Actions
Feature #2563
closedAdd dump of all headers in http eve-log
Effort:
low
Difficulty:
low
Label:
Description
A patch adding a list of json objects with the list of HTTP headers encountered for that transaction in the two object "request_headers" and "response_headers".
The direction of the information (i.e., whether we want to log only HTTP request headers, only HTTP response headers, or both) is set via configuration key "dump-all-headers".
We introduced two limits to avoid potential memory exhaustion caused by very long http headers. This limit is hardcoded to 256 bytes for HTTP header name and 2048 for http header value.
The resulting list of http headers will be in this form:
"http": {
"request_headers": [
{
"name": "User-Agent",
"value": "Wget/1.13.4 (linux-gnu)"
},
{
"name": "Accept",
"value": "*/*"
},
],
"response_headers": [
{
"name": "Date",
"value": "Wed, 25 Mar 2015 15:40:41 GMT"
},
{
"name": "Server",
"value": "Apache"
},
{
"name": "Last-Modified",
"value": "Wed, 25 Mar 2015 15:38:48 GMT"
},
{
"name": "ETag",
"value": "\"34000d-c3-5121eb20b238d\""
},
],
}
Note that the dump-all-headers is disabled by default, meaning that by default the fields will not be present.
Updated by Andreas Herz over 6 years ago
Updated by Maurizio Abba about 6 years ago
Updated by Victor Julien about 6 years ago
- Related to Task #2685: SuriCon 2018 brainstorm added
Updated by Victor Julien almost 6 years ago
- Status changed from Assigned to Closed
Actions