You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@sling.apache.org by ra...@apache.org on 2019/11/22 16:05:21 UTC

[sling-org-apache-sling-xss] branch master updated: SLING-8857 - Lower the log level for validation errors in org.apache.sling.xss.impl.XSSFilterImpl#runHrefValidation

This is an automated email from the ASF dual-hosted git repository.

radu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-xss.git


The following commit(s) were added to refs/heads/master by this push:
     new 4c6946c  SLING-8857 - Lower the log level for validation errors in org.apache.sling.xss.impl.XSSFilterImpl#runHrefValidation
4c6946c is described below

commit 4c6946c22ac1a903f7cfcacdad2d86ccef7bd34e
Author: Radu Cotescu <ra...@apache.org>
AuthorDate: Fri Nov 22 17:05:07 2019 +0100

    SLING-8857 - Lower the log level for validation errors in org.apache.sling.xss.impl.XSSFilterImpl#runHrefValidation
---
 src/main/java/org/apache/sling/xss/impl/XSSFilterImpl.java | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/main/java/org/apache/sling/xss/impl/XSSFilterImpl.java b/src/main/java/org/apache/sling/xss/impl/XSSFilterImpl.java
index 931c28a..64cc434 100644
--- a/src/main/java/org/apache/sling/xss/impl/XSSFilterImpl.java
+++ b/src/main/java/org/apache/sling/xss/impl/XSSFilterImpl.java
@@ -197,8 +197,8 @@ public class XSSFilterImpl implements XSSFilter {
                 return runHrefValidation(url);
             }
             return runHrefValidation(xmlDecodedURL);
-        } catch (Exception e) {
-            logger.warn("Unable to decode url.", e);
+        } catch (Throwable e) {
+            logger.warn("Unable to validate url.", e);
             logger.debug("URL input: {}", url);
         }
         return false;
@@ -215,7 +215,7 @@ public class XSSFilterImpl implements XSSFilter {
             try {
                 isValid = hrefAttribute.matchesAllowedExpression(url.toLowerCase());
             } catch (StackOverflowError e) {
-                logger.warn("Detected a StackOverflowError when validating url {} with configured regexes. Trying fallback.", url);
+                logger.debug("Detected a StackOverflowError when validating url {} with configured regexes. Trying fallback.", url);
                 try {
                     for (Pattern p : BACKUP_PATTERNS) {
                         isValid = p.matcher(url.toLowerCase()).matches();
@@ -224,7 +224,7 @@ public class XSSFilterImpl implements XSSFilter {
                         }
                     }
                 } catch (StackOverflowError inner) {
-                    logger.error(String.format("Cannot validate url %s.", url), inner);
+                    logger.debug("Detected a StackOverflowError when validating url {} with fallback regexes", url);
                 }
             }
         }