From 3d6fbb93f56d5221661f7899a00c5a70072e5ee5 Mon Sep 17 00:00:00 2001
From: wugh <328043740@qq.com>
Date: 星期一, 22 三月 2021 09:32:49 +0800
Subject: [PATCH] !11 [功能] 拆分出Vo,QueryBo,AddBo,EditBo等领域对象 * [修改] 错误引入的无用导包删除 * [新增] 增加Vo,QueryBo,AddBo,EditBo等视图,并调整controller,service的调用代码 * [新增] 增加CreateAndUpdateMetaObjectHandler,配合fill注解,实现创建和修改人的自动设置,减少重复代码

---
 ruoyi-common/src/main/java/com/ruoyi/common/filter/XssHttpServletRequestWrapper.java |   21 +++++++++++----------
 1 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/filter/XssHttpServletRequestWrapper.java b/ruoyi-common/src/main/java/com/ruoyi/common/filter/XssHttpServletRequestWrapper.java
index 3c9efb2..0548934 100644
--- a/ruoyi-common/src/main/java/com/ruoyi/common/filter/XssHttpServletRequestWrapper.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/filter/XssHttpServletRequestWrapper.java
@@ -1,16 +1,17 @@
 package com.ruoyi.common.filter;
 
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
+import cn.hutool.core.lang.Validator;
+import cn.hutool.http.HtmlUtil;
+import org.apache.commons.io.IOUtils;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.MediaType;
+
 import javax.servlet.ReadListener;
 import javax.servlet.ServletInputStream;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletRequestWrapper;
-import org.apache.commons.io.IOUtils;
-import org.springframework.http.HttpHeaders;
-import org.springframework.http.MediaType;
-import com.ruoyi.common.utils.StringUtils;
-import com.ruoyi.common.utils.html.EscapeUtil;
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
 
 /**
  * XSS杩囨护澶勭悊
@@ -38,7 +39,7 @@
             for (int i = 0; i < length; i++)
             {
                 // 闃瞲ss鏀诲嚮鍜岃繃婊ゅ墠鍚庣┖鏍�
-                escapseValues[i] = EscapeUtil.clean(values[i]).trim();
+                escapseValues[i] = HtmlUtil.cleanHtmlTag(values[i]).trim();
             }
             return escapseValues;
         }
@@ -56,13 +57,13 @@
 
         // 涓虹┖锛岀洿鎺ヨ繑鍥�
         String json = IOUtils.toString(super.getInputStream(), "utf-8");
-        if (StringUtils.isEmpty(json))
+        if (Validator.isEmpty(json))
         {
             return super.getInputStream();
         }
 
         // xss杩囨护
-        json = EscapeUtil.clean(json).trim();
+        json = HtmlUtil.cleanHtmlTag(json).trim();
         final ByteArrayInputStream bis = new ByteArrayInputStream(json.getBytes("utf-8"));
         return new ServletInputStream()
         {

--
Gitblit v1.9.3