haskell-webapps icon indicating copy to clipboard operation
haskell-webapps copied to clipboard

Published 20 hours ago verified publisher icon vacationlabs

Request / response logging

Open saurabhnanda opened this issue 8 years ago • 1 comments

  • Sensitive data in requests, like passwords, should be scrubbed.
  • This scrubbing should be easily configurable.
  • There should be an ability to change the log format and control what is being logged:
    • Whitelist of headers
    • Whitelist of cookies
    • URL params
    • Request body
    • Response body
    • Total time taken to respond, segmented by view, controller, & DB access

saurabhnanda avatar Oct 05 '16 14:10 saurabhnanda

I believe logging will also be using Show instance, so instead of deriving show, we can create our own instance for show and there we can filter the sensitive info from the show / log. If its sensitive enough then I guess we should take enough care to write a instance for show for that particular Type?

let me know if I am wrong. I will also do some searching...

I will think about the rest of the list and comment when I have some ideas

sudhirvkumar avatar Oct 05 '16 14:10 sudhirvkumar