Allow for LogRequestMiddleware to filter the headers it outputs

[adam-fowler]

Instead of displaying all the headers, only display ones you care about

router.middlewares.add(LogRequestMiddleware(.debug, includesHeaders: .some([.contentType, .contentLength]))

Options are .none, .all or .some([HTTPField.Name])

[MahdiBM]

Good idea but could be better implemented IMO.
I think we should aim for something like what traefik does.
It accepts a defaultMode, and you can then provide overrides for specific headers. The setting options are keep, redact, drop.

[adam-fowler]

Good idea but could be better implemented IMO. I think we should aim for something like what traefik does. It accepts a defaultMode, and you can then provide overrides for specific headers. The setting options are keep, redact, drop.

Given the default mode is none. Not sure I see the point of drop. redact could be of use though, but we could also add a redaction lists for headers we don't want to report the contents of.

[MahdiBM]

@adam-fowler it's useful if you want to log all headers, but not include a few. I've had usages for this in the past, personally.

Generally, how traefik does it is the most flexible way, so users can just do whatever they want, without us making unnecessary assumptions about their needs.

[adam-fowler]

@adam-fowler it's useful if you want to log all headers, but not include a few. I've had usages for this in the past, personally.

Generally, how traefik does it is the most flexible way, so users can just do whatever they want, without us making unnecessary assumptions about their needs.

So you have two situations I want these specific headers or I want all headers except these ones. Adding an ignore list to .all would provide that list for you.

[MahdiBM]

Yes, an ignore list would work. But then I'd want to only redact some headers, not ignore them, so I'll need a redact list too

[adam-fowler]

Yes, an ignore list would work. But then I'd want to only redact some headers, not ignore them, so I'll need a redact list too

I'm just looking at the redact list now.

[MahdiBM]

Example: show me all headers, redact Authorization or other sensitive headers, and ignore all access control headers.

[adam-fowler]

Example: show me all headers, redact Authorization or other sensitive headers, and ignore all access control headers.

let accessControlHeaders: [HTTPField.Name] = [
  .accessControlAllowCredentials,
  .accessControlAllowHeaders,
  .accessControlAllowMethods,
  ...
]
LogRequestsMiddleware(
  .info, 
  includeHeaders: .all(except: accessControlHeaders),
  redactHeaders: [.authorization]
}

[MahdiBM]

One concern, otherwise looks good (and thank you) 🙂

[MahdiBM]

Not a fan of formatting the headers instead of passing an e.g. Array or Dictionary as .stringConvertible.
We use https://github.com/Brainfinance/StackdriverLogging as our swift-log backend which formats stuff properly as a JSON if it can, which makes them look decent on Google Cloud. By passing a String, a logging backend can't try to format the values anymore.

To be clear i haven't seen too many logging backends try to manually format metadata (my own DiscordLogger doesn't either), but it does look useful when done appropriately, like with https://github.com/Brainfinance/StackdriverLogging.

[adam-fowler]

Ok makes sense. I can output a dictionary with values from duplicate keys concatenated with a "," inbetween

[adam-fowler]

done

[Joannis]

Looks good.