Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

ELMAH log how to ignore error by type

Tags:

asp.net

elmah

Hello I have setup ELMAH in my project, but I am getting a lot errors like

System.Web.HttpException: A potentially dangerous Request.Path value was detected from the client (:).

Generated: Sun, 26 May 2013 21:46:30 GMT

System.Web.HttpException (0x80004005): A potentially dangerous Request.Path value was detected from the client (:). at System.Web.HttpRequest.ValidateInputIfRequiredByConfig() at System.Web.HttpApplication.PipelineStepManager.ValidateHelper(HttpContext context)

I would like to ignore them, and don't send to my mail but write in ELMAH DB. Is it possible to do ?

like image 235
Arbejdsglæde Avatar asked May 27 '13 04:05

Arbejdsglæde


2 Answers

Yes, you can do this using error filtering in ELMAH and which is described in detail on the project wiki. In short, the following filter in your web.config should do the job (assuming you have setup the modules configuration sections already):

<errorFilter>
    <test>
        <and>
            <regex binding="FilterSourceType.Name" pattern="mail" />
            <regex binding="Exception.Message" 
               pattern="(?ix: \b potentially \b.+?\b dangerous \b.+?\b value \b.+?\b detected \b.+?\b client \b )" />
        </and>
    </test>
</errorFilter>

The first <regex> condition filters based on the filtering source such that mailing will not occur. Check out the documentation on the wiki for full details.

like image 112
Atif Aziz Avatar answered Oct 17 '22 03:10

Atif Aziz


A solution that doesn't involve regular expressions, simply add this to your Global.asax.cs:

protected void ErrorMail_Filtering(object sender, ExceptionFilterEventArgs e)
{
    if (e.Message == "A potentially dangerous Request.Path value was detected from the client (:).")
        e.Dismiss();
}

// this method may also be useful
protected void ErrorLog_Filtering(object sender, ExceptionFilterEventArgs e)
{
    if (e.Message == "A potentially dangerous Request.Path value was detected from the client (:).")
    {
        // do something
    }
}

Or you can combine the two methods:

void ErrorLog_Filtering(object sender, ExceptionFilterEventArgs args)
{
    Filter(args);
}

void ErrorMail_Filtering(object sender, ExceptionFilterEventArgs args)
{
    Filter(args);
}

void Filter(ExceptionFilterEventArgs args)
{
    if (args.Exception.GetBaseException() is HttpRequestValidationException)
        args.Dismiss();
}
like image 18
Owen Avatar answered Oct 17 '22 04:10

Owen