[spec] Adapting the HTTP Common Logging Format for use by Gemini servers

Arav K. nothien at uber.space
Sun Dec 27 20:10:54 GMT 2020

Previous message (by thread): [spec] Adapting the HTTP Common Logging Format for use by Gemini servers
Next message (by thread): [spec] Adapting the HTTP Common Logging Format for use by Gemini servers
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Dec 27, 2020 at 02:59:02PM -0500, John Cowan wrote:
> On the literal approach, field 4 is ISO 8601 (RFC 3336) format, field 5 is
> the URL request line (no quotes needed), and field 6 is the Gemini status
> code unconverted.

We want to be careful about malicious clients sending a request like
'\n<garbage or fake log here>'.  Although that may fail, it would still
show up in the logs and mess them up.  Perhaps the logger should check
if the request line is a proper URL, and if it is not it would encode it
in some way (perhaps just URL-encoding it, because that function may
already be available to the code).

~aravk | ~nothien
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.orbitalfox.eu/archives/gemini/attachments/20201227/e5f1c805/attachment.sig>

Previous message (by thread): [spec] Adapting the HTTP Common Logging Format for use by Gemini servers
Next message (by thread): [spec] Adapting the HTTP Common Logging Format for use by Gemini servers
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gemini mailing list