Skip to content

Add input validation to support dynamic changes to gorouter log level #73

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Add input validation to support dynamic changes to gorouter log level #73

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
b64ccc0
add input validation to support to support gorouter log level changes…
navinms711 Jun 20, 2025
f20ee4a
add uppercase log levels
navinms711 Jun 20, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
50 changes: 45 additions & 5 deletions server.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package debugserver

import (
"errors"
"flag"
"io"
"net/http"
Expand Down Expand Up @@ -42,6 +43,24 @@ func DebugAddress(flags *flag.FlagSet) string {
return dbgFlag.Value.String()
}

func validateloglevelrequest(w http.ResponseWriter, r *http.Request, level []byte) error {
// Only POST method is allowed for setting log level.
if r.Method != http.MethodPost {
return errors.New("method not allowed, use POST")
}

// Only http is allowed for setting log level.
if r.TLS != nil {
return errors.New("invalid scheme, https is not allowed")
}

// Ensure the log level is not empty.
if len(level) == 0 {
return errors.New("log level cannot be empty")
}
return nil
}

func Runner(address string, sink ReconfigurableSinkInterface) ifrit.Runner {
return http_server.New(address, Handler(sink))
}
Expand All @@ -64,21 +83,42 @@ func Handler(sink ReconfigurableSinkInterface) http.Handler {
mux.Handle("/debug/pprof/profile", http.HandlerFunc(pprof.Profile))
mux.Handle("/debug/pprof/symbol", http.HandlerFunc(pprof.Symbol))
mux.Handle("/log-level", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// Read the log level from the request body.
level, err := io.ReadAll(r.Body)
if err != nil {
http.Error(w, "Failed to read body", http.StatusBadRequest)
return
}

// Validate the log level request.
if err = validateloglevelrequest(w, r, level); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
// Set the logLevel based on the input.
// Accepts: debug, info, error, fatal, or their short forms (d, i, e, f) or numeric values.
// If the input is not recognized, return a 400 Bad Request.
var logLevel lager.LogLevel
switch string(level) {
case "debug", "DEBUG", "d", strconv.Itoa(int(lager.DEBUG)):
sink.SetMinLevel(lager.DEBUG)
logLevel = lager.DEBUG
case "info", "INFO", "i", strconv.Itoa(int(lager.INFO)):
sink.SetMinLevel(lager.INFO)
logLevel = lager.INFO
case "error", "ERROR", "e", strconv.Itoa(int(lager.ERROR)):
sink.SetMinLevel(lager.ERROR)
logLevel = lager.ERROR
case "fatal", "FATAL", "f", strconv.Itoa(int(lager.FATAL)):
sink.SetMinLevel(lager.FATAL)
logLevel = lager.FATAL
default:
http.Error(w, "Invalid log level provided: "+string(level), http.StatusBadRequest)
return
}
// Set the log level in the sink.
// The SetMinLevel sets the global zapcore conf.level for the logger.
sink.SetMinLevel(logLevel)

// Respond with a success message.
w.WriteHeader(http.StatusOK)
w.Header().Set("Content-Type", "text/plain")
w.Write([]byte("✅ /log-level was invoked with Level: " + string(level) + "\n"))
}))
mux.Handle("/block-profile-rate", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
_rate, err := io.ReadAll(r.Body)
Expand Down