diff --git a/src/httpserver.cpp b/src/httpserver.cpp --- a/src/httpserver.cpp +++ b/src/httpserver.cpp @@ -233,22 +233,30 @@ } auto hreq = std::make_unique(req); - LogPrint(BCLog::HTTP, "Received a %s request for %s from %s\n", - RequestMethodString(hreq->GetRequestMethod()), hreq->GetURI(), - hreq->GetPeer().ToString()); - // Early address-based allow check if (!ClientAllowed(hreq->GetPeer())) { + LogPrint(BCLog::HTTP, + "HTTP request from %s rejected: Client network is not allowed " + "RPC access\n", + hreq->GetPeer().ToString()); hreq->WriteReply(HTTP_FORBIDDEN); return; } // Early reject unknown HTTP methods if (hreq->GetRequestMethod() == HTTPRequest::UNKNOWN) { + LogPrint(BCLog::HTTP, + "HTTP request from %s rejected: Unknown HTTP request method\n", + hreq->GetPeer().ToString()); hreq->WriteReply(HTTP_BADMETHOD); return; } + LogPrint(BCLog::HTTP, "Received a %s request for %s from %s\n", + RequestMethodString(hreq->GetRequestMethod()), + SanitizeString(hreq->GetURI(), SAFE_CHARS_URI).substr(0, 100), + hreq->GetPeer().ToString()); + // Find registered handler for prefix std::string strURI = hreq->GetURI(); std::string path; diff --git a/src/util/strencodings.h b/src/util/strencodings.h --- a/src/util/strencodings.h +++ b/src/util/strencodings.h @@ -29,6 +29,8 @@ SAFE_CHARS_UA_COMMENT, //! Chars allowed in filenames SAFE_CHARS_FILENAME, + //! Chars allowed in URIs (RFC 3986) + SAFE_CHARS_URI, }; /** diff --git a/src/util/strencodings.cpp b/src/util/strencodings.cpp --- a/src/util/strencodings.cpp +++ b/src/util/strencodings.cpp @@ -23,6 +23,8 @@ CHARS_ALPHA_NUM + " .,;-_?@", // SAFE_CHARS_FILENAME CHARS_ALPHA_NUM + ".-_", + // SAFE_CHARS_URI + CHARS_ALPHA_NUM + "!*'();:@&=+$,/?#[]-_.~%", }; std::string SanitizeString(const std::string &str, int rule) {