pattern to match complete word in Filebeat multi line pattern - filebeat

I am using Filebeat multiline pattern in filebeat.yml that is taking its input from a single file as follows:
2016-10-06 14:36:00.419 DEBUG 29695 --- [XNIO-2 task-2] c.a.a.s.endpoint.endone.server : requestStartIdentifier: Identifier
2016-10-06 14:36:00.419 DEBUG 29695 --- [XNIO-2 task-2] c.a.a.s.endpoint.endone.server : requestUri:
2016-10-06 14:36:00.420 DEBUG 29695 --- [XNIO-2 task-2] c.a.a.s.endpoint.endone.server : HttpServletRequest:
ContentType: text/xml; charset=utf-8
ContextPath:
LocalAddr:
LocalName:
PathInfo:
PathTranslated:
QueryString:
RequestURI:
RequestURL:
RemoteHost:
ServletPath:
Header: Host:
Header: Content-Length:
Header: Accept-Encoding:
Header: SOAPAction: ""
Header: User-Agent: Apache-HttpClient/4.2.1
Header: Content-Type: text/xml; charset=utf-8
Header: Connection: Keep-Alive
Header: Accept: text/xml
2016-10-06 14:36:00.420 DEBUG 29695 --- [XNIO-2 task-2] c.a.a.s.endpoint.endone.server : uri: , request:
<env:Envelope></env:Envelope>
2016-10-06 14:36:00.419 DEBUG 29695 --- [XNIO-2 task-2] c.a.a.s.endpoint.endone.server : requestStartIdentifier: Identifier
2016-10-06 14:36:00.419 DEBUG 29695 --- [XNIO-2 task-2] c.a.a.s.endpoint.endone.server : requestUri:
2016-10-06 14:36:00.420 DEBUG 29695 --- [XNIO-2 task-2] c.a.a.s.endpoint.endone.server : HttpServletRequest:
ContentType: text/xml; charset=utf-8
ContextPath:
LocalAddr:
LocalName:
PathInfo:
PathTranslated:
QueryString:
RequestURI:
RequestURL:
RemoteHost:
ServletPath:
Header: Host:
Header: Content-Length:
Header: Accept-Encoding:
Header: SOAPAction: ""
Header: User-Agent: Apache-HttpClient/4.2.1
Header: Content-Type: text/xml; charset=utf-8
Header: Connection: Keep-Alive
Header: Accept: text/xml
2016-10-06 14:36:00.420 DEBUG 29695 --- [XNIO-2 task-2] c.a.a.s.endpoint.endone.server : uri: , request:
<env:Envelope></env:Envelope>
filebeat.yml
multiline:
pattern: Identifier
negate: true
match: after
I use the above config to match 'Identifier' in the line .
Output should be as desired
event -1 :
2016-10-06 14:36:00.419 DEBUG 29695 --- [XNIO-2 task-2] c.a.a.s.endpoint.endone.server : requestStartIdentifier: Identifier
2016-10-06 14:36:00.419 DEBUG 29695 --- [XNIO-2 task-2] c.a.a.s.endpoint.endone.server : requestUri:
2016-10-06 14:36:00.420 DEBUG 29695 --- [XNIO-2 task-2] c.a.a.s.endpoint.endone.server : HttpServletRequest:
ContentType: text/xml; charset=utf-8
ContextPath:
LocalAddr:
LocalName:
PathInfo:
PathTranslated:
QueryString:
RequestURI:
RequestURL:
RemoteHost:
ServletPath:
Header: Host:
Header: Content-Length:
Header: Accept-Encoding:
Header: SOAPAction: ""
Header: User-Agent: Apache-HttpClient/4.2.1
Header: Content-Type: text/xml; charset=utf-8
Header: Connection: Keep-Alive
Header: Accept: text/xml
2016-10-06 14:36:00.420 DEBUG 29695 --- [XNIO-2 task-2] c.a.a.s.endpoint.endone.server : uri: , request:
<env:Envelope></env:Envelope>
event -2 :
2016-10-06 14:36:00.419 DEBUG 29695 --- [XNIO-2 task-2] c.a.a.s.endpoint.endone.server : requestStartIdentifier: Identifier
2016-10-06 14:36:00.419 DEBUG 29695 --- [XNIO-2 task-2] c.a.a.s.endpoint.endone.server : requestUri:
2016-10-06 14:36:00.420 DEBUG 29695 --- [XNIO-2 task-2] c.a.a.s.endpoint.endone.server : HttpServletRequest:
ContentType: text/xml; charset=utf-8
ContextPath:
LocalAddr:
LocalName:
PathInfo:
PathTranslated:
QueryString:
RequestURI:
RequestURL:
RemoteHost:
ServletPath:
Header: Host:
Header: Content-Length:
Header: Accept-Encoding:
Header: SOAPAction: ""
Header: User-Agent: Apache-HttpClient/4.2.1
Header: Content-Type: text/xml; charset=utf-8
Header: Connection: Keep-Alive
Header: Accept: text/xml
2016-10-06 14:36:00.420 DEBUG 29695 --- [XNIO-2 task-2] c.a.a.s.endpoint.endone.server : uri: , request:
<env:Envelope></env:Envelope>

Based on your sample input, it looks like we can use the lines containing requestStartIdentifier: Identifier to signal the start of a new event. I used https://play.golang.org/p/BZ2ujeOZZ- to test the different multiline parameters.
Filebeat config:
filebeat:
prospectors:
- input_type: log
paths:
- input.txt
multiline:
pattern: 'requestStartIdentifier: Identifier$'
negate: true
match: after
output:
console:
pretty: true
Filebeat output (with newlines expanded):
{
"#timestamp": "2016-10-06T21:51:27.244Z",
"beat": {
"hostname": "host",
"name": "host"
},
"input_type": "log",
"message": "2016-10-06 14:36:00.419 DEBUG 29695 --- [XNIO-2 task-2] c.a.a.s.endpoint.endone.server : requestStartIdentifier: Identifier
2016-10-06 14:36:00.419 DEBUG 29695 --- [XNIO-2 task-2] c.a.a.s.endpoint.endone.server : requestUri:
2016-10-06 14:36:00.420 DEBUG 29695 --- [XNIO-2 task-2] c.a.a.s.endpoint.endone.server : HttpServletRequest:
ContentType: text/xml; charset=utf-8
ContextPath:
LocalAddr:
LocalName:
PathInfo:
PathTranslated:
QueryString:
RequestURI:
RequestURL:
RemoteHost:
ServletPath:
Header: Host:
Header: Content-Length:
Header: Accept-Encoding:
Header: SOAPAction: \"\"
Header: User-Agent: Apache-HttpClient/4.2.1
Header: Content-Type: text/xml; charset=utf-8
Header: Connection: Keep-Alive
Header: Accept: text/xml
2016-10-06 14:36:00.420 DEBUG 29695 --- [XNIO-2 task-2] c.a.a.s.endpoint.endone.server : uri: , request:
\u003cenv:Envelope\u003e\u003c/env:Envelope\u003e
",
"offset": 962,
"source": "input.txt",
"type": "log"
}
{
"#timestamp": "2016-10-06T21:51:27.244Z",
"beat": {
"hostname": "host",
"name": "host"
},
"input_type": "log",
"message": "2016-10-06 14:36:00.419 DEBUG 29695 --- [XNIO-2 task-2] c.a.a.s.endpoint.endone.server : requestStartIdentifier: Identifier
2016-10-06 14:36:00.419 DEBUG 29695 --- [XNIO-2 task-2] c.a.a.s.endpoint.endone.server : requestUri:
2016-10-06 14:36:00.420 DEBUG 29695 --- [XNIO-2 task-2] c.a.a.s.endpoint.endone.server : HttpServletRequest:
ContentType: text/xml; charset=utf-8
ContextPath:
LocalAddr:
LocalName:
PathInfo:
PathTranslated:
QueryString:
RequestURI:
RequestURL:
RemoteHost:
ServletPath:
Header: Host:
Header: Content-Length:
Header: Accept-Encoding:
Header: SOAPAction: \"\"
Header: User-Agent: Apache-HttpClient/4.2.1
Header: Content-Type: text/xml; charset=utf-8
Header: Connection: Keep-Alive
Header: Accept: text/xml
2016-10-06 14:36:00.420 DEBUG 29695 --- [XNIO-2 task-2] c.a.a.s.endpoint.endone.server : uri: , request:
\u003cenv:Envelope\u003e\u003c/env:Envelope\u003e",
"offset": 1923,
"source": "input.txt",
"type": "log"
}

Related

Using esi includes in Nuxt 2

My goal: Glue Nuxt 3 rendered code inside my old application that is written in Nuxt 2. The glue will be Varnish and using the <esi:includes
My problem:
I have .vue file
<template>
<div>
<esi:include src="/from/nuxt-3-app" method="GET" />
</div>
</template>
It does work for a few seconds and *poof, disappears!
The errors I got:
1. Mismatching childNodes vs. VNodes: NodeList(15) [text, meta, text, meta, link, link, link, link, link, text, div#__nuxt, script, script, script, text] (3) [VNode, VNode, VNode...
2. [Vue warn]: The client-side rendered virtual DOM tree is not matching server-rendered content. This is likely caused by incorrect HTML markup, for example nesting block-level elements inside <p>, or missing <tbody>. Bailing hydration and performing full client-side render.
3. [Vue warn]: Unknown custom element: .... <- resolved by adding `v-pre` in <esi:include ... v-pre />
Note: They appear in order ^
What I've done:
Use v-pre
ignoredElements? -> I'm trying to declare it like these:
nuxt.config.js
...
Vue: {
config: {
ignoredElements: ["esi:include"]
}
}
^ but doesn't seem to work
Wrapping <esi:include ... /> with <client-only> ... </client-only> ("nuxt": "^2.15.8")
^ Side effect, it doesn't display or render what's inside my <esi:include
What I'm about to try:
surrogate-control headers - Reference but seems not what I need since I already declared do_esi=true by default. Here's my VCL if you want to see it:
backend test {
.host = "host.docker.internal";
.port = "3101";
}
sub vcl_backend_response {
set beresp.ttl = 1s;
set beresp.do_esi = true;
}
sub vcl_recv {
unset req.http.cookie;
if (req.url ~ "^/from/nuxt-3-app") {
set req.backend_hint = test;
return (hash);
}
}
What I just want: Render what's inside the <esi:includes ... /> without nuxt removing it
UPDATE:
By running $ docker exec -ti varnish-1 varnishlog -g request -q "ReqUrl eq '/from/nuxt-3-app'", it outputs:
* << Request >> 32802
- Begin req 32801 rxreq
- Timestamp Start: 1675160337.497249 0.000000 0.000000
- Timestamp Req: 1675160337.497249 0.000000 0.000000
- VCL_use boot
- ReqStart 172.19.0.1 51890 a0
- ReqMethod GET
- ReqURL /core/journals/animal-conservation-forum/article/abs/reproductive-seasonality-in-the-female-scimitarhorned-oryx-oryx-dammah/D040F6E602CB05C1AF5637F78D131964
- ReqProtocol HTTP/1.1
- ReqHeader Host: localhost
- ReqHeader Connection: keep-alive
- ReqHeader sec-ch-ua: "Not_A Brand";v="99", "Google Chrome";v="109", "Chromium";v="109"
- ReqHeader sec-ch-ua-mobile: ?0
- ReqHeader sec-ch-ua-platform: "Windows"
- ReqHeader Upgrade-Insecure-Requests: 1
- ReqHeader User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36
- ReqHeader Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
- ReqHeader Sec-Fetch-Site: same-origin
- ReqHeader Sec-Fetch-Mode: navigate
- ReqHeader Sec-Fetch-User: ?1
- ReqHeader Sec-Fetch-Dest: document
- ReqHeader Accept-Encoding: gzip, deflate, br
- ReqHeader Accept-Language: en,en-US;q=0.9
- ReqHeader Cookie: _ga=GA1.1.139642328.1641268029; ki_r=; ki_t=1641268031778%3B1642563665396%3B1642573565476%3B8%3B218; _ce.s=v~2d93a7cfee1083f149b58dffa418e2cef523c4bf~vpv~1; CORE_CITATION_STYLE=%7B%22key%22%3A%22american-sociological-association%22%2C%22name%22%3
- ReqHeader X-Forwarded-For: 172.19.0.1
- VCL_call RECV
- ReqUnset Cookie: _ga=GA1.1.139642328.1641268029; ki_r=; ki_t=1641268031778%3B1642563665396%3B1642573565476%3B8%3B218; _ce.s=v~2d93a7cfee1083f149b58dffa418e2cef523c4bf~vpv~1; CORE_CITATION_STYLE=%7B%22key%22%3A%22american-sociological-association%22%2C%22name%22%3
- ReqUnset Host: localhost
- ReqHeader host: localhost
- VCL_return hash
- ReqUnset Accept-Encoding: gzip, deflate, br
- ReqHeader Accept-Encoding: gzip
- VCL_call HASH
- VCL_return lookup
- VCL_call MISS
- VCL_return fetch
- Link bereq 32803 fetch
- Timestamp Fetch: 1675160342.181087 4.683837 4.683837
- RespProtocol HTTP/1.1
- RespStatus 200
- RespReason OK
- RespHeader X-XSS-Protection: 1; mode=block
- RespHeader X-Frame-Options: SAMEORIGIN
- RespHeader Strict-Transport-Security: max-age=15552000; includeSubDomains
- RespHeader X-Download-Options: noopen
- RespHeader X-Content-Type-Options: nosniff
- RespHeader X-DNS-Prefetch-Control: off
- RespHeader Referrer-Policy: no-referrer-when-downgrade
- RespHeader Set-Cookie: aca-session=Fe26.2**d52e49ae7b3ccdc36556aa7b4c20048874f846e82468af606077f7c4b71be6eb*4tmkdQPlCdtF-2VkBbRhZA*rbBfz1w3lOXBVZzjzKAQNgWwFGtwaIidurV_nphqr7q_5OBFzOF1xNZxCF4jH100QXsGCOKP6zIoptRAR78rsfQQ8ZADhKmT5nV3Vof27Bc**6c81e4ccddf057d0ebda53bb4
- RespHeader Set-Cookie: session=s%3ANj4GDJ0TCKHeZ-xW6EMtPyQVkLS5NUNj.0k1Rej%2B8hMWdaaqM81CPLlt4gltmwKCJw8e%2BLKDuag0; Path=/; HttpOnly
- RespHeader Cache-Control: no-cache, no-store, must-revalidate
- RespHeader Expires: 0
- RespHeader Pragma: no-cache
- RespHeader Content-Type: text/html; charset=utf-8
- RespHeader Content-Length: 121908
- RespHeader ETag: W/"1dc34-cVsnSJj8RA0tTuog9jjKA9De5g8"
- RespHeader Date: Tue, 31 Jan 2023 10:19:02 GMT
- RespHeader X-Varnish: 32802
- RespHeader Age: 0
- RespHeader Via: 1.1 varnish (Varnish/6.3)
- VCL_call DELIVER
- VCL_return deliver
- Timestamp Process: 1675160342.181402 4.684152 0.000314
- Filters esi
- RespHeader Accept-Ranges: bytes
- RespUnset Content-Length: 121908
- RespHeader Connection: keep-alive
- RespHeader Transfer-Encoding: chunked
- Link req 32804 esi
- Timestamp Resp: 1675160350.339610 12.842360 8.158208
- ReqAcct 1686 0 1686 1111 403318 404429
- End
** << BeReq >> 32803
-- Begin bereq 32802 fetch
-- VCL_use boot
-- Timestamp Start: 1675160337.499660 0.000000 0.000000
-- BereqMethod GET
-- BereqURL /core/journals/animal-conservation-forum/article/abs/reproductive-seasonality-in-the-female-scimitarhorned-oryx-oryx-dammah/D040F6E602CB05C1AF5637F78D131964
-- BereqProtocol HTTP/1.1
-- BereqHeader sec-ch-ua: "Not_A Brand";v="99", "Google Chrome";v="109", "Chromium";v="109"
-- BereqHeader sec-ch-ua-mobile: ?0
-- BereqHeader sec-ch-ua-platform: "Windows"
-- BereqHeader Upgrade-Insecure-Requests: 1
-- BereqHeader User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36
-- BereqHeader Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
-- BereqHeader Sec-Fetch-Site: same-origin
-- BereqHeader Sec-Fetch-Mode: navigate
-- BereqHeader Sec-Fetch-User: ?1
-- BereqHeader Sec-Fetch-Dest: document
-- BereqHeader Accept-Language: en,en-US;q=0.9
-- BereqHeader X-Forwarded-For: 172.19.0.1
-- BereqHeader host: localhost
-- BereqHeader Accept-Encoding: gzip
-- BereqHeader X-Varnish: 32803
-- VCL_call BACKEND_FETCH
-- VCL_return fetch
-- BackendOpen 26 core 192.168.65.2 3000 172.19.0.2 52386
-- Timestamp Bereq: 1675160337.513789 0.014128 0.014128
-- Timestamp Beresp: 1675160342.138510 4.638849 4.624720
-- BerespProtocol HTTP/1.1
-- BerespStatus 200
-- BerespReason OK
-- BerespHeader X-XSS-Protection: 1; mode=block
-- BerespHeader X-Frame-Options: SAMEORIGIN
-- BerespHeader Strict-Transport-Security: max-age=15552000; includeSubDomains
-- BerespHeader X-Download-Options: noopen
-- BerespHeader X-Content-Type-Options: nosniff
-- BerespHeader X-DNS-Prefetch-Control: off
-- BerespHeader Referrer-Policy: no-referrer-when-downgrade
-- BerespHeader Set-Cookie: aca-session=Fe26.2**d52e49ae7b3ccdc36556aa7b4c20048874f846e82468af606077f7c4b71be6eb*4tmkdQPlCdtF-2VkBbRhZA*rbBfz1w3lOXBVZzjzKAQNgWwFGtwaIidurV_nphqr7q_5OBFzOF1xNZxCF4jH100QXsGCOKP6zIoptRAR78rsfQQ8ZADhKmT5nV3Vof27Bc**6c81e4ccddf057d0ebda53bb4
-- BerespHeader Set-Cookie: session=s%3ANj4GDJ0TCKHeZ-xW6EMtPyQVkLS5NUNj.0k1Rej%2B8hMWdaaqM81CPLlt4gltmwKCJw8e%2BLKDuag0; Path=/; HttpOnly
-- BerespHeader Cache-Control: no-cache, no-store, must-revalidate
-- BerespHeader Expires: 0
-- BerespHeader Pragma: no-cache
-- BerespHeader Content-Type: text/html; charset=utf-8
-- BerespHeader Content-Length: 121908
-- BerespHeader ETag: W/"1dc34-cVsnSJj8RA0tTuog9jjKA9De5g8"
-- BerespHeader Date: Tue, 31 Jan 2023 10:19:02 GMT
-- BerespHeader Connection: keep-alive
-- BerespHeader Keep-Alive: timeout=5
-- TTL RFC 120 10 0 1675160342 1675160342 1675160342 0 0 cacheable
-- VCL_call BACKEND_RESPONSE
-- TTL VCL 1 10 0 1675160342 cacheable
-- TTL VCL 120 10 0 1675160342 cacheable
-- TTL VCL 120 10 0 1675160342 uncacheable
-- VCL_return deliver
-- Filters esi
-- Storage malloc Transient
-- Fetch_Body 3 length -
-- BackendReuse 26 core
-- Timestamp BerespBody: 1675160342.181075 4.681414 0.042565
-- Length 121908
-- BereqAcct 865 0 865 1050 121908 122958
-- End
** << Request >> 32804
-- Begin req 32802 esi
-- Timestamp Start: 1675160342.182034 0.000000 0.000000
-- ReqURL /page-component/core/journals/journalName/article/articleName/D040F6E602CB05C1AF5637F78D131964?hasAccess=0&lang=en&contentLastUpdateDate=2018-06-09T21:06:21.084Z
-- ReqUnset Accept-Encoding: gzip, deflate, br
-- ReqStart 172.19.0.1 51890 a0
-- ReqMethod GET
-- ReqURL /page-component/core/journals/journalName/article/articleName/D040F6E602CB05C1AF5637F78D131964?hasAccess=0&lang=en&contentLastUpdateDate=2018-06-09T21:06:21.084Z
-- ReqProtocol HTTP/1.1
-- ReqHeader Host: localhost
-- ReqHeader Connection: keep-alive
-- ReqHeader sec-ch-ua: "Not_A Brand";v="99", "Google Chrome";v="109", "Chromium";v="109"
-- ReqHeader sec-ch-ua-mobile: ?0
-- ReqHeader sec-ch-ua-platform: "Windows"
-- ReqHeader Upgrade-Insecure-Requests: 1
-- ReqHeader User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36
-- ReqHeader Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
-- ReqHeader Sec-Fetch-Site: same-origin
-- ReqHeader Sec-Fetch-Mode: navigate
-- ReqHeader Sec-Fetch-User: ?1
-- ReqHeader Sec-Fetch-Dest: document
-- ReqHeader Accept-Language: en,en-US;q=0.9
-- ReqHeader Cookie: _ga=GA1.1.139642328.1641268029; ki_r=; ki_t=1641268031778%3B1642563665396%3B1642573565476%3B8%3B218; _ce.s=v~2d93a7cfee1083f149b58dffa418e2cef523c4bf~vpv~1; CORE_CITATION_STYLE=%7B%22key%22%3A%22american-sociological-association%22%2C%22name%22%3
-- ReqHeader X-Forwarded-For: 172.19.0.1
-- VCL_call RECV
-- ReqUnset Cookie: _ga=GA1.1.139642328.1641268029; ki_r=; ki_t=1641268031778%3B1642563665396%3B1642573565476%3B8%3B218; _ce.s=v~2d93a7cfee1083f149b58dffa418e2cef523c4bf~vpv~1; CORE_CITATION_STYLE=%7B%22key%22%3A%22american-sociological-association%22%2C%22name%22%3
-- ReqURL /core/journals/journalName/article/articleName/D040F6E602CB05C1AF5637F78D131964?hasAccess=0&lang=en&contentLastUpdateDate=2018-06-09T21:06:21.084Z
-- VCL_return hash
-- VCL_call HASH
-- VCL_return lookup
-- VCL_call MISS
-- VCL_return fetch
-- Link bereq 32805 fetch
-- Timestamp Fetch: 1675160349.704156 7.522122 7.522122
-- RespProtocol HTTP/1.1
-- RespStatus 200
-- RespReason OK
-- RespHeader X-Powered-By: Express
-- RespHeader Cache-Control: max-age=1
-- RespHeader Content-Type: text/html; charset=utf-8
-- RespHeader Content-Length: 278058
-- RespHeader Date: Tue, 31 Jan 2023 10:19:09 GMT
-- RespHeader X-Varnish: 32804
-- RespHeader Age: 0
-- RespHeader Via: 1.1 varnish (Varnish/6.3)
-- VCL_call DELIVER
-- VCL_return deliver
-- Timestamp Process: 1675160349.704181 7.522147 0.000025
-- Filters esi
-- RespHeader Accept-Ranges: bytes
-- RespUnset Content-Length: 278058
-- Link req 32806 esi
-- Timestamp Resp: 1675160350.336350 8.154316 0.632169
-- ReqAcct 0 0 0 0 281569 281569
-- End
*** << BeReq >> 32805
--- Begin bereq 32804 fetch
--- VCL_use boot
--- Timestamp Start: 1675160342.182128 0.000000 0.000000
--- BereqMethod GET
--- BereqURL /core/journals/journalName/article/articleName/D040F6E602CB05C1AF5637F78D131964?hasAccess=0&lang=en&contentLastUpdateDate=2018-06-09T21:06:21.084Z
--- BereqProtocol HTTP/1.1
--- BereqHeader Host: localhost
--- BereqHeader sec-ch-ua: "Not_A Brand";v="99", "Google Chrome";v="109", "Chromium";v="109"
--- BereqHeader sec-ch-ua-mobile: ?0
--- BereqHeader sec-ch-ua-platform: "Windows"
--- BereqHeader Upgrade-Insecure-Requests: 1
--- BereqHeader User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36
--- BereqHeader Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
--- BereqHeader Sec-Fetch-Site: same-origin
--- BereqHeader Sec-Fetch-Mode: navigate
--- BereqHeader Sec-Fetch-User: ?1
--- BereqHeader Sec-Fetch-Dest: document
--- BereqHeader Accept-Language: en,en-US;q=0.9
--- BereqHeader X-Forwarded-For: 172.19.0.1
--- BereqHeader Accept-Encoding: gzip
--- BereqHeader X-Varnish: 32805
--- VCL_call BACKEND_FETCH
--- VCL_return fetch
--- BackendOpen 27 page-component 192.168.65.2 3200 172.19.0.2 41506
--- Timestamp Bereq: 1675160342.185778 0.003650 0.003650
--- Timestamp Beresp: 1675160349.659051 7.476923 7.473272
--- BerespProtocol HTTP/1.1
--- BerespStatus 200
--- BerespReason OK
--- BerespHeader X-Powered-By: Express
--- BerespHeader Cache-Control: max-age=1
--- BerespHeader Content-Type: text/html; charset=utf-8
--- BerespHeader Accept-Ranges: none
--- BerespHeader Content-Length: 278058
--- BerespHeader Date: Tue, 31 Jan 2023 10:19:09 GMT
--- BerespHeader Connection: keep-alive
--- BerespHeader Keep-Alive: timeout=5
--- TTL RFC 1 10 0 1675160350 1675160350 1675160349 0 1 cacheable
--- VCL_call BACKEND_RESPONSE
--- TTL VCL 1 10 0 1675160350 cacheable
--- VCL_return deliver
--- Filters esi
--- Storage malloc s0
--- Fetch_Body 3 length -
--- ESI_xmlerror ERR after 252412 ESI 1.0 <esi:bogus> element
--- ESI_xmlerror ERR after 252440 ESI 1.0 <esi:bogus> element
--- ESI_xmlerror WARN after 252479 ESI 1.0 <esi:include> lacks final '/'
--- ESI_xmlerror ERR after 252552 ESI 1.0 </esi:include> illegal end-tag
--- ESI_xmlerror ERR after 252566 ESI 1.0 <esi:bogus> element
--- ESI_xmlerror ERR after 252577 ESI 1.0 <esi:bogus> element
--- BackendReuse 27 page-component
--- Timestamp BerespBody: 1675160349.704133 7.522005 0.045082
--- Length 278058
--- BereqAcct 855 0 855 237 278058 278295
--- End
*** << Request >> 32806
--- Begin req 32804 esi
--- Timestamp Start: 1675160349.704397 0.000000 0.000000
--- ReqURL /from/nuxt-3-app
--- ReqStart 172.19.0.1 51890 a0
--- ReqMethod GET
--- ReqURL /from/nuxt-3-app
--- ReqProtocol HTTP/1.1
--- ReqHeader Host: localhost
--- ReqHeader Connection: keep-alive
--- ReqHeader sec-ch-ua: "Not_A Brand";v="99", "Google Chrome";v="109", "Chromium";v="109"
--- ReqHeader sec-ch-ua-mobile: ?0
--- ReqHeader sec-ch-ua-platform: "Windows"
--- ReqHeader Upgrade-Insecure-Requests: 1
--- ReqHeader User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36
--- ReqHeader Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
--- ReqHeader Sec-Fetch-Site: same-origin
--- ReqHeader Sec-Fetch-Mode: navigate
--- ReqHeader Sec-Fetch-User: ?1
--- ReqHeader Sec-Fetch-Dest: document
--- ReqHeader Accept-Language: en,en-US;q=0.9
--- ReqHeader Cookie: _ga=GA1.1.139642328.1641268029; ki_r=; ki_t=1641268031778%3B1642563665396%3B1642573565476%3B8%3B218; _ce.s=v~2d93a7cfee1083f149b58dffa418e2cef523c4bf~vpv~1; CORE_CITATION_STYLE=%7B%22key%22%3A%22american-sociological-association%22%2C%22name%22%3
--- ReqHeader X-Forwarded-For: 172.19.0.1
--- VCL_call RECV
--- ReqUnset Cookie: _ga=GA1.1.139642328.1641268029; ki_r=; ki_t=1641268031778%3B1642563665396%3B1642573565476%3B8%3B218; _ce.s=v~2d93a7cfee1083f149b58dffa418e2cef523c4bf~vpv~1; CORE_CITATION_STYLE=%7B%22key%22%3A%22american-sociological-association%22%2C%22name%22%3
--- VCL_return hash
--- VCL_call HASH
--- VCL_return lookup
--- VCL_call MISS
--- VCL_return fetch
--- Link bereq 32807 fetch
--- Timestamp Fetch: 1675160350.335800 0.631402 0.631402
--- RespProtocol HTTP/1.1
--- RespStatus 200
--- RespReason OK
--- RespHeader Access-Control-Allow-Origin: *
--- RespHeader content-type: text/html;charset=UTF-8
--- RespHeader x-powered-by: Nuxt
--- RespHeader server-timing: -;dur=0;desc="Generate"
--- RespHeader date: Tue, 31 Jan 2023 10:19:10 GMT
--- RespHeader content-length: 3689
--- RespHeader X-Varnish: 32806
--- RespHeader Age: 0
--- RespHeader Via: 1.1 varnish (Varnish/6.3)
--- VCL_call DELIVER
--- VCL_return deliver
--- Timestamp Process: 1675160350.335845 0.631448 0.000045
--- Filters
--- RespHeader Accept-Ranges: bytes
--- Timestamp Resp: 1675160350.336108 0.631710 0.000262
--- ReqAcct 0 0 0 0 3689 3689
--- End
*4* << BeReq >> 32807
-4- Begin bereq 32806 fetch
-4- VCL_use boot
-4- Timestamp Start: 1675160349.704484 0.000000 0.000000
-4- BereqMethod GET
-4- BereqURL
-4- BereqProtocol HTTP/1.1
-4- BereqHeader Host: localhost
-4- BereqHeader sec-ch-ua: "Not_A Brand";v="99", "Google Chrome";v="109", "Chromium";v="109"
-4- BereqHeader sec-ch-ua-mobile: ?0
-4- BereqHeader sec-ch-ua-platform: "Windows"
-4- BereqHeader Upgrade-Insecure-Requests: 1
-4- BereqHeader User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36
-4- BereqHeader Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
-4- BereqHeader Sec-Fetch-Site: same-origin
-4- BereqHeader Sec-Fetch-Mode: navigate
-4- BereqHeader Sec-Fetch-User: ?1
-4- BereqHeader Sec-Fetch-Dest: document
-4- BereqHeader Accept-Language: en,en-US;q=0.9
-4- BereqHeader X-Forwarded-For: 172.19.0.1
-4- BereqHeader Accept-Encoding: gzip
-4- BereqHeader X-Varnish: 32807
-4- VCL_call BACKEND_FETCH
-4- VCL_return fetch
-4- BackendOpen 26 test 192.168.65.2 3101 172.19.0.2 36466
-4- Timestamp Bereq: 1675160349.706376 0.001892 0.001892
-4- Timestamp Beresp: 1675160350.330727 0.626242 0.624350
-4- BerespProtocol HTTP/1.1
-4- BerespStatus 200
-4- BerespReason OK
-4- BerespHeader Access-Control-Allow-Origin: *
-4- BerespHeader content-type: text/html;charset=UTF-8
-4- BerespHeader x-powered-by: Nuxt
-4- BerespHeader server-timing: -;dur=0;desc="Generate"
-4- BerespHeader date: Tue, 31 Jan 2023 10:19:10 GMT
-4- BerespHeader connection: close
-4- BerespHeader content-length: 3689
-4- TTL RFC 120 10 0 1675160350 1675160350 1675160350 0 0 cacheable
-4- VCL_call BACKEND_RESPONSE
-4- TTL VCL 1 10 0 1675160350 cacheable
-4- VCL_return deliver
-4- Filters esi
-4- Storage malloc s0
-4- Fetch_Body 3 length -
-4- BackendClose 26 test
-4- Timestamp BerespBody: 1675160350.335742 0.631257 0.005014
-4- Length 3689
-4- BereqAcct 733 0 733 228 3689 3917
-4- End
While I'm not a fan of doing unconditional ESI parsing, and why I still stand by the ESI content negotiation I explained in the answer you're referring to, we must first figure out why ESI isn't getting parsed at all.
Please run the following command and attach the output to your original question:
sudo varnishlog -g request -q "ReqUrl eq '/'"
My assumption is that / is the URL of the page that contains the ESI tag. If this is not the case, please adjust the URL in the -q filter.
Based on the varnishlog output you'll probably provide, I'll try to provide the proper solution.
Update
Based on the logs in transaction 32805, there's something wrong with the output:
--- ESI_xmlerror ERR after 252412 ESI 1.0 <esi:bogus> element
--- ESI_xmlerror ERR after 252440 ESI 1.0 <esi:bogus> element
--- ESI_xmlerror WARN after 252479 ESI 1.0 <esi:include> lacks final '/'
--- ESI_xmlerror ERR after 252552 ESI 1.0 </esi:include> illegal end-tag
--- ESI_xmlerror ERR after 252566 ESI 1.0 <esi:bogus> element
--- ESI_xmlerror ERR after 252577 ESI 1.0 <esi:bogus> element
There's some bogus ESI content in the response of /core/journals/journalName/article/articleName/D040F6E602CB05C1AF5637F78D131964?hasAccess=0&lang=en&contentLastUpdateDate=2018-06-09T21:06:21.084Z
However, I do find it strange that transaction 32805 is complaining about this, because this is a 3-level subrequest that is not even supposed to process ESI. It looks like you're doing nested ESI.
That might be the result of processing every response with an ESI filter. Not only does it consume more CPU, it may also encounter output that it doesn't understand. Hence the error.
The only page that is supposed to contain ESI tags is /core/journals/animal-conservation-forum/article/abs/reproductive-seasonality-in-the-female-scimitarhorned-oryx-oryx-dammah/D040F6E602CB05C1AF5637F78D131964
The easy way out
The easiest solution is to tell Varnish not to enforce strict XML/xHTML rules for parsing output.
You can do this by adding the following runtime parameter to varnishd:
-p feature=+esi_disable_xml_check
There's no guarantee that it will solve your problem, but it might help.
The better solution
A better solution is to avoid nested ESI parsing when it's not needed.
As explained in https://www.varnish-software.com/developers/tutorials/example-vcl-template/#14-esi-support, you can use Surrogate-Control and Surrogate-Capability headers to negotiate ESI parsing.
That way you have full control over what kind of content is parsed for ESI tags and what not.

QuickBlox delete dialog returns access denied

I wrote a helper using Jersey to delete a dialog on QuickBlox. For some reason, the same delete request generated by curl returns without any errors but with Jersey (a java restful client library) returns a 403. Here are the packet traces (taken on wireshark) of the requests and responses:
Jersey Request:
DELETE /chat/Dialog/55c5fab8535c12a211000d0f.json HTTP/1.1\r\n
Accept: */*\r\n
QB-Token: 32a7acd55d3b21dad79afba3b834a0b62c9a4946\r\n
User-Agent: Jersey/2.19 (HttpUrlConnection 1.8.0_20)\r\n
Host: api.quickblox.com\r\n
Connection: keep-alive\r\n
\r\n
Jersey Response:
Hypertext Transfer Protocol
HTTP/1.1 403 Access Denied\r\n
Date: Sat, 08 Aug 2015 12:49:14 GMT\r\n
Connection: keep-alive\r\n
Cache-Control: no-store\r\n
Content-Type: text/html\r\n
Content-Language: en\r\n
Content-Length: 249\r\n
\r\n
[HTTP response 2/2]
[Time since request: 0.009155000 seconds]
[Prev request in frame: 24303]
[Prev response in frame: 24324]
[Request in frame: 24328]
Line-based text data: text/html
<HTML>\n
<HEAD>\n
<TITLE>Access Denied</TITLE>\n
</HEAD>\n
\n
<BODY BGCOLOR="white" FGCOLOR="black">\n
<H1>Access Denied</H1>\n
<HR>\n
\n
<FONT FACE="Helvetica,Arial"><B>\n
Description: You are not allowed to access the document you requested.\n
</B></FONT>\n
<HR>\n
</BODY>\n
Curl Request:
Hypertext Transfer Protocol
DELETE /chat/Dialog/55c5fab8535c12a211000d0f.json HTTP/1.1\r\n
User-Agent: curl/7.37.1\r\n
Host: api.quickblox.com\r\n
Accept: */*\r\n
QB-Token: 32a7acd55d3b21dad79afba3b834a0b62c9a4946\r\n
\r\n
[Full request URI: http://api.quickblox.com/chat/Dialog/55c5fab8535c12a211000d0f.json]
[HTTP request 1/1]
[Response in frame: 35345]
Curl Response:
Hypertext Transfer Protocol
HTTP/1.1 200 OK\r\n
Access-Control-Allow-Origin: *\r\n
Cache-Control: max-age=0, private, must-revalidate\r\n
Content-Type: application/json; charset=utf-8\r\n
Date: Sat, 08 Aug 2015 12:54:34 GMT\r\n
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"\r\n
QB-Token-ExpirationDate: 2015-08-08 14:49:14 UTC\r\n
QuickBlox-REST-API-Version: 0.1.1\r\n
Server: nginx/1.0.15\r\n
Status: 200 OK\r\n
X-Rack-Cache: invalidate, pass\r\n
X-Request-Id: 129dfcd4199bcae1f61cbd55a435885d\r\n
X-Runtime: 0.036879\r\n
X-UA-Compatible: IE=Edge,chrome=1\r\n
Content-Length: 1\r\n
Connection: keep-alive\r\n
\r\n
[HTTP response 1/1]
[Time since request: 0.475311000 seconds]
[Request in frame: 35287]
JavaScript Object Notation: application/json
Line-based text data: application/json
Does anyone have any idea what's happening here?

Fine Uploader request to S3 results in InvalidAccessKeyId error

I have jquery fine-uploader 5.2.1 which I configured like this
<script type="text/javascript">
$(function() {
$('#fineUploader').fineUploaderS3({
template: 'qq-template',
request: {
endpoint: "https://MY-BUCKET.s3.amazonaws.com",
accessKey: "MY-AWS-KEY",
},
signature: {
endpoint: "/s3demo-cors.php"
},
uploadSuccess: {
endpoint: "index.html"
},
chunking: {
enabled: true,
mandatory: true,
}
});
});
</script>
and I have s3demo-cors.php where I modified these two lines only
$clientPrivateKey = 'MY AWS SECRET KEY';
$expectedBucketName = "MY-BUCKET";
When examining the flow, I can see signature getting generated correctly, then OPTIONS request is successfully made but then this request is made and results in 403 InvalidAccessKeyId response from amazon.
POST /8fbc7973-d054-41aa-a2af-f9c9d29569f0.jpg?uploads HTTP/1.1
Host: MY-BUCKET.s3.amazonaws.com
Connection: keep-alive
Content-Length: 0
x-amz-acl: private
Origin: https://MY-HOST
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.118 Safari/537.36 FirePHP/4Chrome
Content-Type: image/jpeg
Authorization: AWS MY-AWS-KEY:SIGNATURE
x-amz-meta-qqfilename: beautiful_scenery-1024x768.jpg
x-amz-date: Fri, 08 May 2015 15:02:58 GMT
Accept: */*
Referer: https://MY-HOST/fineuploader/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8
X-FirePHP-Version: 0.0.6
X-Wf-Max-Combined-Size: 261120
I have the following in my CORS file
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<AllowedMethod>DELETE</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<ExposeHeader>ETag</ExposeHeader>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
I am almost stuck at this point and will appreciate any insights of how I can debug this further.
Thanks!
UPDATE 1
Also in case it helps, for a single request, these are the headers that I am requested to sign
POST
image/jpeg
x-amz-acl:private
x-amz-date:Fri, 08 May 2015 15:19:52 GMT
x-amz-meta-qqfilename:beautiful_scenery-1024x768.jpg
/MY-BUCKET/bedbba49-ae0c-479d-b7a0-663bbd55cc53.jpg?uploads
And these the ones that are sent out
POST /bedbba49-ae0c-479d-b7a0-663bbd55cc53.jpg?uploads HTTP/1.1
Host: MY-BUCKET.s3.amazonaws.com
Connection: keep-alive
Content-Length: 0
x-amz-acl: private
Origin: https://MY-HOST
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.118 Safari/537.36 FirePHP/4Chrome
Content-Type: image/jpeg
Authorization: AWS MY-KEY:SIGNATURE
x-amz-meta-qqfilename: beautiful_scenery-1024x768.jpg
x-amz-date: Fri, 08 May 2015 15:19:52 GMT
Accept: */*
Referer: https://MY-HOST/fineuploader/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8
X-FirePHP-Version: 0.0.6
X-Wf-Max-Combined-Size: 261120

send object as parameters into multipart-form

I want to send and object ( application/xml ) into multipart-form.
This is the capture of request in java what goes right:
POST /OpenKM/services/rest/document/create HTTP/1.1
Accept: application/xml
Content-Type: multipart/form-data; boundary=Boundary_1_1316797734_1423153602196
Authorization: Basic b2ttQWRtaW46YWRtaW4=
MIME-Version: 1.0
User-Agent: Java/1.7.0_60
Host: localhost:8180
Connection: keep-alive
Transfer-Encoding: chunked
74
--Boundary_1_1316797734_1423153602196
**Content-Type: application/xml
Content-Disposition: form-data; name="doc"**
20c
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><document><path>/okm:root/myDoc.doc</path><permissions>0</permissions><subscribed>false</subscribed><checkedOut>false</checkedOut><convertibleToDxf>false</convertibleToDxf><convertibleToPdf>false</convertibleToPdf><convertibleToSwf>false</convertibleToSwf><description></description><locked>false</locked><signed>false</signed></document>
--Boundary_1_1316797734_1423153602196
Content-Type: application/octet-stream
Content-Disposition: form-data; name="content"
This is what I get from .net
POST /OpenKM/services/rest/document/create HTTP/1.1
Authorization: Basic b2ttQWRtaW46YWRtaW4=
Accept: application/xml
User-Agent: RestSharp/104.4.0.0
Host: localhost:8180
Content-Type: multipart/form-data; boundary=-----------------------------28947758029299
Content-Length: 24353
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
-------------------------------28947758029299
**Content-Disposition: form-data; name="doc"**
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><document>
<lastModified>01/01/0001 0:00:00</lastModified>
<locked>false</locked>
<checkedOut>false</checkedOut>
<signed>false</signed>
<convertibleToPdf>false</convertibleToPdf>
<convertibleToSwf>false</convertibleToSwf>
<convertibleToDxf>false</convertibleToDxf>
<created>01/01/0001 0:00:00</created>
<path>/okm:root/myDoc.doc</path>
<permissions>0</permissions>
<subscribed>false</subscribed>
</document>
-------------------------------28947758029299
Content-Disposition: form-data; name="content"; filename="myDoc.doc"
Content-Type: application/octet-stream
;
Seems the differences is I'm not indicating that the content is application/xml ( Content-Type: application/xml ? )
This is my code, any suggestion is wellcome
IRestRequest request = new RestRequest(uriHelper.DOCUMENT_CREATE, Method.POST);
request.RequestFormat = DataFormat.Xml;
Document testdoc = new Document();
testdoc.path = "/okm:root/myDoc.doc";
string doc = "<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>" + request.XmlSerializer.Serialize (testdoc).Replace("<Document>", "<document>").Replace("</Document>", "</document>");
request.AddParameter("doc", doc);
byte[] bytes = beanHelper.ReadToEnd(fileStream);
String fileName = Path.GetFileName(docPath);
request.AddFile("content", bytes, fileName);
RestClient client = getClient(url, user, password);
IRestResponse<Document> response = client.Execute<Document>(request);

Add Headers to a POST

I am trying to pass header when i post XML Data in VB.Net.
It needs to look like this :
POST /test1.asmx HTTP/1.1
Host: www.test1.com
Content-Type: text/xml; charset=utf-8
Content-Length: length
SOAPAction: "http://test1.org/PostApplication_V5"
I am using the following :
Req.Headers.Add("POST /", "test1.asmx HTTP/1.1")
Req.Headers.Add("HOST", "www.test1.com")
Req.Headers.Add("Content-Type", "text/xml; charset=utf-8")
Req.Headers.Add("Content-Length", "length")
Req.Headers.Add("SOAPAction", """http://test1.org/PostApplication_V5""")
Its not working
<POST /test1.asmx HTTP/1.1>
<Host: www.test1.com>
<Content-Type: text/xml; charset=utf-8>
<Content-Length: length>
<SOAPAction: "http://test1.org/PostApplication_V5">
</POST /test1.asmx HTTP/1.1>
</Host: www.test1.com>
</Content-Type: text/xml; charset=utf-8>
</Content-Length: length>
</SOAPAction: "http://test1.org/PostApplication_V5">