[logback-user] bug - Log4j XMLLayout does not encode data
David Balažic
david.balazic at comtrade.com
Tue Aug 31 13:19:51 CEST 2010
Hi!
It seems the Log4j XMLLayout * does not properly XML encode data it puts into the output XML.
Example:
116 buf.append("\" thread=\"");
117 buf.append(event.getThreadName());
118 buf.append("\">\r\n");
The thread name can be any string, so it can include characters like <>"/'& etc...
That would break the XML.
* http://logback.qos.ch/xref/ch/qos/logback/classic/log4j/XMLLayout.html
same in the logback 0.9.24
David Balažic
Software Engineer
ComTrade
HERMES SoftLab
a ComTrade company
HERMES SoftLab d.o.o.
Litijska 51, 1000 Ljubljana
Slovenia
phone: +386 81 60 8937
fax: +386 1 586 52 70
david.balazic at comtrade.com
www.comtrade.com/si
More information about the Logback-user
mailing list