• Home
• io.leopard
• web4j-nobug
• 0.0.1
• source code
• XssCheckerUrlImpl.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

io.leopard.web.security.xss.XssCheckerUrlImpl Maven / Gradle / Ivy

package io.leopard.web.security.xss;

import java.util.regex.Matcher;
import java.util.regex.Pattern;

import org.apache.commons.lang.StringUtils;

public class XssCheckerUrlImpl implements XssChecker {
	private static XssChecker instance = new XssCheckerUrlImpl();

	public static XssChecker getInstance() {
		return instance;
	}

	private static Pattern pattern = Pattern.compile("[<>'\"]");

	@Override
	public boolean check(String value) {
		value = StringUtils.lowerCase(value);
		
		// FIXME ahai URL合法性判断为完全
		Matcher m = pattern.matcher(value);
		if (m.find()) {
			return true;
		}
		if (value.indexOf("script") != -1) {
			return true;
		}
		return false;
	}

}