fix(data submit): Xss攻击

2025-04-26 17:20:52 +00:00 · 2021-06-01 20:58:06 +08:00 · 2021-06-01 20:58:06 +08:00 · 655ec90906
commit 655ec90906
parent f28dd867ef
1 changed files with 1 additions and 6 deletions
--- a/novel-front/src/main/java/com/java2nb/novel/core/wrapper/XssHttpServletRequestWrapper.java
+++ b/novel-front/src/main/java/com/java2nb/novel/core/wrapper/XssHttpServletRequestWrapper.java
@ -14,11 +14,6 @@ import java.util.List;
 */
 public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {

-    /**
-     * 假如有有html 代码是自己传来的  需要设定对应的name 不过滤
-     */
-    private static final List<String> noFilterNames = Arrays.asList("content");
-
    /**
     * @param request
     */
@ -29,7 +24,7 @@ public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
    @Override
    public String[] getParameterValues(String name) {
        String[] values = super.getParameterValues(name);
-        if (!noFilterNames.contains(name) && values != null) {
+        if (values != null) {
            int length = values.length;
            String[] escapseValues = new String[length];
            for (int i = 0; i < length; i++) {