Remove logging for Gitlab::RequestForgeryProtection::Controller
This controller never actually processes a user request. It's used internally to check CSRF tokens. However, because it is a controller, 'requests' to it will show up in unstructured logs. We added this log message to clarify that any 429s weren't real requests, but simply internal usage. When we added this log message, structured logs wouldn't emit a plain message like this. Now that we have more comprehensive structured logs, and recommend them going forward, they will emit these messages, which can cause a lot of log spam. That log spam is exacerbated by enabling Rack Attack, because the throttles we use will indirectly use this dummy controller and so every single request can log these three lines. As such, this log message probably isn't needed any more, as it's doing more harm than good.
Showing
Please register or sign in to comment