From 29c45d39cb78b1c0bfeb72f6134945c8df1881df Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: 星期一, 01 十一月 2021 15:05:43 +0800
Subject: [PATCH] 任务屏蔽违规字符
---
src/main/java/com/ruoyi/common/constant/Constants.java | 6 ++++++
src/main/java/com/ruoyi/project/monitor/controller/SysJobController.java | 8 ++++++++
2 files changed, 14 insertions(+), 0 deletions(-)
diff --git a/src/main/java/com/ruoyi/common/constant/Constants.java b/src/main/java/com/ruoyi/common/constant/Constants.java
index 9f55771..98aeebc 100644
--- a/src/main/java/com/ruoyi/common/constant/Constants.java
+++ b/src/main/java/com/ruoyi/common/constant/Constants.java
@@ -148,4 +148,10 @@
* LDAP 杩滅▼鏂规硶璋冪敤
*/
public static final String LOOKUP_LDAP = "ldap://";
+
+ /**
+ * 瀹氭椂浠诲姟杩濊鐨勫瓧绗�
+ */
+ public static final String[] JOB_ERROR_STR = { "java.net.URL", "javax.naming.InitialContext", "org.yaml.snakeyaml",
+ "org.springframework.jndi" };
}
diff --git a/src/main/java/com/ruoyi/project/monitor/controller/SysJobController.java b/src/main/java/com/ruoyi/project/monitor/controller/SysJobController.java
index db45659..918f4ac 100644
--- a/src/main/java/com/ruoyi/project/monitor/controller/SysJobController.java
+++ b/src/main/java/com/ruoyi/project/monitor/controller/SysJobController.java
@@ -96,6 +96,10 @@
{
return error("鏂板浠诲姟'" + job.getJobName() + "'澶辫触锛岀洰鏍囧瓧绗︿覆涓嶅厑璁�'http(s)//'璋冪敤");
}
+ else if (StringUtils.containsAnyIgnoreCase(job.getInvokeTarget(), Constants.JOB_ERROR_STR))
+ {
+ return error("鏂板浠诲姟'" + job.getJobName() + "'澶辫触锛岀洰鏍囧瓧绗︿覆瀛樺湪杩濊");
+ }
job.setCreateBy(getUsername());
return toAjax(jobService.insertJob(job));
}
@@ -124,6 +128,10 @@
{
return error("淇敼浠诲姟'" + job.getJobName() + "'澶辫触锛岀洰鏍囧瓧绗︿覆涓嶅厑璁�'http(s)//'璋冪敤");
}
+ else if (StringUtils.containsAnyIgnoreCase(job.getInvokeTarget(), Constants.JOB_ERROR_STR))
+ {
+ return error("淇敼浠诲姟'" + job.getJobName() + "'澶辫触锛岀洰鏍囧瓧绗︿覆瀛樺湪杩濊");
+ }
job.setUpdateBy(getUsername());
return toAjax(jobService.updateJob(job));
}
--
Gitblit v1.9.3