Caleb Cushing created LOG4J2-2359:
-------------------------------------
Summary: Safe multiline messages
Key: LOG4J2-2359
URL: https://issues.apache.org/jira/browse/LOG4J2-2359
Project: Log4j 2
Issue Type: Improvement
Reporter: Caleb Cushing
The problem with using multiple lines in a messages, is of course CRLF (or
other form of line injection).
however, much like you can let people write javascript that can't be executed
by a browser safely if you encode it, I think you could do the same for CRLF. I
think simply printing {{\n%n}} would be safe (\n being the actual encoding),
but adding a header and footer to demark might be better...
{code:java}
[ERROR] 01234 - com.mydomain.app ...
```
my message\n
has multiple\r\n
lines\r
```{code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
