在App :: abort之后抑制Laravel日志中的堆栈跟踪转储(403)

时间:2014-06-12 15:32:32

标签: php laravel-4 stack-trace abort

我正在为Laravel 4.1应用程序设置自定义Acl。

我的Routes.php文件应用了之前的过滤器:

// Global authenticator
Route::filter('auth.vle', function()
{
    return (new vleAuth)->authenticate();
});
// Authenticate all requests, except those to /login, /logout and /forgottenpassword
Route::whenRegex('/^(?!login|logout)(.*)$/', 'auth.vle');

和我的vleAuth authenticate()方法:

public function authenticate()
{
    $this->acl = new vleAclService();
    $endpoint = Route::current()->getAction()['controller'];
    if (!$this->acl->validateEndpoint($endpoint)) {
        Log::info('Routing', array( Route::current()->getUri(), $endpoint));
        App::abort(403, 'Unauthorized action.');
    }
}

当我访问我有权访问的端点时,没有问题;当我访问一个我没有权限访问的端点时,我收到一条Forbidden - We're really sorry but you don't have the necessary permissions to access this page.消息,因此就“前端”而言,身份验证工作正常,并且路由信息在日志说明了这一点。

但是,每当我尝试访问我未经过身份验证的端点时,我也会在Laravel日志中获取堆栈跟踪

[2014-06-12 15:00:16] production.INFO: ROUTE VALIDATION ["View_Reviews_ReviewsController@getIndex",false] []
[2014-06-12 15:00:16] production.ERROR: exception 'Symfony\Component\HttpKernel\Exception\HttpException' with message 'Unauthorized action.' in /home/vagrant/vleAppV2/vendor/laravel/framework/src/Illuminate/Foundation/Application.php:875
Stack trace:
#0 /home/vagrant/vleAppV2/vendor/laravel/framework/src/Illuminate/Support/Facades/Facade.php(211): Illuminate\Foundation\Application->abort(403, 'Unauthorized ac...')
#1 /srv/api/laravel/app/controllers/vleAuth.php(104): Illuminate\Support\Facades\Facade::__callStatic('abort', Array)
#2 /srv/api/laravel/app/controllers/vleAuth.php(104): Illuminate\Support\Facades\App::abort(403, 'Unauthorized ac...')
#3 /srv/api/laravel/app/routes.php(20): vleAuth->authenticate()
#4 [internal function]: {closure}(Object(Illuminate\Routing\Route), Object(Illuminate\Http\Request))
#5 /home/vagrant/vleAppV2/vendor/laravel/framework/src/Illuminate/Events/Dispatcher.php(199): call_user_func_array(Object(Closure), Array)
#6 /home/vagrant/vleAppV2/vendor/laravel/framework/src/Illuminate/Events/Dispatcher.php(154): Illuminate\Events\Dispatcher->fire('router.filter: ...', Array, true)
#7 /home/vagrant/vleAppV2/vendor/laravel/framework/src/Illuminate/Routing/Router.php(1399): Illuminate\Events\Dispatcher->until('router.filter: ...', Array)
#8 /home/vagrant/vleAppV2/vendor/laravel/framework/src/Illuminate/Routing/Router.php(1262): Illuminate\Routing\Router->callRouteFilter('auth.vle', Array, Object(Illuminate\Routing\Route), Object(Illuminate\Http\Request))
#9 /home/vagrant/vleAppV2/vendor/laravel/framework/src/Illuminate/Routing/Router.php(1246): Illuminate\Routing\Router->callPatternFilters(Object(Illuminate\Routing\Route), Object(Illuminate\Http\Request))
#10 /home/vagrant/vleAppV2/vendor/laravel/framework/src/Illuminate/Routing/Router.php(996): Illuminate\Routing\Router->callRouteBefore(Object(Illuminate\Routing\Route), Object(Illuminate\Http\Request))
#11 /home/vagrant/vleAppV2/vendor/laravel/framework/src/Illuminate/Routing/Router.php(968): Illuminate\Routing\Router->dispatchToRoute(Object(Illuminate\Http\Request))
#12 /home/vagrant/vleAppV2/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(738): Illuminate\Routing\Router->dispatch(Object(Illuminate\Http\Request))
#13 /home/vagrant/vleAppV2/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(708): Illuminate\Foundation\Application->dispatch(Object(Illuminate\Http\Request))
#14 /home/vagrant/vleAppV2/vendor/laravel/framework/src/Illuminate/Http/FrameGuard.php(38): Illuminate\Foundation\Application->handle(Object(Illuminate\Http\Request), 1, true)
#15 /home/vagrant/vleAppV2/vendor/laravel/framework/src/Illuminate/Session/Middleware.php(72): Illuminate\Http\FrameGuard->handle(Object(Illuminate\Http\Request), 1, true)
#16 /home/vagrant/vleAppV2/vendor/laravel/framework/src/Illuminate/Cookie/Queue.php(47): Illuminate\Session\Middleware->handle(Object(Illuminate\Http\Request), 1, true)
#17 /home/vagrant/vleAppV2/vendor/laravel/framework/src/Illuminate/Cookie/Guard.php(51): Illuminate\Cookie\Queue->handle(Object(Illuminate\Http\Request), 1, true)
#18 /home/vagrant/vleAppV2/vendor/stack/builder/src/Stack/StackedHttpKernel.php(23): Illuminate\Cookie\Guard->handle(Object(Illuminate\Http\Request), 1, true)
#19 /home/vagrant/vleAppV2/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(606): Stack\StackedHttpKernel->handle(Object(Illuminate\Http\Request))
#20 /home/vagrant/vleAppV2/public/index.php(49): Illuminate\Foundation\Application->run()
#21 {main} [] []

我试图压制这个,因为我不希望日志填满堆栈跟踪;我记录的日志信息就是我在日志中实际需要的所有信息。

我试过在app / global.php中注册一个新的错误处理函数来抑制它:

App::error(function(Exception $exception, $code)
{
    // Don't log 403s
    if ($exception instanceof Symfony\Component\HttpKernel\Exception\HttpException) {
        return;
    }

    Log::error($exception);
});

但这似乎没有任何影响。

我还尝试将App:abort()中的vleAuth.authenticate()包裹在try/catch块中,但是在此捕获之前似乎已经处理了异常,所以它也没有帮助

我重新运行composer dump-autoload以重建所有适当的自动加载,并重新启动服务器,以防万一旧脚本在OpCache中提供帮助。

有人可以告诉我应该如何抑制这种堆栈跟踪吗?

1 个答案:

答案 0 :(得分:1)

解决方案是从自定义错误处理函数返回响应,而不是返回空值

App::error(function(Exception $exception, $code)
{
    // Don't log 403s
    if ($exception instanceof Symfony\Component\HttpKernel\Exception\HttpException) {
        return Response::view('errors.403', array(), 403);
    }

    Log::error($exception);
});

这仍然可以正确显示403页面,但会覆盖调用生成堆栈跟踪的默认错误处理程序

相关问题
最新问题