From 7c8c692e87e56b6279e119e97da15604816a2541 Mon Sep 17 00:00:00 2001
From: lifenlong <pikachu1995@126.com>
Date: Wed, 9 Jun 2021 18:21:11 +0800
Subject: [PATCH] =?UTF-8?q?=E5=8E=BB=E9=99=A4xss=E7=A9=BA=E6=A0=BC?=
 =?UTF-8?q?=E8=BF=87=E6=BB=A4?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../common/security/filter/XssHttpServletRequestWrapper.java  | 4 ++--
 .../modules/system/serviceimpl/AppVersionServiceImpl.java     | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/framework/src/main/java/cn/lili/common/security/filter/XssHttpServletRequestWrapper.java b/framework/src/main/java/cn/lili/common/security/filter/XssHttpServletRequestWrapper.java
index 70c2df5b..04fe053e 100644
--- a/framework/src/main/java/cn/lili/common/security/filter/XssHttpServletRequestWrapper.java
+++ b/framework/src/main/java/cn/lili/common/security/filter/XssHttpServletRequestWrapper.java
@@ -93,8 +93,8 @@ public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
     private String cleanXSS(String value) {
         if (value != null) {
             //推荐使用ESAPI库来避免脚本攻击,value = ESAPI.encoder().canonicalize(value);
-            // 避免空字符串
-            value = value.replaceAll(" ", "");
+//            // 避免空字符串
+//            value = value.replaceAll(" ", "");
             // 避免script 标签
             Pattern scriptPattern = Pattern.compile("<script>(.*?)</script>", Pattern.CASE_INSENSITIVE);
             value = scriptPattern.matcher(value).replaceAll("");
diff --git a/framework/src/main/java/cn/lili/modules/system/serviceimpl/AppVersionServiceImpl.java b/framework/src/main/java/cn/lili/modules/system/serviceimpl/AppVersionServiceImpl.java
index 8d31b954..45a31a10 100644
--- a/framework/src/main/java/cn/lili/modules/system/serviceimpl/AppVersionServiceImpl.java
+++ b/framework/src/main/java/cn/lili/modules/system/serviceimpl/AppVersionServiceImpl.java
@@ -29,7 +29,7 @@ public class AppVersionServiceImpl extends ServiceImpl<AppVersionMapper, AppVers
     @Override
     public boolean checkAppVersion(AppVersion appVersion) {
         //检测版本是否存在
-        if(null!=this.getOne(new LambdaQueryWrapper<AppVersion>().eq(AppVersion::getVersion,appVersion))){
+        if(null!=this.getOne(new LambdaQueryWrapper<AppVersion>().eq(AppVersion::getVersion,appVersion.getVersion()))){
             throw new ServiceException(ResultCode.APP_VERSION_EXIST);
         }
         return true;