瀏覽代碼

Xss 过滤器

master
yaoq 2 年之前
父節點
當前提交
586c80d902
共有 2 個文件被更改,包括 10 次插入1 次删除
  1. +1
    -1
      smtweb-framework/bpm/src/main/resources/config/application.yaml
  2. +9
    -0
      smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/filter/XssSecurityConfig.java

+ 1
- 1
smtweb-framework/bpm/src/main/resources/config/application.yaml 查看文件

@@ -27,7 +27,7 @@ spring:
password:
datasource:
driver-class-name: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://127.0.0.1:3306/smt_asp?useUnicode=true&characterEncoding=utf-8&allowMultiQueries=true&useSSL=false
url: jdbc:mysql://127.0.0.1:3306/gdmz?useUnicode=true&characterEncoding=utf-8&allowMultiQueries=true&useSSL=false
username: root
password: root
servlet:


+ 9
- 0
smtweb-framework/core/src/main/java/cc/smtweb/framework/core/mvc/filter/XssSecurityConfig.java 查看文件

@@ -59,6 +59,9 @@ public class XssSecurityConfig implements InitializingBean {

@Override
public void afterPropertiesSet() throws Exception {
if (regex == null || regex.size() == 0) {
return;
}
StringBuffer tempStr = new StringBuffer("^");
regex.forEach(k -> {
tempStr.append(k);
@@ -88,6 +91,7 @@ public class XssSecurityConfig implements InitializingBean {
* @return
*/
public String securityReplace(String text) {
if (!initSuccess()) return text;
if (StringUtils.isEmpty(text)) {
return text;
} else {
@@ -102,11 +106,16 @@ public class XssSecurityConfig implements InitializingBean {
* @return
*/
public boolean matches(String text) {
if (!initSuccess()) return false;
if (StringUtils.isEmpty(text)) {
return false;
}
return XSS_PATTERN.matcher(text).matches();
}

private boolean initSuccess() {
return regex != null && regex.size() > 0;
}
}



Loading…
取消
儲存