update 优化魔法值
This commit is contained in:
parent
6f48fc3c58
commit
0a893d196e
@ -10,6 +10,7 @@ import javax.servlet.ServletResponse;
|
|||||||
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletRequest;
|
||||||
import javax.servlet.http.HttpServletRequestWrapper;
|
import javax.servlet.http.HttpServletRequestWrapper;
|
||||||
import com.ruoyi.common.utils.http.HttpHelper;
|
import com.ruoyi.common.utils.http.HttpHelper;
|
||||||
|
import com.ruoyi.common.constant.Constants;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 构建可重复读取inputStream的request
|
* 构建可重复读取inputStream的request
|
||||||
@ -23,10 +24,10 @@ public class RepeatedlyRequestWrapper extends HttpServletRequestWrapper
|
|||||||
public RepeatedlyRequestWrapper(HttpServletRequest request, ServletResponse response) throws IOException
|
public RepeatedlyRequestWrapper(HttpServletRequest request, ServletResponse response) throws IOException
|
||||||
{
|
{
|
||||||
super(request);
|
super(request);
|
||||||
request.setCharacterEncoding("UTF-8");
|
request.setCharacterEncoding(Constants.UTF8);
|
||||||
response.setCharacterEncoding("UTF-8");
|
response.setCharacterEncoding(Constants.UTF8);
|
||||||
|
|
||||||
body = HttpHelper.getBodyString(request).getBytes("UTF-8");
|
body = HttpHelper.getBodyString(request).getBytes(Constants.UTF8);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
@ -12,6 +12,7 @@ import javax.servlet.ServletResponse;
|
|||||||
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletRequest;
|
||||||
import javax.servlet.http.HttpServletResponse;
|
import javax.servlet.http.HttpServletResponse;
|
||||||
import com.ruoyi.common.utils.StringUtils;
|
import com.ruoyi.common.utils.StringUtils;
|
||||||
|
import com.ruoyi.common.enums.HttpMethod;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 防止XSS攻击的过滤器
|
* 防止XSS攻击的过滤器
|
||||||
@ -59,7 +60,7 @@ public class XssFilter implements Filter
|
|||||||
String url = request.getServletPath();
|
String url = request.getServletPath();
|
||||||
String method = request.getMethod();
|
String method = request.getMethod();
|
||||||
// GET DELETE 不过滤
|
// GET DELETE 不过滤
|
||||||
if (method == null || method.matches("GET") || method.matches("DELETE"))
|
if (method == null || HttpMethod.GET.matches(method) || HttpMethod.DELETE.matches(method))
|
||||||
{
|
{
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user