• Home
• cn.twelvet
• xss-spring-boot-starter
• 1.0.0
• source code
• XssCleanDeserializer.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

cn.twelvet.xss.core.XssCleanDeserializer Maven / Gradle / Ivy

package cn.twelvet.xss.core;

import cn.twelvet.xss.config.XssProperties;
import cn.twelvet.xss.utils.SpringContextHolder;
import cn.twelvet.xss.utils.XssUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.io.IOException;

/**
 * jackson xss 处理
 *
 * @author twelvet
 */
public class XssCleanDeserializer extends XssCleanDeserializerBase {

	private final static Logger log = LoggerFactory.getLogger(XssCleanDeserializer.class);

	@Override
	public String clean(String name, String text) throws IOException {
		// 读取 xss 配置
		XssProperties properties = SpringContextHolder.getBean(XssProperties.class);
		// 读取 XssCleaner bean
		XssCleaner xssCleaner = SpringContextHolder.getBean(XssCleaner.class);
		if (xssCleaner != null) {
			String value = xssCleaner.clean(XssUtil.trim(text, properties.isTrimText()));
			log.debug("Json property value:{} cleaned up by twelvet, current value is:{}.", text, value);
			return value;
		}
		else {
			return XssUtil.trim(text, properties.isTrimText());
		}
	}

}