java中除OWASP ESAPI外的日志伪造
[英]Log forging except OWASP ESAPI in java
问题描述
Is there any other way through which we can prevent log forging except ESAPI in java?
除了Java中的ESAPI,还有其他方法可以防止日志伪造吗? I am using Lombok slf4j annotation我正在使用 Lombok slf4j 注释
1 个解决方案
解决方案1
0 2020-08-05 08:51:53
Try to replace your message with尝试将您的消息替换为
message.replaceAll("\n", "\\n").replaceAll("\r", "\\r")
.replaceAll("\t", "\\t");
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
OWASP ESAPI的Java Bean验证替代方案 - Java bean validation alternatives to OWASP ESAPI
java 中 checkmarx 扫描中的日志锻造 - Log forging in checkmarx scan in java
jBOSS + ESAPI java.lang.ClassCastException:org.jboss.logmanager.log4j.BridgeLogger无法强制转换为org.owasp.esapi.Logger - jBOSS+ ESAPI java.lang.ClassCastException: org.jboss.logmanager.log4j.BridgeLogger cannot be cast to org.owasp.esapi.Logger
OWASP ESAPI将忽略按包名称进行的log4j记录器筛选 - log4j logger filtering by package name is ignored for OWASP ESAPI
ESAPI尝试记录警告时抛出org.owasp.esapi.errors.ConfigurationException - ESAPI throwing org.owasp.esapi.errors.ConfigurationException when trying to log a warning
未检测到 OWASP ESAPI XSS 攻击 - OWASP ESAPI XSS Attack undetected
ClassCastException: org.apache.log4j.Logger 不能转换为 org.owasp.esapi.Logger - ClassCastException: org.apache.log4j.Logger cannot be cast to org.owasp.esapi.Logger
ESAPI 2.2.3.1 使用 httpUtilities 时抛出 org.owasp.esapi.errors.ConfigurationException: java.lang.reflect.InvocationTargetException - ESAPI 2.2.3.1 throwing org.owasp.esapi.errors.ConfigurationException: java.lang.reflect.InvocationTargetException when using httpUtilities
org.owasp.esapi.errors.ConfigurationException: java.lang.reflect.InvocationTargetException 调用 ESAPI.encoder() 时出错 - org.owasp.esapi.errors.ConfigurationException: java.lang.reflect.InvocationTargetException Error while invoking ESAPI.encoder()
Checkmarx Java 修复日志伪造 - 清理用户输入 - Checkmarx Java fix for Log Forging -sanitizing user input
相关标签