ELMAH log how to ignore error by type

15

Hello I have setup ELMAH in my project, but I am getting a lot errors like

System.Web.HttpException: A potentially dangerous Request.Path value was detected from the client (:).

Generated: Sun, 26 May 2013 21:46:30 GMT

System.Web.HttpException (0x80004005): A potentially dangerous Request.Path value was detected from the client (:). at System.Web.HttpRequest.ValidateInputIfRequiredByConfig() at System.Web.HttpApplication.PipelineStepManager.ValidateHelper(HttpContext context)

I would like to ignore them, and don't send to my mail but write in ELMAH DB. Is it possible to do ?

asp.net
elmah
asked on Stack Overflow May 27, 2013 by Arbejdsglæde

2 Answers

21

Yes, you can do this using error filtering in ELMAH and which is described in detail on the project wiki. In short, the following filter in your web.config should do the job (assuming you have setup the modules configuration sections already):

<errorFilter>
    <test>
        <and>
            <regex binding="FilterSourceType.Name" pattern="mail" />
            <regex binding="Exception.Message" 
               pattern="(?ix: \b potentially \b.+?\b dangerous \b.+?\b value \b.+?\b detected \b.+?\b client \b )" />
        </and>
    </test>
</errorFilter>

The first <regex> condition filters based on the filtering source such that mailing will not occur. Check out the documentation on the wiki for full details.

answered on Stack Overflow May 27, 2013 by Atif Aziz • edited Mar 18, 2017 by Atif Aziz
16

A solution that doesn't involve regular expressions, simply add this to your Global.asax.cs:

protected void ErrorMail_Filtering(object sender, ExceptionFilterEventArgs e)
{
    if (e.Message == "A potentially dangerous Request.Path value was detected from the client (:).")
        e.Dismiss();
}

// this method may also be useful
protected void ErrorLog_Filtering(object sender, ExceptionFilterEventArgs e)
{
    if (e.Message == "A potentially dangerous Request.Path value was detected from the client (:).")
    {
        // do something
    }
}

Or you can combine the two methods:

void ErrorLog_Filtering(object sender, ExceptionFilterEventArgs args)
{
    Filter(args);
}

void ErrorMail_Filtering(object sender, ExceptionFilterEventArgs args)
{
    Filter(args);
}

void Filter(ExceptionFilterEventArgs args)
{
    if (args.Exception.GetBaseException() is HttpRequestValidationException)
        args.Dismiss();
}
answered on Stack Overflow Mar 14, 2014 by Owen • edited Sep 1, 2017 by Owen

User contributions licensed under CC BY-SA 3.0