diff --git a/owasp-security-logging-common/src/main/java/org/owasp/security/logging/Utils.java b/owasp-security-logging-common/src/main/java/org/owasp/security/logging/Utils.java index 0fbe030..9fed847 100644 --- a/owasp-security-logging-common/src/main/java/org/owasp/security/logging/Utils.java +++ b/owasp-security-logging-common/src/main/java/org/owasp/security/logging/Utils.java @@ -89,7 +89,7 @@ public static String replaceCRLFWithUnderscore(String value) { * @param value * string to convert * @return converted string - * @see https://unicode.org/versions/Unicode14.0.0/UnicodeStandard-14.0.pdf#page=235 + * @see Unicode Standard */ public static String escapeNLFChars(String value) { return value.replace("\n", "\\n") diff --git a/owasp-security-logging-common/src/main/java/org/owasp/security/logging/util/SecurityUtil.java b/owasp-security-logging-common/src/main/java/org/owasp/security/logging/util/SecurityUtil.java index 848c449..fd74c89 100644 --- a/owasp-security-logging-common/src/main/java/org/owasp/security/logging/util/SecurityUtil.java +++ b/owasp-security-logging-common/src/main/java/org/owasp/security/logging/util/SecurityUtil.java @@ -42,13 +42,13 @@ public static void bindSystemStreamsToSLF4J() { /** * Redirect System.out and System.err streams to the given SLF4J loggers. * This is a benefit if you have a legacy console logger application. Does not provide - * benefit of a full implementation. For example, no hierarchical or logger inheritence - * support but there are some ancilarity benefits like, 1) capturing messages that would + * benefit of a full implementation. For example, no hierarchical or logger inheritance + * support but there are some ancillary benefits like, 1) capturing messages that would * otherwise be lost, 2) redirecting console messages to centralized log services, 3) * formatting console messages in other types of output (e.g., HTML). * - * @param sysOutLogger - * @param sysErrLogger + * @param newSysOutLogger Logger to use for System.out + * @param newSysErrLogger Logger to use for System.err */ public static void bindSystemStreamsToSLF4J(Logger newSysOutLogger, Logger newSysErrLogger) { if (newSysOutLogger != null) SecurityUtil.sysOutLogger = newSysOutLogger; diff --git a/owasp-security-logging-logback/src/main/java/org/owasp/security/logging/mask/CRLFThrowableProxy.java b/owasp-security-logging-logback/src/main/java/org/owasp/security/logging/mask/CRLFThrowableProxy.java index 0190be5..9a51a16 100644 --- a/owasp-security-logging-logback/src/main/java/org/owasp/security/logging/mask/CRLFThrowableProxy.java +++ b/owasp-security-logging-logback/src/main/java/org/owasp/security/logging/mask/CRLFThrowableProxy.java @@ -7,7 +7,7 @@ /** * Throwable proxy that replaces CR/LF chars in the message to avoid log injection * in exception messages. - * Calls to getMessage are intercepted to replace CR & LF in the message + * Calls to getMessage are intercepted to replace CR and LF in the message * Calls to getCause are intercepted to ensure all exceptions in the stack are treated * All other other methods are directly sent through the proxied instance. */ diff --git a/owasp-security-logging-logback/src/main/java/org/owasp/security/logging/mask/SSNMaskingConverter.java b/owasp-security-logging-logback/src/main/java/org/owasp/security/logging/mask/SSNMaskingConverter.java index b23d4a0..14f05ba 100644 --- a/owasp-security-logging-logback/src/main/java/org/owasp/security/logging/mask/SSNMaskingConverter.java +++ b/owasp-security-logging-logback/src/main/java/org/owasp/security/logging/mask/SSNMaskingConverter.java @@ -10,13 +10,15 @@ * Masks social security numbers in log messages. SSNs consist of digits separated * by dashes in the form ###-##-####. * - * The following famous/test SSNs are not masked: + * The following famous/test SSNs are not masked: + * + * * @author augustd */ public class SSNMaskingConverter extends ClassicConverter {