From 82f1f5d0cf1b51a5d81915e842e01760f404fa74 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子li <15040126243@163.com>
Date: 星期三, 20 十月 2021 13:07:16 +0800
Subject: [PATCH] update 优化xxl-job-admin相关pr代码 增加格式化日志输出与docker镜像
---
ruoyi-common/src/main/java/com/ruoyi/common/filter/XssHttpServletRequestWrapper.java | 37 +++++++++++++++++++++++--------------
1 files changed, 23 insertions(+), 14 deletions(-)
diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/filter/XssHttpServletRequestWrapper.java b/ruoyi-common/src/main/java/com/ruoyi/common/filter/XssHttpServletRequestWrapper.java
index 3c9efb2..8af1257 100644
--- a/ruoyi-common/src/main/java/com/ruoyi/common/filter/XssHttpServletRequestWrapper.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/filter/XssHttpServletRequestWrapper.java
@@ -1,20 +1,22 @@
package com.ruoyi.common.filter;
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
+import cn.hutool.core.io.IoUtil;
+import cn.hutool.http.HtmlUtil;
+import com.ruoyi.common.utils.StringUtils;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.MediaType;
+
import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
-import org.apache.commons.io.IOUtils;
-import org.springframework.http.HttpHeaders;
-import org.springframework.http.MediaType;
-import com.ruoyi.common.utils.StringUtils;
-import com.ruoyi.common.utils.html.EscapeUtil;
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
/**
* XSS杩囨护澶勭悊
- *
+ *
* @author ruoyi
*/
public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper
@@ -38,7 +40,7 @@
for (int i = 0; i < length; i++)
{
// 闃瞲ss鏀诲嚮鍜岃繃婊ゅ墠鍚庣┖鏍�
- escapseValues[i] = EscapeUtil.clean(values[i]).trim();
+ escapseValues[i] = HtmlUtil.cleanHtmlTag(values[i]).trim();
}
return escapseValues;
}
@@ -55,15 +57,16 @@
}
// 涓虹┖锛岀洿鎺ヨ繑鍥�
- String json = IOUtils.toString(super.getInputStream(), "utf-8");
+ String json = IoUtil.read(super.getInputStream(), StandardCharsets.UTF_8);
if (StringUtils.isEmpty(json))
{
return super.getInputStream();
}
// xss杩囨护
- json = EscapeUtil.clean(json).trim();
- final ByteArrayInputStream bis = new ByteArrayInputStream(json.getBytes("utf-8"));
+ json = HtmlUtil.cleanHtmlTag(json).trim();
+ byte[] jsonBytes = json.getBytes(StandardCharsets.UTF_8);
+ final ByteArrayInputStream bis = IoUtil.toStream(jsonBytes);
return new ServletInputStream()
{
@Override
@@ -76,6 +79,12 @@
public boolean isReady()
{
return true;
+ }
+
+ @Override
+ public int available() throws IOException
+ {
+ return jsonBytes.length;
}
@Override
@@ -93,12 +102,12 @@
/**
* 鏄惁鏄疛son璇锋眰
- *
+ *
* @param request
*/
public boolean isJsonRequest()
{
String header = super.getHeader(HttpHeaders.CONTENT_TYPE);
- return MediaType.APPLICATION_JSON_VALUE.equalsIgnoreCase(header);
+ return StringUtils.startsWithIgnoreCase(header, MediaType.APPLICATION_JSON_VALUE);
}
}
\ No newline at end of file
--
Gitblit v1.9.3