| | |
|---|
| | | package com.ruoyi.common.xss;
|
|---|
| | |
|
|---|
| | | import javax.validation.ConstraintValidator;
|
|---|
| | | import javax.validation.ConstraintValidatorContext;
|
|---|
| | | import java.util.regex.Matcher;
|
|---|
| | | import java.util.regex.Pattern;
|
|---|
| | |
|
|---|
| | | /**
|
|---|
| | | * 自定义xss校验注解实现
|
|---|
| | | * |
|---|
| | | * @author ruoyi
|
|---|
| | | */
|
|---|
| | | public class XssValidator implements ConstraintValidator<Xss, String>
|
|---|
| | | {
|
|---|
| | | private final String HTML_PATTERN = "<(\\S*?)[^>]*>.*?|<.*? />";
|
|---|
| | |
|
|---|
| | | @Override
|
|---|
| | | public boolean isValid(String value, ConstraintValidatorContext constraintValidatorContext)
|
|---|
| | | {
|
|---|
| | | return !containsHtml(value);
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | public boolean containsHtml(String value)
|
|---|
| | | {
|
|---|
| | | Pattern pattern = Pattern.compile(HTML_PATTERN);
|
|---|
| | | Matcher matcher = pattern.matcher(value);
|
|---|
| | | return matcher.matches();
|
|---|
| | | }
|
|---|
| | | } |
|---|
| | | package com.ruoyi.common.xss; |
|---|
| | | |
|---|
| | | import cn.hutool.core.util.ReUtil; |
|---|
| | | import cn.hutool.http.HtmlUtil; |
|---|
| | | |
|---|
| | | import jakarta.validation.ConstraintValidator; |
|---|
| | | import jakarta.validation.ConstraintValidatorContext; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 自定义xss校验注解实现 |
|---|
| | | * |
|---|
| | | * @author Lion Li |
|---|
| | | */ |
|---|
| | | public class XssValidator implements ConstraintValidator<Xss, String> { |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | public boolean isValid(String value, ConstraintValidatorContext constraintValidatorContext) { |
|---|
| | | return !ReUtil.contains(HtmlUtil.RE_HTML_MARK, value); |
|---|
| | | } |
|---|
| | | |
|---|
| | | } |
|---|
