Francois Gerthoffert created UNOMI-852:
------------------------------------------
Summary: Improve robustness agains log injection
Key: UNOMI-852
URL: https://issues.apache.org/jira/browse/UNOMI-852
Project: Apache Unomi
Issue Type: Task
Reporter: Francois Gerthoffert
We want to improve/extend logging present by default in unomi when events are
rejected but we are concerned that doing so could expose us to log injection.
A similar mechanism was put in place in Jahia at this location (file under
Apache 2 license):
https://github.com/Jahia/jahia/blob/master/core/src/main/java/org/jahia/bin/errors/SafeExtendedThrowablePatternConverter.java
The goal is to implement a similar mechanism (or port the class if possible) in
Apache Unomi.
Once done, work will resume on UNOMI-846
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
