如何查看Sinatra服务器在执行“ Rack :: Protection”操作?
[英]How can I see what `Rack::Protection` is doing with Sinatra server?
问题描述
I have a Sinatra server in an AWS environment with a load balancer between the client and the server. 
我在AWS环境中有一台Sinatra服务器,在客户端和服务器之间具有负载均衡器。
Unless I do something like: 除非我做类似的事情:
disable: protection
it gives 'Forbidden' on a redirect. 它为重定向提供“禁止”。 I don't want to always disable protection, and I should narrow the amount of disabled protection, so I would like to know what protection is forbidding my redirect. 我不想总是禁用保护,而我应该缩小禁用保护的范围,所以我想知道什么保护禁止我的重定向。
I am expecting to see something like: 我希望看到类似的东西:
attack prevented by Rack::Protection::<Something>
I have: 我有:
enable: logging
and: 和:
-e development
but can't get any feedback from Rack::Protection on why it is applying a rule. 但无法从Rack::Protection获得任何有关为什么要应用规则的反馈。
I have tried this: 我已经试过了:
def self.log_rack_protection(namespace = nil, data = nil)
puts "rack data: #{data.pretty_inspect}"
end
use Rack::Protection, instrumenter: log_rack_protection
but it doesn't seem to be called except on startup. 但似乎没有被调用,除非在启动时。
What do I need to do to get more feedback from Rack::Protection on what module is doing the blocking? 我需要怎么做才能从Rack::Protection获得更多关于哪个模块正在执行阻塞的反馈? Alternatively, is there some configuration we should be applying to the load balancer to stop this protection? 或者,是否应该对负载均衡器进行一些配置以停止此保护?
1 个解决方案
解决方案1
0 2018-11-28 04:57:42
While I did not work out how to get better logging, I did work out that doing this: 虽然我没有解决如何获得更好的日志记录,但确实做到了这一点:
set :protection, :except => [:json_csrf]
stopped the 'Forbidden' message on a client side redirect in the scenario described in the question. 在问题描述的情况下,在客户端重定向上停止了“禁止”消息。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.