You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
39 lines
1007 B
39 lines
1007 B
package com.ruoyi.common.xss;
|
|
|
|
import javax.servlet.http.HttpServletRequest;
|
|
import javax.servlet.http.HttpServletRequestWrapper;
|
|
import com.ruoyi.common.utils.html.EscapeUtil;
|
|
|
|
/**
|
|
* XSS过滤处理
|
|
*
|
|
* @author ruoyi
|
|
*/
|
|
public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper
|
|
{
|
|
/**
|
|
* @param request
|
|
*/
|
|
public XssHttpServletRequestWrapper(HttpServletRequest request)
|
|
{
|
|
super(request);
|
|
}
|
|
|
|
@Override
|
|
public String[] getParameterValues(String name)
|
|
{
|
|
String[] values = super.getParameterValues(name);
|
|
if (values != null)
|
|
{
|
|
int length = values.length;
|
|
String[] escapseValues = new String[length];
|
|
for (int i = 0; i < length; i++)
|
|
{
|
|
// 防xss攻击和过滤前后空格
|
|
escapseValues[i] = EscapeUtil.clean(values[i]).trim();
|
|
}
|
|
return escapseValues;
|
|
}
|
|
return super.getParameterValues(name);
|
|
}
|
|
}
|