In light of the gerrit incidents these last few days, and as part of the process of strengthening gerrit's operational security, we 've just gone ahead and configured gerrit to add the User: HTTP header on the response. To take advantage of that, we 've also amended the wmf apache LogFormat directive to log that header if it exists. I 've documented the change in https://wikitech.wikimedia.org/wiki/Apache_log_format.
Note that the order of fields changes just a bit (the last field is now 17 instead of 16, the 16th is now the User: HTTP header if it exists, otherwise a -). If you are aware of anything that might break because of that let us know. Regards, -- Alexandros Kosiaris Senior Site Reliability Engineer Wikimedia Foundation _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
