mirror of https://github.com/MISP/MISP
chg: [log] Multipart support for access log
parent
835a255dde
commit
e013d7accb
|
@ -71,12 +71,14 @@ class AccessLogsController extends AppController
|
|||
throw new NotFoundException(__('Request body is empty'));
|
||||
}
|
||||
|
||||
list($contentType, $encoding, $data) = explode("\n", $request['AccessLog']['request'], 3);
|
||||
$contentType = explode(';', $contentType, 2)[0];
|
||||
|
||||
if ($contentType === 'application/x-www-form-urlencoded') {
|
||||
parse_str($data, $output);
|
||||
$data = var_export($output, true);
|
||||
$contentType = explode(';', $request['AccessLog']['request_content_type'], 2)[0];
|
||||
if ($contentType === 'application/x-www-form-urlencoded' || $contentType === 'multipart/form-data') {
|
||||
parse_str($request['AccessLog']['request'], $output);
|
||||
$highlighted = highlight_string("<?php\n" . var_export($output, true) . "?>", true);
|
||||
$highlighted = str_replace(["<?php","?>"] , '', $highlighted);
|
||||
$data = $highlighted;
|
||||
} else {
|
||||
$data = h($request['AccessLog']['request']);
|
||||
}
|
||||
|
||||
$this->set('request', $data);
|
||||
|
|
|
@ -47,7 +47,11 @@ class AccessLog extends AppModel
|
|||
$result['AccessLog']['request_method'] = self::REQUEST_TYPES[$result['AccessLog']['request_method']];
|
||||
}
|
||||
if (!empty($result['AccessLog']['request'])) {
|
||||
$result['AccessLog']['request'] = $this->decodeRequest($result['AccessLog']['request']);
|
||||
$request = $this->decodeRequest($result['AccessLog']['request']);
|
||||
list($contentType, $encoding, $data) = explode("\n", $request, 3);
|
||||
$result['AccessLog']['request'] = $data;
|
||||
$result['AccessLog']['request_content_type'] = $contentType;
|
||||
$result['AccessLog']['request_content_encoding'] = $encoding;
|
||||
}
|
||||
if (!empty($result['AccessLog']['memory_usage'])) {
|
||||
$result['AccessLog']['memory_usage'] = $result['AccessLog']['memory_usage'] * 1024;
|
||||
|
@ -121,9 +125,7 @@ class AccessLog extends AppModel
|
|||
];
|
||||
|
||||
if ($includeRequestBody && $request->is(['post', 'put', 'delete'])) {
|
||||
$requestContentType = $_SERVER['CONTENT_TYPE'] ?? null;
|
||||
$requestEncoding = $_SERVER['HTTP_CONTENT_ENCODING'] ?? null;
|
||||
$dataToSave['request'] = "$requestContentType\n$requestEncoding\n{$request->input()}";
|
||||
$dataToSave['request'] = $this->requestBody($request);
|
||||
}
|
||||
|
||||
// Save data on shutdown
|
||||
|
@ -135,6 +137,24 @@ class AccessLog extends AppModel
|
|||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param CakeRequest $request
|
||||
* @return string
|
||||
*/
|
||||
private function requestBody(CakeRequest $request)
|
||||
{
|
||||
$requestContentType = $_SERVER['CONTENT_TYPE'] ?? null;
|
||||
$requestEncoding = $_SERVER['HTTP_CONTENT_ENCODING'] ?? null;
|
||||
|
||||
if (substr($requestContentType, 0, 19) === 'multipart/form-data') {
|
||||
$input = http_build_query($request->data, '', '&');
|
||||
} else {
|
||||
$input = $request->input();
|
||||
}
|
||||
|
||||
return "$requestContentType\n$requestEncoding\n$input";
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $data
|
||||
* @param float $requestTime
|
||||
|
|
Loading…
Reference in New Issue