Summary Table
Categories |
Total Count |
PII |
0 |
URL |
0 |
DNS |
0 |
EKL |
0 |
IP |
0 |
PORT |
0 |
VsID |
0 |
CF |
0 |
AI |
0 |
VPD |
0 |
PL |
0 |
Other |
0 |
File Content
package gov.va.oneconsult.seoc.api.util;
import org.apache.log4j.Logger;
import org.owasp.esapi.ESAPI;
/**
* EncodeLogger uses ESAPI to encode all log messages
* All messages are subject to encoding
*/
public final class EncodeLogger extends Logger
{
private static Logger logger;
protected EncodeLogger(Logger log)
{
super(log.getName());
logger = log;
}
/**
* Description: ensure no CRLF injection into logs for forging records
* @param input
* @return sanitized message
*/
public String encode(Object input)
{
if (input != null) {
String message = input.toString();
String cleanedMsg = message.replace('\n', '_').replace('\r', '_');
cleanedMsg = ESAPI.encoder().encodeForHTML(cleanedMsg);
if (!message.equals(cleanedMsg)) {
cleanedMsg += " (Encoded)";
}
return cleanedMsg;
}
return null;
}
public Logger getLogger()
{
return logger;
}
public void fatal(Object message)
{
logger.fatal(encode(message));
}
public void fatal (Object message, Throwable t)
{
logger.fatal(encode(message), t);
}
public void error (Object message)
{
logger.error(encode(message));
}
public void error (Object message, Throwable t)
{
logger.error(encode(message), t);
}
public void warn (Object message)
{
logger.warn(encode(message));
}
public void warn (Object message, Throwable t)
{
logger.warn(encode(message), t);
}
public void info (Object message)
{
logger.info(encode(message));
}
public void info (Object message, Throwable t)
{
logger.info(encode(message), t);
}
public void debug (Object message)
{
logger.debug(encode(message));
}
public void debug (Object message, Throwable t)
{
logger.debug(encode(message), t);
}
public void trace (Object message, Throwable t)
{
logger.trace(encode(message), t);
}
public void trace (Object message)
{
logger.trace(encode(message));
}
public boolean isDebugEnabled ()
{
return logger.isDebugEnabled();
}
}