From fef0630608f7ca85dc2afd050221b16abdb062de Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: 星期四, 27 一月 2022 12:12:08 +0800
Subject: [PATCH] 导出Excel时屏蔽公式,防止CSV注入风险
---
src/main/java/com/ruoyi/framework/security/service/TokenService.java | 18 ++++++++++++------
1 files changed, 12 insertions(+), 6 deletions(-)
diff --git a/src/main/java/com/ruoyi/framework/security/service/TokenService.java b/src/main/java/com/ruoyi/framework/security/service/TokenService.java
index 7637ed8..9e86c22 100644
--- a/src/main/java/com/ruoyi/framework/security/service/TokenService.java
+++ b/src/main/java/com/ruoyi/framework/security/service/TokenService.java
@@ -60,12 +60,18 @@
String token = getToken(request);
if (StringUtils.isNotEmpty(token))
{
- Claims claims = parseToken(token);
- // 瑙f瀽瀵瑰簲鐨勬潈闄愪互鍙婄敤鎴蜂俊鎭�
- String uuid = (String) claims.get(Constants.LOGIN_USER_KEY);
- String userKey = getTokenKey(uuid);
- LoginUser user = redisCache.getCacheObject(userKey);
- return user;
+ try
+ {
+ Claims claims = parseToken(token);
+ // 瑙f瀽瀵瑰簲鐨勬潈闄愪互鍙婄敤鎴蜂俊鎭�
+ String uuid = (String) claims.get(Constants.LOGIN_USER_KEY);
+ String userKey = getTokenKey(uuid);
+ LoginUser user = redisCache.getCacheObject(userKey);
+ return user;
+ }
+ catch (Exception e)
+ {
+ }
}
return null;
}
--
Gitblit v1.9.3