• Home
• com.yuweix.boot
• kuafu-spring-boot-starter
• 1.0.0
• source code
• XssUtil.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.yuweix.kuafu.web.XssUtil Maven / Gradle / Ivy

package com.yuweix.kuafu.web;



/**
 * Xss过滤器，用于去除XSS漏洞隐患。
 * @author yuwei
 */
public abstract class XssUtil {
    public static String filter(String val) {
        val = val.replaceAll("<", "<").replaceAll(">", ">");
        val = val.replaceAll("%3C", "<").replaceAll("%3E", ">");
        val = val.replaceAll("\\(", "(").replaceAll("\\)", ")");
        val = val.replaceAll("%28", "(").replaceAll("%29", ")");
        val = val.replaceAll("'", "'");
        val = val.replaceAll("eval\\((.*)\\)", "");
        val = val.replaceAll("[\\\"\\'][\\s]*javascript:(.*)[\\\"\\']", "\"\"");
        val = val.replaceAll("script", "");
        return val;
    }
}