[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: httpapi_debug

From: paul.roy@xxxxxxx
To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: httpapi_debug
Date: Tue, 24 Feb 2015 18:37:47 +0100

   and just to share my short experience: it is in the doc but not in the
   examples...
   http_debug(*ON) opens a new file which is open until http_debug(*OFF)
   is executed...
   So every time you use http_debug(*ON) do not forget to add also
   http_debug(*OFF)
   otherwise you could face after some times a 'max files open' error ...

   Paul
   From:        Kenrick Chan <kenrick288@xxxxxxxxx>
   To:        HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
   Date:        24/02/2015 18:17
   Subject:        Re: httpapi_debug
   Sent by:        ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
     __________________________________________________________________

   Hi Scott,
   Thanks a lot for prompt advice.
   I will follow your suggestion.
   Best Regards.
   Kenrick
   --------------------------------------------
   On Mon, 2/23/15, Scott Klement <sk@xxxxxxxxxxxxxxxx> wrote:
   Subject: Re: httpapi_debug
   To: "HTTPAPI and FTPAPI Projects" <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
   Date: Monday, February 23, 2015, 9:53 PM
   Hi Kenrick,
   The httpapi_debug file was
   intended as an aid to assist programmers with
   debugging.  As such, I never expected people
   to have it turned on in
   production
   programs.   What makes this file useful is that
   it lets me
   see the raw data (along with
   various diagnostic messages I stuck in
   there to test different things) that's
   shown when HTTPAPI is running --
   this is
   very useful when there are problems, but hopefully should
   not be
   needed when the program is running
   in production?
   So, I'm
   not sure it's necessary to mask the data in the file?
   If the
   file is only on when debugging,
   developers should be able to delete the
   data immediately, and therefore sensitive data
   should be a non-issue.
   If you were to
   send a debug file to this list (for example) for
   analysis, it's pretty easy to edit it with
   a program like Notepad and
   just scrub out
   the sensitive data, since this happens only rarely.
   Having said that, HTTPAPI
   provides a feature where you can write your
   own logging routine to replace the one in
   HTTPAPI.  You can do this, for
   example:

      http_xproc( HTTP_POINT_DEBUG:
   %paddr(MyProc));
   Where
   'MyProc' is a subprocedure with the following
   prototype (you can
   change the name to
   whatever you want, though):
      D MyProc          PR
      D   DataToLog
                  *   value
      D   Length
                 10I 0 value
   When you define this exit procedure
   ("xproc") HTTPAPI will call this
   procedure instead of writing the data out to a
   file.  You can,
   therefore, put code into
   this procedure that finds any sensitive data
   and removes it, or puts XXXXX over it, or
   whatever.
   Since the format
   of the data that's sent/received by HTTPAPI can be
   absolutely _anything_, it's up to you to
   figure out a way to find your
   sensitive
   data in the series of bytes that is logged, and figure out
   how
   to replace it.  There's no
   standard way, since everyone's data is in a
   completely different format.
   So -- again, I would strongly
   consider turning these off in production,
   this is much easier than trying to somehow
   scrub the sensitive data
   automatically.
   -SK
   On
   2/23/2015 10:25 PM, Kenrick Chan wrote:
   >     Is there a way (parm
   associated with httpapi_debug) to mask sensitive
   >     data (e.g. credit card
   number) while httpapi_debug is writing to the
   >     log?
   >     If not, what is the more
   effective way to read the resulting IFS file
   >     and overwrite part of the
   content?
   >
   >
   -----------------------------------------------------------------------
   This is the FTPAPI mailing list.  To
   unsubscribe, please go to:
   [1]http://www.scottklement.com/mailman/listinfo/ftpapi
   -----------------------------------------------------------------------
   -----------------------------------------------------------------------
   This is the FTPAPI mailing list.  To unsubscribe, please go to:
   [2]http://www.scottklement.com/mailman/listinfo/ftpapi
   -----------------------------------------------------------------------

References

   1. http://www.scottklement.com/mailman/listinfo/ftpapi
   2. http://www.scottklement.com/mailman/listinfo/ftpapi

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

Follow-Ups:
- Re: httpapi_debug
  - From: Scott Klement

References:
- Re: httpapi_debug
  - From: Scott Klement
- Re: httpapi_debug
  - From: Kenrick Chan

Prev by Date: Re: HTTPAPI Timeout issue
Next by Date: Re: HTTPAPI Timeout issue
Previous by thread: Re: httpapi_debug
Next by thread: Re: httpapi_debug
Index(es):
- Date
- Thread