All new code requires tests to ensure against regressions.
However, if your PR contains zero code changes, feel free to select the checkmark below to indicate so.
[X] Have you ran tests against this code?
[ ] This PR contains zero code changes.
Description of the Change
This PR changes how we check for simple log injection.
Previously we would only sanitize logs right before logging them, and would escape any processing if it wasn't a string.
Instead these changes now preform sanitizing on the exact user input values being added to a log, and additionally if a value that is not a string is found, we convert it to a string then sanitize anyway. This way we can ensure nothing slips past this check.
Requirements
Filling out the template is required.
All new code requires tests to ensure against regressions.
[X] Have you ran tests against this code?
[ ] This PR contains zero code changes.
Description of the Change
This PR changes how we check for simple log injection.
Previously we would only sanitize logs right before logging them, and would escape any processing if it wasn't a string. Instead these changes now preform sanitizing on the exact user input values being added to a log, and additionally if a value that is not a string is found, we convert it to a string then sanitize anyway. This way we can ensure nothing slips past this check.