mirror of
https://github.com/ruby/ruby.git
synced 2022-11-09 12:17:21 -05:00
* lib/logger.rb: added RDoc document for logging message escape
by Hal Brodigan. See #3869 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@30591 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
parent
c8e22ee12c
commit
9ffaa7e96b
2 changed files with 21 additions and 2 deletions
|
@ -1,3 +1,8 @@
|
|||
Tue Jan 18 15:05:55 2011 NAKAMURA, Hiroshi <nahi@ruby-lang.org>
|
||||
|
||||
* lib/logger.rb: added RDoc document for logging message escape
|
||||
by Hal Brodigan. See #3869
|
||||
|
||||
Tue Jan 18 07:53:52 2011 Tanaka Akira <akr@fsij.org>
|
||||
|
||||
* eval_intern.h: parenthesize macro arguments.
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
# logger.rb - simple logging utility
|
||||
# Copyright (C) 2000-2003, 2005, 2008 NAKAMURA, Hiroshi <nahi@ruby-lang.org>.
|
||||
# Copyright (C) 2000-2003, 2005, 2008, 2011 NAKAMURA, Hiroshi <nahi@ruby-lang.org>.
|
||||
#
|
||||
# Author:: NAKAMURA, Hiroshi <nakahiro@sarion.co.jp>
|
||||
# Documentation:: NAKAMURA, Hiroshi and Gavin Sinclair
|
||||
# License::
|
||||
# You can redistribute it and/or modify it under the same terms of Ruby's
|
||||
|
@ -41,6 +40,21 @@ require 'monitor'
|
|||
# want to know about the program's internal state, and would set them to
|
||||
# +DEBUG+.
|
||||
#
|
||||
# **Note**: Logger does not escape or sanitize any messages passed to it.
|
||||
# Developers should be aware of when potentially malicious data (user-input)
|
||||
# is passed to Logger, and manually escape the untrusted data:
|
||||
#
|
||||
# logger.info("User-input: #{input.dump}")
|
||||
# logger.info("User-input: %p" % input)
|
||||
#
|
||||
# You can use Logger#formatter= for escaping all data.
|
||||
#
|
||||
# original_formatter = Logger::Formatter.new
|
||||
# logger.formatter = proc { |severity, datetime, progname, msg|
|
||||
# original_formatter.call(severity, datetime, progname, msg.dump)
|
||||
# }
|
||||
# logger.info(input)
|
||||
#
|
||||
# === Example
|
||||
#
|
||||
# A simple example demonstrates the above explanation:
|
||||
|
|
Loading…
Reference in a new issue