[
https://issues.apache.org/jira/browse/UNOMI-852?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Francois Gerthoffert updated UNOMI-852:
---------------------------------------
Summary: Improve robustness against log injection (was: Improve robustness
agains log injection)
> Improve robustness against log injection
> ----------------------------------------
>
> Key: UNOMI-852
> URL: https://issues.apache.org/jira/browse/UNOMI-852
> Project: Apache Unomi
> Issue Type: Task
> Reporter: Francois Gerthoffert
> Priority: Major
>
> We want to improve/extend logging present by default in unomi when events are
> rejected but we are concerned that doing so could expose us to log injection.
> A similar mechanism was put in place in Jahia at this location (file under
> Apache 2 license):
> https://github.com/Jahia/jahia/blob/master/core/src/main/java/org/jahia/bin/errors/SafeExtendedThrowablePatternConverter.java
> The goal is to implement a similar mechanism (or port the class if possible)
> in Apache Unomi.
> Once done, work will resume on UNOMI-846
--
This message was sent by Atlassian Jira
(v8.20.10#820010)