| | |
|---|
| | | package org.dromara.common.web.config; |
|---|
| | | |
|---|
| | | import org.dromara.common.core.utils.StringUtils; |
|---|
| | | import jakarta.servlet.DispatcherType; |
|---|
| | | import org.dromara.common.web.config.properties.XssProperties; |
|---|
| | | import org.dromara.common.web.filter.RepeatableFilter; |
|---|
| | | import org.dromara.common.web.filter.XssFilter; |
|---|
| | | import jakarta.servlet.DispatcherType; |
|---|
| | | import org.springframework.boot.autoconfigure.AutoConfiguration; |
|---|
| | | import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; |
|---|
| | | import org.springframework.boot.context.properties.EnableConfigurationProperties; |
|---|
| | | import org.springframework.boot.web.servlet.FilterRegistrationBean; |
|---|
| | | import org.springframework.context.annotation.Bean; |
|---|
| | | |
|---|
| | | import java.util.HashMap; |
|---|
| | | import java.util.Map; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * Filter配置 |
|---|
| | |
|---|
| | | @EnableConfigurationProperties(XssProperties.class) |
|---|
| | | public class FilterConfig { |
|---|
| | | |
|---|
| | | @SuppressWarnings({"rawtypes", "unchecked"}) |
|---|
| | | @Bean |
|---|
| | | @ConditionalOnProperty(value = "xss.enabled", havingValue = "true") |
|---|
| | | public FilterRegistrationBean xssFilterRegistration(XssProperties xssProperties) { |
|---|
| | | FilterRegistrationBean registration = new FilterRegistrationBean(); |
|---|
| | | public FilterRegistrationBean<XssFilter> xssFilterRegistration() { |
|---|
| | | FilterRegistrationBean<XssFilter> registration = new FilterRegistrationBean<>(); |
|---|
| | | registration.setDispatcherTypes(DispatcherType.REQUEST); |
|---|
| | | registration.setFilter(new XssFilter()); |
|---|
| | | registration.addUrlPatterns(StringUtils.split(xssProperties.getUrlPatterns(), StringUtils.SEPARATOR)); |
|---|
| | | registration.addUrlPatterns("/*"); |
|---|
| | | registration.setName("xssFilter"); |
|---|
| | | registration.setOrder(FilterRegistrationBean.HIGHEST_PRECEDENCE); |
|---|
| | | Map<String, String> initParameters = new HashMap<>(); |
|---|
| | | initParameters.put("excludes", xssProperties.getExcludes()); |
|---|
| | | registration.setInitParameters(initParameters); |
|---|
| | | registration.setOrder(FilterRegistrationBean.HIGHEST_PRECEDENCE + 1); |
|---|
| | | return registration; |
|---|
| | | } |
|---|
| | | |
|---|
| | | @SuppressWarnings({"rawtypes", "unchecked"}) |
|---|
| | | @Bean |
|---|
| | | public FilterRegistrationBean someFilterRegistration() { |
|---|
| | | FilterRegistrationBean registration = new FilterRegistrationBean(); |
|---|
| | | public FilterRegistrationBean<RepeatableFilter> someFilterRegistration() { |
|---|
| | | FilterRegistrationBean<RepeatableFilter> registration = new FilterRegistrationBean<>(); |
|---|
| | | registration.setFilter(new RepeatableFilter()); |
|---|
| | | registration.addUrlPatterns("/*"); |
|---|
| | | registration.setName("repeatableFilter"); |
|---|
