fix(http.fileserver): improve error message for "expanding glob" error

[digitalkaoz]

"No AI was used."

While migrating a high traffic website to caddy we noticed occasional errors we could not reproduce (yet).

The error is expanding glob / syntax error in pattern, we suspect it might be malicious request, but we dont really know.
This PR tries to bring some light by also logging the faulty pattern (where the fs.Glob can throw this error)

versions

• frankenphp : 1.9.1
• caddy: 2.10.2

caddy config

{
	metrics # used for datadog

	log default {
		output stdout
		format json
	}

	# see https://frankenphp.dev/docs/config/#caddyfile-config
	# see https://frankenphp.dev/docs/performance/#number-of-threads-and-workers
	frankenphp {
	    num_threads 45  # memory / 50MB per Request - a little headroom
		max_threads 270 # 6 times num_threads
		max_wait_time 20s
	}

	servers {
		trusted_proxies cloudfront {
			# add all cloudfront ips as trusted proxies, so caddy forwards the X-Forwarded headers
			interval 1h
		}
	}
}

#ssl is already terminated (LB) at this point
http:// {
	log

	# modify headers
	@assets path *.js *.css *.ico
	header @assets Cache-Control "s-maxage=31536000, must-revalidate, proxy-revalidate"
	header /* -Server -Expires

	# Enable compression (optional)
	encode zstd br gzip

	# Execute PHP files in the current directory and serve assets
	php_server {
		resolve_root_symlink false
		try_files {path} /index.php
		root /path/to/web
	}

	# error pages
	handle_errors 5xx {
		rewrite * /path/to/static_errors/50x.html
		file_server
	}
}

error log (only ocassionally)

{
  error: "syntax error in pattern",
  level: "error",
  logger: "http.matchers.file"
}

after revisting the config, it might be the error pages ?
frankphp implicitly (afaik) create a fileserver as well for serving assets

[CLAassistant]

All committers have signed the CLA.

[francislavoie]

caddy config (partial, i think its the relevant part)

No, that config doesn't use the file matcher at all (that's just a path matcher). I don't know what your reproduce case is here.

[digitalkaoz]

caddy config (partial, i think its the relevant part)

No, that config doesn't use the file matcher at all (that's just a path matcher). I don't know what your reproduce case is here.

Will provide the full config and Caddy Version tomorrow!

[digitalkaoz]

@francislavoie updated the PR to give more details

[francislavoie]

If you could make a build with this change and see what information you get out, then that would help to understand what actually happens, and whether there's an actual bug that needs fixing somewhere else. You can use xcaddy to make the build and replace the Caddy package with your branch. Check the xcaddy readme for instructions on that.

[digitalkaoz]

@francislavoie thats a lot of heavy lifting just for adding a string to an already existing error message. Its only happening here and there within million of requests. Baking a custom image for that would be a lot of effort, this one would be easier to see which patterns are actually causing fs.Glob to error out ;)

[francislavoie]

Well, this is the first I ever hear of this problem. I don't want to merge something blindly without understanding the underlying cause of the problem.

[digitalkaoz]

well, this PR is exactly to find out whats wrong, its just an improved error log :/