You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by "Francois Papon (Jira)" <ji...@apache.org> on 2019/11/19 19:33:00 UTC
[jira] [Resolved] (SHIRO-731) Use OWasp Java Encoder to escape user
supplied content to the logs
[ https://issues.apache.org/jira/browse/SHIRO-731?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Francois Papon resolved SHIRO-731.
----------------------------------
Resolution: Resolved
> Use OWasp Java Encoder to escape user supplied content to the logs
> ------------------------------------------------------------------
>
> Key: SHIRO-731
> URL: https://issues.apache.org/jira/browse/SHIRO-731
> Project: Shiro
> Issue Type: Improvement
> Reporter: Colm O hEigeartaigh
> Priority: Major
> Fix For: 1.5.0
>
> Time Spent: 40m
> Remaining Estimate: 0h
>
> We should use the Owasp java encoder to escape user supplied content to the logs, to avoid CRLF type attacks.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)