diff --git a/smtweb-framework/bpm/src/main/resources/config/application.yaml b/smtweb-framework/bpm/src/main/resources/config/application.yaml index ede1cda..faec76f 100644 --- a/smtweb-framework/bpm/src/main/resources/config/application.yaml +++ b/smtweb-framework/bpm/src/main/resources/config/application.yaml @@ -27,7 +27,7 @@ spring: password: datasource: driver-class-name: com.mysql.cj.jdbc.Driver - url: jdbc:mysql://127.0.0.1:3306/smt_asp?useUnicode=true&characterEncoding=utf-8&allowMultiQueries=true&useSSL=false + url: jdbc:mysql://127.0.0.1:3306/gdmz?useUnicode=true&characterEncoding=utf-8&allowMultiQueries=true&useSSL=false username: root password: root servlet: diff --git a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/filter/XssSecurityConfig.java b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/filter/XssSecurityConfig.java index 0250874..96055e2 100644 --- a/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/filter/XssSecurityConfig.java +++ b/smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/filter/XssSecurityConfig.java @@ -59,6 +59,9 @@ public class XssSecurityConfig implements InitializingBean { @Override public void afterPropertiesSet() throws Exception { + if (regex == null || regex.size() == 0) { + return; + } StringBuffer tempStr = new StringBuffer("^"); regex.forEach(k -> { tempStr.append(k); @@ -88,6 +91,7 @@ public class XssSecurityConfig implements InitializingBean { * @return */ public String securityReplace(String text) { + if (!initSuccess()) return text; if (StringUtils.isEmpty(text)) { return text; } else { @@ -102,11 +106,16 @@ public class XssSecurityConfig implements InitializingBean { * @return */ public boolean matches(String text) { + if (!initSuccess()) return false; if (StringUtils.isEmpty(text)) { return false; } return XSS_PATTERN.matcher(text).matches(); } + + private boolean initSuccess() { + return regex != null && regex.size() > 0; + } }