[logback-dev] [JIRA] Commented: (LBCLASSIC-180) XML/HTML tags haven't get escaped in HTMLLayout
Ceki Gulcu (JIRA)
noreply-jira at qos.ch
Wed May 9 20:02:27 CEST 2012
[ http://jira.qos.ch/browse/LBCLASSIC-180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12432#action_12432 ]
Ceki Gulcu commented on LBCLASSIC-180:
--------------------------------------
Instead of html escaping all fields, how about only escaping the message field. If that is sufficient, logback already has hooks for adding custom converters. Teh HtmlEscapedMessageConverter shown below is a custom converter which html escapes the event message. Here is the code:
package ch.qos.logback.classic.issue.lbclassic180;
import ch.qos.logback.classic.pattern.ClassicConverter;
import ch.qos.logback.classic.spi.ILoggingEvent;
import ch.qos.logback.core.helpers.Transform;
public class HtmlEscapedMessageConverter extends ClassicConverter {
public String convert(ILoggingEvent event) {
return Transform.escapeTags(event.getFormattedMessage());
}
}
In logback.xml config files, you can easily define a new conversion word to support HtmlEscapedMessageConverter. Here is a sample config:
<configuration debug="true">
<!-- define a new conversion rule -->
<conversionRule conversionWord="htmlEscapedMessage"
converterClass="ch.qos.logback.classic.issue.lbclassic180.HtmlEscapedMessageConverter"/>
<appender name="CON" class="ch.qos.logback.core.ConsoleAppender">
<encoder class="ch.qos.logback.core.encoder.LayoutWrappingEncoder">
<layout class="ch.qos.logback.classic.html.HTMLLayout">
<pattern>%d%logger%htmlEscapedMessage</pattern>
</layout>
</encoder>
</appender>
<root level="DEBUG">
<appender-ref ref="CON"/>
</root>
</configuration>
> XML/HTML tags haven't get escaped in HTMLLayout
> -----------------------------------------------
>
> Key: LBCLASSIC-180
> URL: http://jira.qos.ch/browse/LBCLASSIC-180
> Project: logback-classic
> Issue Type: Bug
> Components: layout
> Affects Versions: 0.9.18
> Environment: Linux (Ubuntu), JavaSE 1.6
> Reporter: Xu Hui Hui
> Assignee: Ceki Gulcu
>
> View it here for a better looking: http://stackoverflow.com/questions/2069135/how-to-make-xml-get-escaped-in-htmllayout-of-logback
> I'm using logback (with slf4j) to do the logging, and I've got many XML content to be logged in both text files and HTML files (with HTMLLayout). However, logback just inserts the raw XML in the <TD> tags for the HTMLLayout, without any escaping or <pre> processing.
> Here is the snippet of my logback.xml:
> <appender name="ALL" class="ch.qos.logback.core.rolling.RollingFileAppender">
> <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
> <FileNamePattern>${DIR_ALL}/%d{yyyy-MM-dd}.%i.html</FileNamePattern>
> <TimeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
> <MaxFileSize>500KB</MaxFileSize>
> </TimeBasedFileNamingAndTriggeringPolicy>
> </rollingPolicy>
> <layout class="ch.qos.logback.classic.html.HTMLLayout">
> <pattern>%d{HH:mm:ss.SSS}%logger{1}%msg</pattern>
> <cssBuilder class="ch.qos.logback.classic.html.UrlCssBuilder">
> <url>${CSS_HREF}</url>
> </cssBuilder>
> <title>Logs (ALL)</title>
> </layout>
> And the following is what I got:
> <td class="Message">(DemoCall) parsing response failed. Details:
> <call><action>getmessage</action></call>
> </td>
> What I'm expecting:
> <td class="Message">(DemoCall) parsing response failed. Details:
> <call><action>getmessage</action></call>
> </td>
> Or better wrap the above message with a <pre> tag. Do I need to extend the HTMLLayout to archive that? Or is it my job to do a StringEscapeUtils.escapeHTML(msg) for each log statement (I'm not going to do that, since there also is a file appender for which the escaping is not needed).
> Thanks!
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.qos.ch/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the logback-dev
mailing list