[slf4j-user] How to post-filter slf4j-created logs?
David Karr
davidmichaelkarr at gmail.com
Fri Jul 26 23:33:28 CEST 2019
I work in an enterprise that is very careful about various aspects of
security (duh).
One thing that our scanner notices is that we often log text with slf4j
that is composed of data that might have indirectly come from customer
input. We are required to pass the text through an html decoder, along
with other checks. It would be "straightforward" to change our several
hundred (thousand) slf4j calls to pass the text through that filter, but
I'd really much rather figure out how to configure slf4j to do this
automatically. Is there any way to make the text that slf4j logs pass
through a specific filter?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.qos.ch/pipermail/slf4j-user/attachments/20190726/4c071e87/attachment.html>
More information about the slf4j-user
mailing list