防止黑客通过提交crlf字符伪造日志输出,采用统一在logback输出的时候对记录的log输出进行任何crlf字符进行编码,无需针对某一条log输出进行编码输出
--pom依赖
<!-- https://mvnrepository.com/artifact/org.owasp/security-logging-logback --> <dependency> <groupId>org.owasp</groupId> <artifactId>security-logging-logback</artifactId> <version>1.1.6</version> </dependency> 
原理:
引用:
https://github.com/javabeanz/owasp-security-logging/wiki/Log-Forging