|
@ -5,6 +5,7 @@ import org.slf4j.LoggerFactory;
|
|
|
|
|
|
import javax.servlet.*;
|
|
|
import javax.servlet.http.HttpServletRequest;
|
|
|
import javax.servlet.http.HttpServletResponse;
|
|
|
import java.io.IOException;
|
|
|
|
|
|
/**
|
|
@ -22,6 +23,12 @@ public class CrosXssFilter implements Filter {
|
|
|
response.setContentType("text/html;charset=utf-8");
|
|
|
//sql,xss过滤
|
|
|
HttpServletRequest httpServletRequest=(HttpServletRequest)request;
|
|
|
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
|
|
|
if(httpServletRequest.getRequestURI().contains("dump")){
|
|
|
httpServletResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);
|
|
|
logger.info("SC_FORBIDDEN=======================");
|
|
|
return;
|
|
|
}
|
|
|
XssHttpServletRequestWrapper xssHttpServletRequestWrapper=new XssHttpServletRequestWrapper(
|
|
|
httpServletRequest);
|
|
|
chain.doFilter(xssHttpServletRequestWrapper, response);
|