[
https://issues.apache.org/jira/browse/LOG4J2-2359?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Matt Sicker resolved LOG4J2-2359.
---------------------------------
Resolution: Duplicate
I believe this feature was added in Log4j 2.10.0 in LOG4J2-1203. You can use
{{%enc{_pattern_}\{CRLF}}} to auto-encode lines.
> Safe multiline messages
> -----------------------
>
> Key: LOG4J2-2359
> URL: https://issues.apache.org/jira/browse/LOG4J2-2359
> Project: Log4j 2
> Issue Type: Improvement
> Reporter: Caleb Cushing
> Priority: Major
>
> The problem with using multiple lines in a messages, is of course CRLF (or
> other form of line injection).
> however, much like you can let people write javascript that can't be executed
> by a browser safely if you encode it, I think you could do the same for CRLF.
> I think simply printing {{\n%n}} would be safe (\n being the actual
> encoding), but adding a header and footer to demark might be better...
> {code:java}
> [ERROR] 01234 - com.mydomain.app ...
> ```
> my message\n
> has multiple\r\n
> lines\r
> ```{code}
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
