search

NASA-PDS / registry-api

Web API service for the PDS Registry, providing the implementation of the PDS Search API (https://github.com/nasa-pds/pds-api) for the PDS Registry.
https://nasa-pds.github.io/pds-api
Apache License 2.0
2 stars 5 forks source link

normalize whitespace in log messages outputting user-provided parameters #418

Closed alexdunnjpl closed 6 months ago

alexdunnjpl commented 6 months ago

🗒️ Summary

Applies StringUtils.normalizeSpace() to user-provided values when echoed to log output, to address CRLF injection concerns.

There's probably a way of configuring the logger to perform this automatically, but we're running quick and dirty today, lads.

⚙️ Test Data and/or Report

n/a

♻️ Related Issues

Fixes #388