You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@shiro.apache.org by "Francois Papon (Jira)" <ji...@apache.org> on 2019/11/19 19:33:00 UTC

[jira] [Resolved] (SHIRO-731) Use OWasp Java Encoder to escape user supplied content to the logs

     [ https://issues.apache.org/jira/browse/SHIRO-731?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Francois Papon resolved SHIRO-731.
----------------------------------
    Resolution: Resolved

> Use OWasp Java Encoder to escape user supplied content to the logs
> ------------------------------------------------------------------
>
>                 Key: SHIRO-731
>                 URL: https://issues.apache.org/jira/browse/SHIRO-731
>             Project: Shiro
>          Issue Type: Improvement
>            Reporter: Colm O hEigeartaigh
>            Priority: Major
>             Fix For: 1.5.0
>
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> We should use the Owasp java encoder to escape user supplied content to the logs, to avoid CRLF type attacks.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)