Report configuration for Request.Form.ToString() in elmah emails

[GoogleCodeExporter]

What new or enhanced feature are you proposing?
An elmah configuration block that tells elmah whether to report 
request.form.tostring() in the email.  The configuration block could go 
one further (to reduce log-bloatedness) by accepting particular keys in 
the request.form collection to report on.

e.g.

    <elmah>
      <security allowRemoteAccess="1" />
      <errorLog type="Elmah.XmlFileErrorLog, Elmah" logPath="~/" />
      <errorMail
         from="elmah-application-error@abc.com"
         to="your.email@abc.com"
         smtpServer="smtp.abc.com" />
      <forms report="true|false" keyLevel="all/config">
         <!-- if level=config -->
         <keys>
            <key="firstName" />   <!-- a form element named firstName -->
            <key="contactUs*" />  <!-- any starting with contactUs -->
         </keys>
      </forms>
   </elmah>

What goal would this enhancement help you achieve?
The ability to use elamh logs only to replicate an exception where elamh 
is used on a website that contains form-posts.

Original issue reported on code.google.com by martin.h...@thomsonlocal.com on 29 Jun 2009 at 7:48

[GoogleCodeExporter]

This elmah extension I wrote some time ago includes all form data as a SAZ 
attachment: http://bugsquash.blogspot.com/2010/03/fiddler-output-for-elmah.html

Original comment by mauricio...@gmail.com on 31 Oct 2010 at 7:10

[GoogleCodeExporter]

I have written something to do exactly this, plus a little more, trying to be 
flexible. My test cases so far are working fine, but I'm trying to harden the 
code a little more for edge cases and add internal error handling. It currently 
uses a config that looks like this:

    <serverVariables log="all" report="all">
        <field keyExact="AUTH_PASSWORD" valueRegex=".+" valueReplace="**REMOVED FOR SECURITY**" />
    </serverVariables>
    <form log="all" report="all">
        <field keyRegex="^__VIEWSTATE\d*$" report="false" />
        <field valueRegex="^(\d\W*){15,16}$" valueReplace="**POTENTIAL CREDIT CARD NUMBER REMOVED**" />
    </form>
    <cookies log="all" report="none">
        <field keyRegex="^glimpse" report="true" />
        <field keyRegex="^__utm" log="false" />
    </cookies>
    <queryString log="all" report="all" />

I would like to contribute this upstream, but I'm a little fuzzy as to how. I'm 
a corporate programmer and am new to open source contribution.

Nearly all the code is in a single new 250 line class, plus a few places in 
existing files to call it, so I'm hoping code integration impact will be 
minimal. The only thing it does is filter the NameValueCollections before 
logging/displaying, but existing project structure may dictate that it needs to 
be in multiple pieces and/or be renamed.

Being that all logged and reported fields filter through this, it definitely 
has the potential to break and affect many people, so it would need a lot of 
testing before being included in a release.

Original comment by Lor...@gmail.com on 5 Jul 2011 at 3:48

[GoogleCodeExporter]

While not polished, it is functional enough for me right now. I have to get 
back to that day job. If a committer is interesting in getting this in the 
trunk, I'll devote more time to finishing it off. Otherwise, it'll probably be 
a few weeks/months before I get back to it.

In the meantime, if anyone else is interested in the functionality, I've 
attached a patch of my work based on the latest version of source in SVN as of 
this morning. 

Original comment by Lor...@gmail.com on 6 Jul 2011 at 2:34

Attachments:

• FieldFilter.patch