W3C cookies only logged when other "RequestHeader" fields are logged.

[MarkPflug]

https://github.com/dotnet/aspnetcore/blob/bc9255b509c4b51d9bbbea7b15ddafe482784699/src/Middleware/HttpLogging/src/W3CLoggingMiddleware.cs#L179

I noticed this issue when looking at the W3C logging middleware, that the Cookie field is logged inside of a conditional block that checks for the presence of "RequestHeaders" flags, which doesn't include the cookie flag. This means that cookie values can't be logged without also logging other request headers. Either the cookie field should be moved out of this block, or the RequestHeaders flags should include the Cookie flag.

[Tratcher]

Cookie was intentionally excluded from RequestHeaders due to its sensitive nature. Moving it out of that if block would be the correct fix.

[Tratcher]

Are you interested in submitting a PR for this?

[MarkPflug]

Cookie was intentionally excluded from RequestHeaders due to its sensitive nature

Makes sense. ~~Just submitted #45224 with the fix.~~

I'll submit a PR, I guess doing this entire in github web UI was a bad idea.

[MarkPflug]

Nevermind. I guess I can't figure this out. I pulled the repo locally, but can't figure out how to build anything. dotnet build is complaining that I don't have .NET SDK 8.0-alpha and I don't know where/how to get it. I tried opening the csproj in VS and it... doesn't open, and presents to no error message.

[BrennanConroy]

https://github.com/dotnet/aspnetcore/blob/main/docs/BuildFromSource.md

[BrennanConroy]

TLDR; Run restore.cmd from the root, go to the project you want to builds folder and run startvs.cmd.

[MarkPflug]

I must be doing something wrong. I've tried following those instructions, but I'm getting a wall of MSBuild errors about missing imported projects: Microsoft.Cpp.Defaults.props? I probably don't have a prereq installed. I honestly don't have the patience to try to figure it out right now. I fixed the original failing PR as #45226, seems to be building properly now.