[metrics-bugs] #23243 [Metrics/Metrics website]: write a spec for web-server-access log descriptors

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Sep 7 13:50:24 UTC 2017 

#23243: write a spec for web-server-access log descriptors
-------------------------------------+------------------------------
 Reporter:  iwakeh                   |          Owner:  metrics-team
     Type:  enhancement              |         Status:  needs_review
 Priority:  Medium                   |      Milestone:
Component:  Metrics/Metrics website  |        Version:
 Severity:  Normal                   |     Resolution:
 Keywords:                           |  Actual Points:
Parent ID:                           |         Points:
 Reviewer:                           |        Sponsor:
-------------------------------------+------------------------------

Comment (by iwakeh):

 Replying to [comment:22 karsten]:
 > ...
 > > > > Similarly, only lines for 400 and 404 response codes are
 discarded.  Any bogus response code will be kept.
 > > >
 > > > Right, but I think 400 and 404 were the most problematic ones when
 we came up with the original plan for sanitizing these logs. Do you have
 any others in mind that we'd have to sanitize? If not, I'd say let's stick
 with 400 and 404 for now.
 > >
 > > No, the other way around.  As said above invalid (=bogus) response
 codes will be kept.  A better way to phrase this: we don't check, if a
 response code is a valid one and only sift out the valid 400 & 404.
 >
 > I'm not sure where this is going. Do you think we should check if status
 code is one that is currently defined by the HTTP protocol and only accept
 the ones that are, except for 400 and 404?

 That's the question.  Intuitively, I would not check for validity.  After
 all the server sets the status code and that should not really be privacy
 jeopardizing, supposing that the faulty codes simply happen by error not
 by hack.

 >
 > > > So, should I move forward with turning draft number five, numbered
 4, into XML?
 > >
 > > Yes :-)
 >
 > Will do as soon as the two open questions are resolved.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23243#comment:24>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the metrics-bugs mailing list