product-inventory-management-after.git

			@@ -3,8 +3,6 @@
			import java.io.IOException;
			import java.util.ArrayList;
			import java.util.List;
			import java.util.regex.Matcher;
			import java.util.regex.Pattern;
			import javax.servlet.Filter;
			import javax.servlet.FilterChain;
			import javax.servlet.FilterConfig;
			@@ -27,16 +25,10 @@
			*/
			public List<String> excludes = new ArrayList<>();

			/**
			* xss过滤开关
			*/
			public boolean enabled = false;

			@Override
			public void init(FilterConfig filterConfig) throws ServletException
			{
			String tempExcludes = filterConfig.getInitParameter("excludes");
			String tempEnabled = filterConfig.getInitParameter("enabled");
			if (StringUtils.isNotEmpty(tempExcludes))
			{
			String[] url = tempExcludes.split(",");
			@@ -44,10 +36,6 @@
			{
			excludes.add(url[i]);
			}
			}
			if (StringUtils.isNotEmpty(tempEnabled))
			{
			enabled = Boolean.valueOf(tempEnabled);
			}
			}

			@@ -68,25 +56,14 @@

			private boolean handleExcludeURL(HttpServletRequest request, HttpServletResponse response)
			{
			if (!enabled)
			String url = request.getServletPath();
			String method = request.getMethod();
			// GET DELETE 不过滤
			if (method == null \|\| method.matches("GET") \|\| method.matches("DELETE"))
			{
			return true;
			}
			if (excludes == null \|\| excludes.isEmpty())
			{
			return false;
			}
			String url = request.getServletPath();
			for (String pattern : excludes)
			{
			Pattern p = Pattern.compile("^" + pattern);
			Matcher m = p.matcher(url);
			if (m.find())
			{
			return true;
			}
			}
			return false;
			return StringUtils.matches(url, excludes);
			}

			@Override