Potential fix for code scanning alert no. 20: Log entries created from user input

zdrawku · github-advanced-security[bot] · web-flow · commit 01cfb6475ba4 · 2025-03-04T15:04:51.000+02:00
Co-authored-by: Copilot Autofix powered by AI &lt;62310815+github-advanced-security[bot]@users.noreply.github.com&gt;
diff --git a/NorthwindCRUD/Controllers/QueryBuilderController.cs b/NorthwindCRUD/Controllers/QueryBuilderController.cs
@@ -48,7 +48,8 @@ public QueryBuilderController(DataContext dataContext, IMapper mapper, ILogger<Q
     [Produces("application/json")]
     public ActionResult<QueryBuilderResult> ExecuteQuery(Query query)
     {
-        logger.LogInformation("Executing query for entity: {Entity}", query.Entity);
+        var sanitizedEntity = query.Entity.Replace("\r", "").Replace("\n", "");
+        logger.LogInformation("Executing query for entity: {Entity}", sanitizedEntity);
         var t = query.Entity.ToLower(CultureInfo.InvariantCulture);
         return Ok(new QueryBuilderResult
         {

Original file line number	Diff line number	Diff line change
`@@ -48,7 +48,8 @@ public QueryBuilderController(DataContext dataContext, IMapper mapper, ILogger<Q`
`48`	`48`	`[Produces("application/json")]`
`49`	`49`	`public ActionResult<QueryBuilderResult> ExecuteQuery(Query query)`
`50`	`50`	`{`
`51`		`- logger.LogInformation("Executing query for entity: {Entity}", query.Entity);`
	`51`	`+ var sanitizedEntity = query.Entity.Replace("\r", "").Replace("\n", "");`
	`52`	`+ logger.LogInformation("Executing query for entity: {Entity}", sanitizedEntity);`
`52`	`53`	`var t = query.Entity.ToLower(CultureInfo.InvariantCulture);`
`53`	`54`	`return Ok(new QueryBuilderResult`
`54`	`55`	`{`