From 59461175d980e59c41715c5c479748cd5f09a12b Mon Sep 17 00:00:00 2001 From: Chopper Date: Mon, 22 Nov 2021 16:45:54 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E6=94=AF=E4=BB=98=E5=AE=9D?= =?UTF-8?q?=E9=85=8D=E7=BD=AE=E7=A7=81=E9=92=A5=E5=90=8E=E6=97=A0=E6=B3=95?= =?UTF-8?q?=E6=94=AF=E4=BB=98=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../common/security/filter/XssHttpServletRequestWrapper.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/framework/src/main/java/cn/lili/common/security/filter/XssHttpServletRequestWrapper.java b/framework/src/main/java/cn/lili/common/security/filter/XssHttpServletRequestWrapper.java index d7061cf2..c5a34eb1 100644 --- a/framework/src/main/java/cn/lili/common/security/filter/XssHttpServletRequestWrapper.java +++ b/framework/src/main/java/cn/lili/common/security/filter/XssHttpServletRequestWrapper.java @@ -35,7 +35,7 @@ public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper { * * @todo 这里的参数应该更智能些,例如iv,前端的参数包含这两个字母就会放过,这是有问题的 */ - private static final String[] IGNORE_FIELD = {"logo", "url", "photo", "intro", "content", "name", "image", "encrypted", "iv","mail"}; + private static final String[] IGNORE_FIELD = {"logo", "url", "photo", "intro", "content", "name", "image", "encrypted", "iv", "mail", "privateKey"}; public XssHttpServletRequestWrapper(HttpServletRequest request) { super(request);