英文:
WebGoat springboot java app - not logging http status code in console
问题
Here's the translated content:
我正在使用 https://github.com/WebGoat/WebGoat,尝试更改以下配置,但都没有起作用。我不是Java专家,所以希望能够了解我的配置有什么问题。
- 我想要实现的目标是:在控制台/任何日志驱动程序中记录HTTP状态代码。
当我执行应用程序时,终端中会出现一些日志,但我希望在访问页面时能够看到HTTP状态代码200或302等等。
例如,当我访问 http://127.0.0.1:8080/WebGoat 时,应该显示带有重定向的HTTP代码302。或者当我在 http://127.0.0.1:8080/login 上刷新时,应该显示HTTP代码200,就像我从 curl -i http://127.0.0.1:8080/login 中获取的一样。
我做了什么:我已经更新了 application.properties 文件中的日志部分以调试级别。
logging.level.org.thymeleaf=DEBUG
logging.level.org.thymeleaf.TemplateEngine.CONFIG=DEBUG
logging.level.org.thymeleaf.TemplateEngine.TIMER=DEBUG
logging.level.org.thymeleaf.TemplateEngine.cache.TEMPLATE_CACHE=DEBUG
logging.level.org.springframework.web=DEBUG
logging.level.org.springframework=DEBUG
logging.level.org.springframework.boot.devtools=DEBUG
logging.level.org.owasp=DEBUG
logging.level.org.owasp.webgoat=DEBUG
logging.level.org.owasp.webgoat=DEBUG
但是当我从浏览器访问页面时,没有出现这些日志。日志仅显示初始化的操作,进一步刷新或访问页面不会记录任何状态代码。
当我在浏览器上检查网络时,我可以看到状态代码(图片)
。这里缺少什么?如果我需要在某个地方添加 log.debug 记录操作,有关这方面的任何指导吗?
我已经在主WebGoat应用程序中搜索了这些文件,但对于应该在哪里进一步添加有些困惑。我认为 application.properties 文件已经配置了 logging.level.org.owasp=DEBUG 记录。
英文:
I am using https://github.com/WebGoat/WebGoat, trying to change couple of configs below but none works. I am not expert in Java so hope to have some insights what's wrong in my config.
- What I want to achieve: logging http status code in console / any log driver
when i execute the app, there are some logs appeared in the terminal but I want the http status code 200 or 302 etc whenever we access the pages.
For example, when I access http://127.0.0.1:8080/WebGoat, there should be http code 302 with a redirect. Or when I refresh on http://127.0.0.1:8080/login, there should be http code 200 like what I got from curl -i http://127.0.0.1:8080/login
What I did: i have updated the application.properties file logging sections to DEBUG level
logging.level.org.thymeleaf=DEBUG
logging.level.org.thymeleaf.TemplateEngine.CONFIG=DEBUG
logging.level.org.thymeleaf.TemplateEngine.TIMER=DEBUG
logging.level.org.thymeleaf.TemplateEngine.cache.TEMPLATE_CACHE=DEBUG
logging.level.org.springframework.web=DEBUG
logging.level.org.springframework=DEBUG
logging.level.org.springframework.boot.devtools=DEBUG
logging.level.org.owasp=DEBUG
logging.level.org.owasp.webgoat=DEBUG
logging.level.org.owasp.webgoat=DEBUG
However none of these appear when I access the page from browser. The logs merely shows actions of initialization, further refresh or accessing the page doesn't log any status code:
2023-04-13 17:02:30.794 INFO 69552 --- [ main]
o.s.b.w.e.undertow.UndertowWebServer : Undertow started on port(s) 9090 (http)
2023-04-13 17:02:30.804 INFO 69552 --- [ main] org.owasp.webgoat.server.StartWebGoat : Started StartWebGoat in 0.653 seconds (JVM running for 10.763)
2023-04-13 17:02:30.805 INFO 69552 --- [ main] org.owasp.webgoat.server.StartupMessage : Please browse to http://127.0.0.1:8080/WebGoat to get started...
2023-04-13 17:02:59.997 INFO 69552 --- [ XNIO-1 task-2] io.undertow.servlet : Initializing Spring DispatcherServlet 'dispatcherServlet'
2023-04-13 17:02:59.997 INFO 69552 --- [ XNIO-1 task-2] o.s.web.servlet.DispatcherServlet : Initializing Servlet 'dispatcherServlet'
2023-04-13 17:03:00.000 INFO 69552 --- [ XNIO-1 task-2] o.s.web.servlet.DispatcherServlet : Completed initialization in 3 ms
When I inspect the network on browser, I can see the status code (image) . What is missing here? If I need to add logging action log.debug somewhere, any guidance on that?
I have searched through those files in the main webgoat application, but a bit confused as where should i add further. I thought the application.properties file did configure logging with logging.level.org.owasp=DEBUG stated.
https://github.com/WebGoat/WebGoat/tree/main/src/main/java/org/owasp/webgoat
答案1
得分: 1
已解决 - 要添加HTTP代码状态记录,只需添加一个名为 logback.xml 的配置文件:
<configuration>
<include resource="org/springframework/boot/logging/logback/base.xml"/>
<logger name="org.springframework.web" level="DEBUG"/>
</configuration>
对于具体的示例,对于这个 https://github.com/WebGoat/WebGoat 应用程序,logback.xml 文件的位置将在 src/main/resources/ 文件夹中。
(注意:某些测试用例可能会失败,但只需按照 GitHub 步骤重新安装和容器化它,然后执行以下操作:
在 Linux/Mac 上:
./mvnw clean install
在 Windows 上:
./mvnw.cmd clean install
使用 Docker 或 Podman,您可以在本地构建容器
docker build -f Dockerfile . -t webgoat/webgoat
现在我们准备运行项目。WebGoat 使用 Spring Boot。
在 Linux/Mac 上:
./mvnw spring-boot:run
在 Windows 上:
./mvnw.cmd spring-boot:run
然后,当您在本地运行它或在选择的路径中运行时,您将看到HTTP代码状态被记录。
英文:
Figured out - to add http code status logging, just add a logback.xml file with configuration:
<configuration>
<include resource="org/springframework/boot/logging/logback/base.xml"/>
<logger name="org.springframework.web" level="DEBUG"/>
</configuration>
For the specific example with this https://github.com/WebGoat/WebGoat app, the location of the logback.xml file will be in the src/main/resources/ folder.
(Note: some test cases will fail, but just proceed to reinstall and containerize it to execute after that as stated in the github steps :
# On Linux/Mac:
./mvnw clean install
# On Windows:
./mvnw.cmd clean install
# Using docker or podman, you can than build the container locally
docker build -f Dockerfile . -t webgoat/webgoat
Now we are ready to run the project. WebGoat is using Spring Boot.
# On Linux/Mac:
./mvnw spring-boot:run
# On Windows:
./mvnw.cmd spring-boot:run
And you will see the http code status logged after that when u run it locally or in chosen path.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论