diff --git a/src/Shared/LayoutRenderers/AspNetRequestCookieLayoutRenderer.cs b/src/Shared/LayoutRenderers/AspNetRequestCookieLayoutRenderer.cs index 3335ada40..ef5f604c7 100644 --- a/src/Shared/LayoutRenderers/AspNetRequestCookieLayoutRenderer.cs +++ b/src/Shared/LayoutRenderers/AspNetRequestCookieLayoutRenderer.cs @@ -25,6 +25,8 @@ namespace NLog.Web.LayoutRenderers /// /// ${aspnet-request-cookie:OutputFormat=Flat} /// ${aspnet-request-cookie:OutputFormat=Json} + /// ${aspnet-request-cookie:OutputFormat=Json:CookieNames=username} + /// ${aspnet-request-cookie:OutputFormat=Json:Exclude=access_token} /// /// [LayoutRenderer("aspnet-request-cookie")] @@ -37,6 +39,24 @@ public class AspNetRequestCookieLayoutRenderer : AspNetLayoutMultiValueRendererB /// public List CookieNames { get; set; } + /// + /// Gets or sets the keys to exclude from the output. If omitted, none are excluded. + /// + /// +#if ASP_NET_CORE + public ISet Exclude { get; set; } +#else + public HashSet Exclude { get; set; } +#endif + + /// + /// Initializes a new instance of the class. + /// + public AspNetRequestCookieLayoutRenderer() + { + Exclude = new HashSet(new[] { "AUTH", "SESS_ID" }, StringComparer.OrdinalIgnoreCase); + } + /// /// Renders the ASP.NET Cookie appends it to the specified . /// @@ -51,38 +71,23 @@ protected override void DoAppend(StringBuilder builder, LogEventInfo logEvent) } var cookies = httpRequest.Cookies; - var cookieNames = GetCookieNames(cookies)?.ToList(); - if (cookieNames?.Count > 0 && cookies?.Count > 0) + if (cookies?.Count > 0) { - var cookieValues = GetCookies(cookies, cookieNames); + var cookieValues = GetCookieKeyValue(cookies); SerializePairs(cookieValues, builder, logEvent); } } - /// - /// Get cookies names to render - /// - /// - /// - private IEnumerable GetCookieNames(Cookies cookies) - { - if (CookieNames != null && CookieNames.Any()) - return CookieNames; - - var keys = cookies.Keys; - #if !ASP_NET_CORE - return keys.Cast(); -#else - return keys; -#endif - } - -#if !ASP_NET_CORE - private IEnumerable> GetCookies(HttpCookieCollection cookies, IEnumerable cookieNames) + private IEnumerable> GetCookieKeyValue(HttpCookieCollection cookies) { + var cookieNames = CookieNames?.Count > 0 ? CookieNames : cookies.Keys.Cast().ToList(); + bool excludeKeys = (CookieNames == null || cookieNames.Count == 0) && Exclude?.Count > 0; foreach (var cookieName in cookieNames) { + if (excludeKeys && Exclude.Contains(cookieName)) + continue; + var httpCookie = cookies[cookieName]; if (httpCookie == null) { @@ -111,10 +116,15 @@ private IEnumerable> GetCookies(HttpCookieCollectio } } #else - private IEnumerable> GetCookies(IRequestCookieCollection cookies, IEnumerable cookieNames) + private IEnumerable> GetCookieKeyValue(IRequestCookieCollection cookies) { + var cookieNames = CookieNames?.Count > 0 ? CookieNames : cookies.Keys; + bool excludeKeys = (CookieNames == null || cookieNames.Count == 0) && Exclude?.Count > 0; foreach (var cookieName in cookieNames) { + if (excludeKeys && Exclude.Contains(cookieName)) + continue; + if (!cookies.TryGetValue(cookieName, out var cookieValue)) { continue; diff --git a/src/Shared/LayoutRenderers/AspNetRequestFormLayoutRenderer.cs b/src/Shared/LayoutRenderers/AspNetRequestFormLayoutRenderer.cs index 79dc80726..dc6f63cf3 100644 --- a/src/Shared/LayoutRenderers/AspNetRequestFormLayoutRenderer.cs +++ b/src/Shared/LayoutRenderers/AspNetRequestFormLayoutRenderer.cs @@ -48,12 +48,12 @@ public class AspNetRequestFormLayoutRenderer : AspNetLayoutMultiValueRendererBas #endif /// - /// Constructor + /// Initializes a new instance of the class. /// public AspNetRequestFormLayoutRenderer() { Include = new HashSet(StringComparer.OrdinalIgnoreCase); - Exclude = new HashSet(StringComparer.OrdinalIgnoreCase); + Exclude = new HashSet(new[] { "Password", "Pwd" }, StringComparer.OrdinalIgnoreCase); } /// diff --git a/tests/Shared/LayoutRenderers/AspNetCookieLayoutRendererTests.cs b/tests/Shared/LayoutRenderers/AspNetCookieLayoutRendererTests.cs index 2af3aa788..0f9bcb45d 100644 --- a/tests/Shared/LayoutRenderers/AspNetCookieLayoutRendererTests.cs +++ b/tests/Shared/LayoutRenderers/AspNetCookieLayoutRendererTests.cs @@ -30,6 +30,19 @@ public void NullKeyRendersAllCookies() Assert.Equal(expectedResult, result); } + [Fact] + public void NullKeyRendersAllCookiesExceptExcluded() + { + var expectedResult = "Key1=TEST1"; + var renderer = CreateRenderer(); + renderer.CookieNames = null; + renderer.Exclude.Add("key"); + + string result = renderer.Render(new LogEventInfo()); + + Assert.Equal(expectedResult, result); + } + [Fact] public void KeyNotFoundRendersEmptyString_Flat_Formatting() {