excluded_404s does not work for symfony 3
#166
Comments
|
So, seems like there is a new implementation there already https://github.com/symfony/symfony/blob/master/src/Symfony/Bridge/Monolog/Handler/FingersCrossed/NotFoundActivationStrategy.php but not sure if it's possible to switch to it so that it also worked for v2.3 |
|
This is related to #94 |
|
Found that this was biting me today, so I've done a bit of digging (this is likely to be obvious to the maintainers but hey why not): excluded_404s no longer works in Symfony 3.0 as currently monolog-bundle injects a reference to request from the service container into the NotFoundActivationStrategy. Having Request in the service container was deprecated in Symfony 2.7 in favor of using RequestStack, and subsequently removed in Symfony 3.0. As the NotFoundActivationStrategy never gets a request object it can never check the path of that request and thus the log line is never excluded. The concept of RequestStack was added in Symfony 2.4. #94 talks about maintaining compatibility with 2.3, but given that 2.3 entered the security fixes only part of it's LTS lifecycle this month (May 2016) I don't think the extra effort to support it is worthwhile. From what I can tell, #94 needs to be updated to pass the RequestStack into the NotFoundActivationStrategy's constructor here then it can be merged and a release can be tagged that supports Symfony 2.6+. @Seldaek / @fabpot I can give that a go at some point soonish if you're busy with other stuff. |
|
Oh, and moving away from using |
|
Is there any plan to include a solution for this in an upcoming release? We are using the fingers crossed handler to get notified via hipchat when one of our system throws an Exception. Since moving to Symfony 3 we are bombarded with 404 notifications from bots trying to access wp_admin.php admin.php etc. which renders the notifications almost useless. Is there any other way to mitigate this? |
|
you can create a custom activation strategy. This is how I implemented it for my projects use Monolog\Handler\FingersCrossed\ActivationStrategyInterface;
use Monolog\Handler\FingersCrossed\ErrorLevelActivationStrategy;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
class NotFound implements ActivationStrategyInterface
{
private $errorLevelActivationStrategy;
public function __construct($actionLevel)
{
$this->errorLevelActivationStrategy = new ErrorLevelActivationStrategy($actionLevel);
}
public function isHandlerActivated(array $record)
{
if (isset($record['context']['exception'])) {
if ($record['context']['exception'] instanceof NotFoundHttpException) {
return false;
}
}
return $this->errorLevelActivationStrategy->isHandlerActivated($record);
}
} |
|
@zerkms Thanks a million. This led me in the right direction. If anybody stumbles over this, here is how I solved it for us: So I added a service definition for this class. custom_monolog_fingers_crossed_handler_activation_strategy:
class: Symfony\Bridge\Monolog\Handler\FingersCrossed\NotFoundActivationStrategy
arguments:
- "@request_stack"
- ["^/"]
- "ERROR"First parameter is the RequestStack, second parameter are the "excluded_404s" or blacklist, third parameter is the action_level, when the fingers_crossed handler is activated (we use ERROR in this case but it defaults to WARNING in monolog-bundle). Then I added this service as the activation_strategy parameter in my monolog config: monolog:
...
handlers:
...
type: fingers_crossed
...
activation_strategy: custom_monolog_fingers_crossed_handler_activation_strategyImportant: I had to remove the "excluded_404s" parameter, because it is not allowed in combination with a custom activation_strategy. Hope this helps someone. |
|
@rommsen I am facing the same problem (as everyone using this functionality should). Do you think that I should implement your solution or wait that an official correction comes ? |
|
@Laurent3170 I think this depends on how much pain you are feeling right now 😄 . For us it was just way too much noise so I implemented it and never looked back. In case if something more "official" arrives, it would not be to much work to revert. |
|
@rommsen just a small question how do you separate multiple excluded in the second argument ? i.e |
|
@Laurent3170 I believe - ["^/admin.php", "^/administrator", ...]would work |
|
Ok, I was guessing between "," and "|" but I can't make it work (for the time being) with just only one... |
|
Yes that's "," I had to clear the cache... Thanks |
Using the exclude_404s configuration parameter does not work in symfony 3. (See symfony/monolog-bundle#166 for details)
|
As I'm quite new to Symfony, can you explain what it means ? Can we revert to what is explained in the Symfony docs ? Thanks |
|
@Laurent3170 with the mentioned fix by fabpot the 404s (NotFoundActivationStrategy) should work as documented for symfony 3.0. |
|
Argh, thanks for your answer but it seems not... |
|
@Laurent3170 try monolog-bundle 3.0: https://github.com/symfony/monolog-bundle/releases/tag/3.0.0 |
|
@StevendeVries Thanks again for your prompt answer. I haven't seen that a 3.0 version was available as I was looking in the "branches" part and not in the "tags" one. So... It works! 😄 |
|
Don't know where to "ask" and it seems, here it may be a place of concerns. As those servers which bother us by asking pages using specific urls, i.e. |
to hell maybe? 😄 (scnr) |
|
I'm not really familiar with the Symfony documentation standards, but this seems like it should be mentioned on https://symfony.com/doc/current/logging/monolog_regex_based_excludes.html (at least for Symfony 3.0 and 3.1, perhaps for later versions too). Or maybe bump Symfony's dependency to ensure people don't see the problem on later versions? |
|
@thelem Would you mind opening an issue in the docs repository? |
The generated
NotFoundActivationStrategyservice in a service locator looks like:So the request is never passed into the object and it does not take the passed url regexes into account.
The text was updated successfully, but these errors were encountered: