xxx</code> (escaped if required)</li>
+    <li><b><code>%{xxx}c</code></b> write value of cookie(s) with name 
<code>xxx</code> (comma separated and escaped if required)</li>
     <li><b><code>%{xxx}r</code></b> write value of ServletRequest attribute 
with name <code>xxx</code> (escaped if required)</li>
     <li><b><code>%{xxx}s</code></b> write value of HttpSession attribute with 
name <code>xxx</code> (escaped if required)</li>
     <li><b><code>%{xxx}p</code></b> write local (server) port 
(<code>xxx==local</code>) or
@@ -494,7 +494,7 @@
     <li><b><code>cs(XXX)</code></b> for incoming request headers with name 
XXX</li>
     <li><b><code>sc(XXX)</code></b> for outgoing response headers with name 
XXX</li>
     <li><b><code>x-A(XXX)</code></b> for the servlet context attribute with 
name XXX</li>
-    <li><b><code>x-C(XXX)</code></b> for the first cookie with name XXX</li>
+    <li><b><code>x-C(XXX)</code></b> for the cookie(s) with name XXX (comma 
separated if required)</li>
     <li><b><code>x-O(XXX)</code></b> for a concatenation of all outgoing 
response headers with name XXX</li>
     <li><b><code>x-P(XXX)</code></b> for the URL encoded (using UTF-8) request 
parameter with name XXX</li>
     <li><b><code>x-R(XXX)</code></b> for the request attribute with name 
XXX</li>


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[tomcat] branch 9.0.x updated: BZ 66183. Log all values for given cookie, not just the first.

Reply via email to