caojiahao/dev_caojiahao
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'master' of gitee.com:beijing_hongye_huicheng/lilishop

Browse Source
This commit is contained in:
Chopper 2021-06-10 09:16:36 +08:00
commit 89f4b71301
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
framework/src/main/java/cn/lili/common/security/filter/XssHttpServletRequestWrapper.java
View File

@ -93,8 +93,8 @@ public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
private String cleanXSS(String value) { private String cleanXSS(String value) {
if (value != null) { if (value != null) {
//推荐使用ESAPI库来避免脚本攻击,value = ESAPI.encoder().canonicalize(value); //推荐使用ESAPI库来避免脚本攻击,value = ESAPI.encoder().canonicalize(value);
// 避免空字符串 // // 避免空字符串
value = value.replaceAll(" ", ""); // value = value.replaceAll(" ", "");
// 避免script 标签 // 避免script 标签
Pattern scriptPattern = Pattern.compile("<script>(.*?)</script>", Pattern.CASE_INSENSITIVE); Pattern scriptPattern = Pattern.compile("<script>(.*?)</script>", Pattern.CASE_INSENSITIVE);
value = scriptPattern.matcher(value).replaceAll(""); value = scriptPattern.matcher(value).replaceAll("");

2
framework/src/main/java/cn/lili/modules/system/serviceimpl/AppVersionServiceImpl.java
View File

@ -29,7 +29,7 @@ public class AppVersionServiceImpl extends ServiceImpl<AppVersionMapper, AppVers
@Override @Override
public boolean checkAppVersion(AppVersion appVersion) { public boolean checkAppVersion(AppVersion appVersion) {
//检测版本是否存在 //检测版本是否存在
if(null!=this.getOne(new LambdaQueryWrapper<AppVersion>().eq(AppVersion::getVersion,appVersion))){ if(null!=this.getOne(new LambdaQueryWrapper<AppVersion>().eq(AppVersion::getVersion,appVersion.getVersion()))){
throw new ServiceException(ResultCode.APP_VERSION_EXIST); throw new ServiceException(ResultCode.APP_VERSION_EXIST);
} }
return true; return true;