Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Log the unsanitized redirect URL to facilitate abuse investigations.

  • Loading branch information...
commit dcc451643888f1238d84aa155fa36fa69a84f744 1 parent 911254c
Marvin S. Addison serac authored
2  cas-server-core/src/main/java/org/jasig/cas/authentication/principal/Response.java
View
@@ -115,7 +115,7 @@ private static String sanitizeUrl(final String url) {
}
m.appendTail(sb);
if (hasNonPrintable) {
- LOG.warn("Non-printable characters detected in redirect URL. This may indicate a CRLF attack.");
+ LOG.warn("The following redirect URL has been sanitized and may be sign of attack:\n" + url);
}
return sb.toString();
}
Please sign in to comment.
Something went wrong with that request. Please try again.