• Home
• com.github.mengweijin
• quickboot-framework
• 1.0.25
• source code
• XssHttpServletRequestWrapper.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.github.mengweijin.quickboot.framework.xss.XssHttpServletRequestWrapper Maven / Gradle / Ivy

package com.github.mengweijin.quickboot.framework.xss;

import org.jsoup.Jsoup;
import org.jsoup.safety.Whitelist;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;

/**
 * @description XSS过滤处理
 *
 * @author
 **/
public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {

    /**
     * @param request
     */
    public XssHttpServletRequestWrapper(HttpServletRequest request) {
        super(request);
    }

    @Override
    public String[] getParameterValues(String name) {
        String[] values = super.getParameterValues(name);
        if (values != null) {
            int length = values.length;
            String[] escapeValues = new String[length];
            for (int i = 0; i < length; i++) {
                // 防xss攻击和过滤前后空格
                escapeValues[i] = Jsoup.clean(values[i], Whitelist.relaxed()).trim();
            }
            return escapeValues;
        }
        return super.getParameterValues(name);
    }
}