| | |
|---|
| | | import com.ruoyi.common.web.config.properties.XssProperties; |
|---|
| | | import com.ruoyi.common.web.filter.RepeatableFilter; |
|---|
| | | import com.ruoyi.common.web.filter.XssFilter; |
|---|
| | | import org.springframework.beans.factory.annotation.Autowired; |
|---|
| | | import jakarta.servlet.DispatcherType; |
|---|
| | | import org.springframework.boot.autoconfigure.AutoConfiguration; |
|---|
| | | import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; |
|---|
| | | import org.springframework.boot.context.properties.EnableConfigurationProperties; |
|---|
| | | import org.springframework.boot.web.servlet.FilterRegistrationBean; |
|---|
| | | import org.springframework.context.annotation.Bean; |
|---|
| | | |
|---|
| | | import jakarta.servlet.DispatcherType; |
|---|
| | | import java.util.HashMap; |
|---|
| | | import java.util.Map; |
|---|
| | | |
|---|
| | |
|---|
| | | * @author Lion Li |
|---|
| | | */ |
|---|
| | | @AutoConfiguration |
|---|
| | | @EnableConfigurationProperties(XssProperties.class) |
|---|
| | | public class FilterConfig { |
|---|
| | | |
|---|
| | | @Autowired |
|---|
| | | private XssProperties xssProperties; |
|---|
| | | |
|---|
| | | @SuppressWarnings({"rawtypes", "unchecked"}) |
|---|
| | | @Bean |
|---|
| | | @ConditionalOnProperty(value = "xss.enabled", havingValue = "true") |
|---|
| | | public FilterRegistrationBean xssFilterRegistration() { |
|---|
| | | public FilterRegistrationBean xssFilterRegistration(XssProperties xssProperties) { |
|---|
| | | FilterRegistrationBean registration = new FilterRegistrationBean(); |
|---|
| | | registration.setDispatcherTypes(DispatcherType.REQUEST); |
|---|
| | | registration.setFilter(new XssFilter()); |
|---|
| | | registration.addUrlPatterns(StringUtils.split(xssProperties.getUrlPatterns(), ",")); |
|---|
| | | registration.addUrlPatterns(StringUtils.split(xssProperties.getUrlPatterns(), StringUtils.SEPARATOR)); |
|---|
| | | registration.setName("xssFilter"); |
|---|
| | | registration.setOrder(FilterRegistrationBean.HIGHEST_PRECEDENCE); |
|---|
| | | Map<String, String> initParameters = new HashMap<String, String>(); |
|---|
| | | Map<String, String> initParameters = new HashMap<>(); |
|---|
| | | initParameters.put("excludes", xssProperties.getExcludes()); |
|---|
| | | registration.setInitParameters(initParameters); |
|---|
| | | return registration; |
|---|
