mula
/
fourcal
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
fourcal/src/main/java/cn/palmte/work/security/XssHttpServletRequestWrappe...

51 lines
1.4 KiB
Java
Raw Blame History

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

package cn.palmte.work.security;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
HttpServletRequest originRequest = null;
public XssHttpServletRequestWrapper(HttpServletRequest request) {
super(request);
originRequest = request;
}
/**
* 覆盖getParameter方法将参数名和参数值都做xss过滤。<br/>
* 如果需要获得原始的值则通过super.getParameterValues(name)来获取<br/>
* getParameterNames,getParameterValues和getParameterMap也可能需要覆盖
*/
@Override
public String getParameter(String name) {
String parameter = super.getParameter(name);
return UrlUtil.replaceSpecialChar(parameter);
}
@Override
public String[] getParameterValues(String name) {
String[] arr = super.getParameterValues(name);
if(arr != null){
for (int i=0;i<arr.length;i++) {
arr[i] = UrlUtil.replaceSpecialChar(arr[i]);
}
}
return arr;
}
@Override
public String getHeader(String name) {
String value = super.getHeader(name);
return UrlUtil.replaceSpecialChar(value);
}
/**
* 获取最原始的request
*/
public HttpServletRequest getOriginRequest() {
return originRequest;
}
}
Reference in New Issue View Git Blame Copy Permalink