Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Silently fails to log redirected post request by Safari if npm module 'connect-pg-simple' is used with 'express-session' #264

Open
ladekjaer opened this issue Dec 12, 2022 · 3 comments
Open

Silently fails to log redirected post request by Safari if npm module 'connect-pg-simple' is used with 'express-session' #264

ladekjaer opened this issue Dec 12, 2022 · 3 comments

Comments

@ladekjaer
Copy link

If pino-http is used in an express app that uses npm modules express-session and connect-pg-simple to handle sessions, pino-http fails to log redirected HTTP request made from the Safari web browser. The problem does not occur then using Chrome or curl.

I have produced the following minimal example, that reproduces the problem stated above. Removing the store object from the session configuration, and thereby remove the usage of connect-pg-simple, does solve the problem of missing log entities.

No error message what so ever is given.

import { default as express } from 'express'
import { default as pinoHttp } from 'pino-http'
import { default as session } from 'express-session';
import { default as sessionStore } from 'connect-pg-simple';

import { default as pg } from 'pg';
const Pool = pg.Pool
const pool = new Pool()

const reqLogger = pinoHttp({
	level: 'info',
	enabled: true,
})

const app = express()

app.use(session({
	secret: 'secret',
	name: 'sessionId',
	resave: false,
	rolling: true,
	saveUninitialized: true,
	store: new (sessionStore(session))({
		pool: pool
	}),
	cookie: {
		secure: 'auto',
		maxAge: 30 * 24 * 60 * 60 * 1000
	}
}))

app.use(reqLogger)

app.get('/', (req, res, next) => {
	const html = `
		<form method="POST" action="/">
			<div>
				<label for="floatingInput">Username</label>
				<input name="username" type="text" id="floatingInput">
			</div>
			<div>
				<label for="floatingPassword">Password</label>
				<input name="password" type="password" id="floatingPassword">
			</div>

			<button type="submit">Log in</button>
		</form>`
	res.send(html)
})

app.post('/', (req, res, next) => {
	res.redirect('/')
})

app.listen(8081, () => {
	console.log('Server running')
})
@mcollina
Copy link
Member

I'm not that familiar with express-session, but I guess your problem is that you do not register the middleware as first thing:

const app = express()

app.use(reqLogger)

app.use(session({
	secret: 'secret',
	name: 'sessionId',
	resave: false,
	rolling: true,
	saveUninitialized: true,
	store: new (sessionStore(session))({
		pool: pool
	}),
	cookie: {
		secure: 'auto',
		maxAge: 30 * 24 * 60 * 60 * 1000
	}
}))

@ladekjaer
Copy link
Author

It makes no differens, pino-http still fails to log post request to / if Safari is the requester. If the same request is make with curl or Chrome, the request is being logged.

@mcollina
Copy link
Member

Unfortunately I have no time to debug this. I would be ok to review a PR with a fix if you understand what the problem is.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mcollina @ladekjaer