Menu
For fairly obvious reasons, I would like to identify the best way to remove the Auth_Password from being captured by ELMAH. What is the best way to go about doing so?
325
To view the full details of a logged exception, navigate one more time to http://www.yoursite.com/elmah.axd. The following error log appears. It has default and detailed views.
ELMAH is basically a NuGet package for . NET web applications, logging every exception occurring on one or more websites to some storage of your choosing. Unlike other logging frameworks ELMAH will, when configured in its most simple form, log every exception automatically.
ELMAH is a free, open source error logging library that includes features like error filtering and the ability to view the error log from a web page, as an RSS feed, or to download it as a comma-delimited file.
Since ELMAH is open source, I modified the Error.CS file like so. Inside of the Error cunstructor of Error.CS (about line 126), I added this:
_serverVariables.Remove(AUTH_PASSWORD);
//AUTH_PASSWORD = const string = "AUTH_PASSWORD" AND SET ELSEWHERE
I've managed to do this without modifying the ELMAH source: http://www.kipusoep.nl/2012/01/06/umbraco-elmah-with-sql-ce-4-0-and-authentication-part-2/
20
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
