andrhamm / marcopolo Goto Github PK
View Code? Open in Web Editor NEWRack middleware for logging raw HTTP requests & responses
License: MIT License
marcopolo's People
Stargazers
Watchers
marcopolo's Issues
Middleware is not threadsafe
Hello!
I don't use this middleware, but wanted to alert you of the issue, as thread safety defects in rack middleware can present a high security risk due to the potential risk of swapping data for concurrent requests.
In the middleware, an instance variable, @request, is set and used in the rack middleware to interact with the active request:
marcopolo/lib/marcopolo/middleware.rb
Line 8 in 4a52c9a
If two or more concurrent requests are received at the same time, a server using threading rather than forking for request handling (e.g. puma), may result in the @request variable being replaced mid-request by a subsequent, concurrent request passing through the same middleware in a different thread.
Instead, use a local variable and pass the request variable to any methods that need to use it as part of handling the request. This will make the middleware threadsafe.
Capture raw HTTP log for all requests during block
It would be really useful to be able to catch the raw HTTP logs during an explicit block like so:
requests, responses = Marcopolo.capture do
# requests to APIs
end
In this example, requests and responses would be arrays containing simplified hashes of the respective requests and responses. So requests[0]'s response would be found in responses[0].
The requests would still be logged to the marcopolo logs (if configured to do so).
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.