From 3160fcbe360bca723c6011de57e045acf38af6e0 Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: 星期四, 11 四月 2024 16:43:09 +0800
Subject: [PATCH] 升级spring-framework到安全版本，防止漏洞风险

---
 src/main/java/com/ruoyi/common/xss/XssValidator.java |    7 ++++++-
 1 files changed, 6 insertions(+), 1 deletions(-)

diff --git a/src/main/java/com/ruoyi/common/xss/XssValidator.java b/src/main/java/com/ruoyi/common/xss/XssValidator.java
index 34d0700..b859428 100644
--- a/src/main/java/com/ruoyi/common/xss/XssValidator.java
+++ b/src/main/java/com/ruoyi/common/xss/XssValidator.java
@@ -27,8 +27,13 @@
 
     public static boolean containsHtml(String value)
     {
+        StringBuilder sHtml = new StringBuilder();
         Pattern pattern = Pattern.compile(HTML_PATTERN);
         Matcher matcher = pattern.matcher(value);
-        return matcher.matches();
+        while (matcher.find())
+        {
+            sHtml.append(matcher.group());
+        }
+        return pattern.matcher(sHtml).matches();
     }
 }
\ No newline at end of file

--
Gitblit v1.9.3