ContiNew/continew-starter
1
1
Fork 0
mirror of https://github.com/continew-org/continew-starter.git synced 2025-09-08 16:57:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

refactor: 解决 Sonar 问题,替换部分过期 API

Browse Source
This commit is contained in:
Charles7c
2025-01-04 19:42:03 +08:00
parent b9779e8944
commit 80c0700934
10 changed files with 57 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
continew-starter-web/src/main/java/top/continew/starter/web/autoconfigure/xss/XssFilter.java
View File

@@ -16,7 +16,7 @@
package top.continew.starter.web.autoconfigure.xss;
import cn.hutool.core.collection.CollectionUtil;
import cn.hutool.core.collection.CollUtil;
import jakarta.servlet.*;
import jakarta.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
@@ -55,14 +55,14 @@ public class XssFilter implements Filter {
if (servletRequest instanceof HttpServletRequest request && xssProperties.isEnabled()) {
// 放行路由:忽略 XSS 过滤
List<String> excludePatterns = xssProperties.getExcludePatterns();
if (CollectionUtil.isNotEmpty(excludePatterns) && SpringWebUtils.isMatch(request
if (CollUtil.isNotEmpty(excludePatterns) && SpringWebUtils.isMatch(request
.getServletPath(), excludePatterns)) {
filterChain.doFilter(request, servletResponse);
return;
}
// 拦截路由:执行 XSS 过滤
List<String> includePatterns = xssProperties.getIncludePatterns();
if (CollectionUtil.isNotEmpty(includePatterns)) {
if (CollUtil.isNotEmpty(includePatterns)) {
if (SpringWebUtils.isMatch(request.getServletPath(), includePatterns)) {
filterChain.doFilter(new XssServletRequestWrapper(request, xssProperties), servletResponse);
} else {

4
continew-starter-web/src/main/java/top/continew/starter/web/autoconfigure/xss/XssServletRequestWrapper.java
View File

@@ -16,7 +16,7 @@
package top.continew.starter.web.autoconfigure.xss;
import cn.hutool.core.collection.CollectionUtil;
import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.io.IoUtil;
import cn.hutool.core.text.CharSequenceUtil;
import cn.hutool.core.util.ArrayUtil;
@@ -110,7 +110,7 @@ public class XssServletRequestWrapper extends HttpServletRequestWrapper {
// 转义
if (XssMode.ESCAPE.equals(mode)) {
List<String> reStr = ReUtil.findAllGroup0(HtmlUtil.RE_HTML_MARK, content);
if (CollectionUtil.isEmpty(reStr)) {
if (CollUtil.isEmpty(reStr)) {
return content;
}
for (String s : reStr) {