SanitizingPatternLayout - Alfresco Content Services - 23.4 - 23.4 - Ready - Alfresco - external

Alfresco Content Services

Platform
Alfresco
Product
Alfresco Content Services
Release
23.4
License

SanitizingPatternLayout is a class provided by the alfresco-log-sanitizer library, which serves as an extension to the Log4j 1.x PatternLayout to harden Content Services against CWE-117: Improper Output Neutralization for Logs.

This implementation, being specific to Log4j 1.x, serves no purpose anymore and won't be packaged in Content Services 7.4.0.

Log4j 2.x offers regex replacement functionalities for logs out of the box, guaranteeing that Content Services is hardened against CWE-117 without needing any custom implementations, but just relying on the %replace layout parameter instead.