Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
Bill Henning
@BillHenning
Yeah it feels wrong... should really be 100%.
Eric J. Smith
@ejsmith
But we can't special case it
Blake Niemyjski
@niemyjski
I guess we can ever cash that and we have to query that everything
❤️ Siri
Eric J. Smith
@ejsmith
We can cache it by the time filter I think we would get hits on that because they are going to switch vuews
It would only be for a short time
Blake Niemyjski
@niemyjski
ok
but not sure how that would work
because the time filter: last 7 days
gets translated into a time range that changes all the time
Sander Rijken
@srijken

Think we can use exceptionless to collect these?
https://www.veracode.com/blog/2014/03/guidelines-for-setting-security-headers

https://bugs.webkit.org/show_bug.cgi?id=100892
The report is JSON and is generated using the same facility as for the X-WebKit-CSP-Report-Only header. A sample might be:

    { "xss-report": {
        "request-url": "http://example.com/vulnerable-page?q=<script>alert(/xss/)</script>",
        "request-body": ""
    }}
could be useful for other report endpoints that are specified in headers
Eric J. Smith
@ejsmith
@niemyjski yeah, gotta figure out a way to keep the cache key steady, eh?
@srijken you want to add them to the events?
Blake Niemyjski
@niemyjski
@ejsmith yeah, and I don’t think it’s possible
Matt Oswald
@moswald
I'm going to update my PR this morning - should I just remove the old constructor that I marked as Obsolete?
Eric J. Smith
@ejsmith
@moswald we have been bad about making breaking changes.
My justification is that I am waiting for the library to be more popular before I worry about them too much.
Matt Oswald
@moswald
:+1:
works for me
Eric J. Smith
@ejsmith
might be a dumb justification. :-)
Matt Oswald
@moswald
makes your life simpler
gets things out quicker
Eric J. Smith
@ejsmith
yeah, I’m just trying to make things better and most of the breaking changes have been small things.
I guess if we were following semver then we would still be like 0.4.1
instead of 4.0
didn’t know this until the other day, but apparently if you are under 1.0 then all breaking change rules are off.
Blake Niemyjski
@niemyjski
can we all comment on this: elastic/elasticsearch#17511
Eric J. Smith
@ejsmith
if you want to
it really isn’t that hard to do from our end, but does feel like they should support it
Blake Niemyjski
@niemyjski
yeah I agree
Eric J. Smith
@ejsmith
works pretty good
yeah, they are using that in VSCode already
Mitchell Kutchuk
@Mitch528
Hello. I'm trying to setup Exceptionless self-hosting with URL rewrite, but when I try to sign in I get /api/v2/auth/login 405 (Method Not Allowed).
Sander Rijken
@srijken
@ejsmith yeah, adding to events would be cool. It’s something that’s wrong / exceptional case, and you want to be notified about it, so it could be a fit?
@ejsmith exceptionless/Exceptionless.Net#91
Eric J. Smith
@ejsmith
Awesome!
Blake Niemyjski
@niemyjski
@Mitch528 hey
have you followed the troubleshooting guide in the self hosting wiki?
Please make sure you have .net 4.6.1 instaleld and you are using the elasticsearch.yml file
Mitchell Kutchuk
@Mitch528
@niemyjski Yes, I have .NET 4.6.1, elasticsearch.yml is also there. I used the chocolatey install.
Mitchell Kutchuk
@Mitch528
It does work without the URL rewrite though.
Blake Niemyjski
@niemyjski
Hmm I'd try reinstalling rewrite rules, running all server updates and a reboot
What are your settings in the app.config.js and web.config
Relating to rewrite rules
Eric J. Smith
@ejsmith
Maybe because of redirect to SSL?
I'll try reinstalling rewrite and do updates