caojiahao/dev_caojiahao
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

增加说明

Browse Source
This commit is contained in:
Chopper 2021-11-14 15:41:16 +08:00
parent 078af06b63
commit 1d317998af
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
framework/src/main/java/cn/lili/common/security/filter/XssHttpServletRequestWrapper.java
View File

@ -29,7 +29,12 @@ import java.util.Map;
*/ */
public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper { public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
private static final String[] ignoreField = {"logo", "url", "photo", "intro", "content", "name", "encrypted", "iv"};
/**
* xss过滤参数
* @todo 这里的参数应该更智能些例如iv前端的参数包含这两个字母就会放过这是有问题的
*/
private static final String[] IGNORE_FIELD = {"logo", "url", "photo", "intro", "content", "name", "encrypted", "iv"};
public XssHttpServletRequestWrapper(HttpServletRequest request) { public XssHttpServletRequestWrapper(HttpServletRequest request) {
super(request); super(request);