16

Here is the scenario...

User types his username. Types an "incorrect" password. Both username and password values are being passed to the Elmah error log via the Exception.Context.Request.Form["Password"]. It's a read-only value and cannot be modified.

And no... I don't want to dismiss the exception (fail). We added ErrorLog Filtering programmatically:

void ErrorLog_Filtering(object sender, ExceptionFilterEventArgs e)
{
  if (e.Exception is LogOnException)
  {
    ((HttpContext) e.Context).Request.Form.Remove("Password");
    // This is what we want to do, but we can't because it is read-only
  }
}

But cannot modify the Request.Form so that the password is hidden from our error log.

Anybody ever encountered a way around this?

I basically want all the error data without the password field. We considered logging it manually but that seemed to be a lot of work compared to simply hiding the sensitive data.

Cheers guys. Thanks in advance.

willis
  • 321
  • 3
  • 5
  • http://kurtschindler.net/blog/post/Configuring-ELMAH-on-DiscountASPNET –  Jul 08 '11 at 17:55
  • http://myitforum.com/cs2/blogs/maikkoster/archive/2010/07/12/elmah-a-great-way-of-troubleshooting-web-applications.aspx –  Jul 08 '11 at 17:56
  • 1
    @0A0D ??? Thanks buddy. It's working just fine.... but I don't know how hide some of the values that get posted. Did you start TGIF a bit too early? ;-) – willis Jul 08 '11 at 18:02
  • @0AOD Oh... I c your point. I'm doing that already. But I want to secure them from even the admin and devs. I know... I'm being extra careful... but nowadays you never know. – willis Jul 08 '11 at 18:17
  • Seen this? http://stackoverflow.com/questions/5470214/multiple-elmah-filter-conditions –  Jul 08 '11 at 18:18
  • 1
    @0A0D - I think the OP isn't trying to filter OUT the errors, but instead intercept them and change the posted form data before ELMAH stores it in the error log. I'd really like to know this as well. – Pandincus Jul 08 '11 at 18:31
  • @Pandincus and @willis: It seems a lot of people have asked the same question over the past two years but there does not seem to be a way to do it other than calling e.Dismiss(). –  Jul 08 '11 at 18:41
  • You know, ELMAH is open source... – Dustin Davis Aug 15 '11 at 15:24

3 Answers3

14

You can't modify the form collection on the request but you can modify the form collection on an Elmah Error isntance and then manually log it. I.e. 

public static class ElmahSensitiveDataFilter
{
  public static void Apply(ExceptionFilterEventArgs e, HttpContext ctx)
  {
    var sensitiveFormData = ctx.Request.Form.AllKeys
            .Where(key => key.Equals("password", StringComparison.OrdinalIgnoreCase)).ToList();
    if (sensitiveFormData.Count == 0)
    {
      return;
    }
    var error = new Error(e.Exception, ctx);
    sensitiveFormData.ForEach(k => error.Form.Set(k, "*****"));
    Elmah.ErrorLog.GetDefault(null).Log(error);
    e.Dismiss();
  }
}

Then in Global.asax 

void ErrorLog_Filtering(object sender, ExceptionFilterEventArgs e)
{
    var ctx = e.Context as HttpContext;
    if(ctx == null)
    {
      return;
    }
    ElmahSensitiveDataFilter.Apply(e, ctx);
}
Matt Murphy
  • 421
  • 3
  • 6
  • 1
    I took @Matt Murphy's approach and created an ActionFilterAttribute to specify data that you want to santise, see https://github.com/appclay/ElmahSensitiveDataFiltering (so far for MVC3 and 4 only) – joshuahealy Mar 14 '13 at 21:49
  • how do you then send an email which Elmah.ErrorSignal.FromCurrentContext().Raise() would do? – spankmaster79 May 18 '16 at 07:58
  • You may also want to check if e.Dismissed is true before proceeding to filter in the "Apply" method as well - this way you can respect the filtering in place in web.config (via the element) -- see my related question here: https://stackoverflow.com/questions/44524246/error-filters-in-web-config-are-ignored-when-using-errorlog-filtering-with-elmah/44525607 – DanP Jun 14 '17 at 13:14
0

Catch the exception, then log something in ELMAH manually, like this:


catch (LogOnException e)
{
     Elmah.ErrorSignal.FromCurrentContext().Raise(new Exception("Bad Password"));
}
CodeThug
  • 3,054
  • 1
  • 21
  • 17
  • What if the error isn't a bad password? What if it's a database timeout? What if it's a network error or just some other bug? – Immortal Blue Jun 04 '18 at 09:36
-1

You can't do this unless you modify the source itself. You could certainly modify the configuration and add the notion of an "Excluded Form Elements" to that, then when the Error class copies the collection from the HttpContext, you can remove any items in that list.

Another alternative would be to use something else, obviously, that provides more explicit control over the logging process like EntLib or log4net. It's trivial to write a module or global exception handler to utilize either one of those tools. Moreover, they are relevant in scopes outside of web applications.

dotnetnate
  • 769
  • 4
  • 11