[logback-user] Log forging prevention
Thomas Meyer
thomas at m3y3r.de
Thu Nov 3 18:58:04 UTC 2016
> Hello,
Hi,
>
> What's the recommended way to protect against log forging attacks
> with
> logback (using pattern layout) ? Is there a way to specify a set of
> reserved characters and tell logback to escape them ?
You may want to have a look at the OWASP security logging project:
https://github.com/javabeanz/owasp-security-logging/tree/master/owasp-s
ecurity-logging-logback
With kind regards
thomas
More information about the logback-user
mailing list