From 885fca4b420c7ca194736d48394d90008e98ff86 Mon Sep 17 00:00:00 2001
From: "pixeebot[bot]" <104101892+pixeebot[bot]@users.noreply.github.com>
Date: Wed, 5 Feb 2025 03:08:10 +0000
Subject: [PATCH] (CodeQL) Fixed finding: "Log Injection"

---
 .../java/org/apache/roller/weblogger/util/MediacastUtil.java | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/app/src/main/java/org/apache/roller/weblogger/util/MediacastUtil.java b/app/src/main/java/org/apache/roller/weblogger/util/MediacastUtil.java
index 2653955bc..c311d36ea 100644
--- a/app/src/main/java/org/apache/roller/weblogger/util/MediacastUtil.java
+++ b/app/src/main/java/org/apache/roller/weblogger/util/MediacastUtil.java
@@ -19,6 +19,7 @@
 package org.apache.roller.weblogger.util;
 
 import io.github.pixee.security.HostValidator;
+import static io.github.pixee.security.Newlines.stripAll;
 import io.github.pixee.security.Urls;
 import java.net.HttpURLConnection;
 import java.net.MalformedURLException;
@@ -74,11 +75,11 @@ public static MediacastResource lookupResource(String url)
                 }
                 
                 resource = new MediacastResource(url, contentType, length);
-                LOG.debug("Valid mediacast resource = " + resource.toString());
+                LOG.debug("Valid mediacast resource = " + stripAll(resource.toString()));
                 
             }
         } catch (MalformedURLException mfue) {
-            LOG.debug("Malformed MediaCast url: " + url);
+            LOG.debug("Malformed MediaCast url: " + stripAll(url));
             throw new MediacastException(BAD_URL, "weblogEdit.mediaCastUrlMalformed", mfue);
         } catch (Exception e) {
             LOG.error("ERROR while checking MediaCast URL: " + url + ": " + e.getMessage());