+ * Centralizes the defenses against log injection (control characters, log-format markers) and
+ * unbounded log growth (length limits) that are shared by the REST exception mappers.
+ */
+final class LogSanitizer {
+
+ private static final int MAX_URL_LENGTH = 500;
+ private static final int MAX_QUERY_STRING_LENGTH = 200;
+ private static final int MAX_CLASS_NAME_LENGTH = 100;
+ private static final int MAX_METHOD_LENGTH = 10;
+ private static final int MAX_QUERY_PARAMS = 10;
+ private static final int MAX_QUERY_PARAM_VALUE_LENGTH = 50;
+
+ private static final Set