GitHub user rgoers added a comment to the discussion: Threat model: how should Thread Context (MDC) keys be classified (trusted structural or untrusted content)?
In todays world maybe my view is naive, but my approach would be to say that while Log4j supports the use of the MDC/ThreadContext all responsibility for its content belongs to the user of Log4j. While we may include them in logs, or use them to manipulate how logging is performed, Log4j simply cannot validate the content to the extent necessary. Since the user determines what keys should be present and what the appropriate values should be it is up to them to perform proper validation. If we can make that easier by providing integrations with validation frameworks where there is a way for the user to define keys and validation rules for them we should do that. GitHub link: https://github.com/apache/logging-log4j2/discussions/4132#discussioncomment-17152354 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected]
