Uploaded image for project: 'Shiro'
  1. Shiro
  2. SHIRO-731

Use OWasp Java Encoder to escape user supplied content to the logs

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Resolved
    • None
    • 1.5.0
    • None
    • None

    Description

      We should use the Owasp java encoder to escape user supplied content to the logs, to avoid CRLF type attacks.

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              coheigea Colm O hEigeartaigh
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 40m
                  40m