| src/main/java/com/ruoyi/common/filter/RepeatedlyRequestWrapper.java | ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史 | |
| src/main/java/com/ruoyi/common/filter/XssFilter.java | ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史 |
src/main/java/com/ruoyi/common/filter/RepeatedlyRequestWrapper.java
@@ -10,6 +10,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequestWrapper; import com.ruoyi.common.utils.http.HttpHelper; import com.ruoyi.common.constant.Constants; /** * 构建可重复读取inputStream的request @@ -23,10 +24,10 @@ public RepeatedlyRequestWrapper(HttpServletRequest request, ServletResponse response) throws IOException { super(request); request.setCharacterEncoding("UTF-8"); response.setCharacterEncoding("UTF-8"); request.setCharacterEncoding(Constants.UTF8); response.setCharacterEncoding(Constants.UTF8); body = HttpHelper.getBodyString(request).getBytes("UTF-8"); body = HttpHelper.getBodyString(request).getBytes(Constants.UTF8); } @Override src/main/java/com/ruoyi/common/filter/XssFilter.java
@@ -12,6 +12,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import com.ruoyi.common.utils.StringUtils; import com.ruoyi.common.enums.HttpMethod; /** * 防止XSS攻击的过滤器 @@ -59,7 +60,7 @@ String url = request.getServletPath(); String method = request.getMethod(); // GET DELETE 不过滤 if (method == null || method.matches("GET") || method.matches("DELETE")) if (method == null || HttpMethod.GET.matches(method) || HttpMethod.DELETE.matches(method)) { return true; }
