feat(security/xss): 新增 XSS 过滤模块（原 web 模块内组件）

continew-starter-security/continew-starter-security-xss/pom.xml

@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>top.continew</groupId>
+        <artifactId>continew-starter-security</artifactId>
+        <version>${revision}</version>
+    </parent>
+
+    <artifactId>continew-starter-security-xss</artifactId>
+    <description>ContiNew Starter 安全模块 - XSS 过滤模块</description>
+
+    <dependencies>
+        <!-- Web 模块 -->
+        <dependency>
+            <groupId>top.continew</groupId>
+            <artifactId>continew-starter-web</artifactId>
+        </dependency>
+    </dependencies>
+</project>

continew-starter-security/continew-starter-security-xss/src/main/java/top/continew/starter/security/xss/autoconfigure/XssAutoConfiguration.java

@@ -14,8 +14,11 @@
  * limitations under the License.
  */
 
-package top.continew.starter.web.autoconfigure.xss;
+package top.continew.starter.security.xss.autoconfigure;
 
+import jakarta.annotation.PostConstruct;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.boot.autoconfigure.AutoConfiguration;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
@@ -23,6 +26,7 @@ import org.springframework.boot.context.properties.EnableConfigurationProperties
 import org.springframework.boot.web.servlet.FilterRegistrationBean;
 import org.springframework.context.annotation.Bean;
 import top.continew.starter.core.constant.PropertiesConstants;
+import top.continew.starter.security.xss.filter.XssFilter;
 
 /**
  * XSS 过滤自动配置
@@ -33,9 +37,11 @@ import top.continew.starter.core.constant.PropertiesConstants;
 @AutoConfiguration
 @ConditionalOnWebApplication
 @EnableConfigurationProperties(XssProperties.class)
-@ConditionalOnProperty(prefix = PropertiesConstants.WEB_XSS, name = PropertiesConstants.ENABLED, havingValue = "true")
+@ConditionalOnProperty(prefix = PropertiesConstants.SECURITY_XSS, name = PropertiesConstants.ENABLED, havingValue = "true")
 public class XssAutoConfiguration {
 
+    private static final Logger log = LoggerFactory.getLogger(XssAutoConfiguration.class);
+
     /**
      * XSS 过滤器配置
      */
@@ -45,4 +51,9 @@ public class XssAutoConfiguration {
         registrationBean.setFilter(new XssFilter(xssProperties));
         return registrationBean;
     }
+
+    @PostConstruct
+    public void postConstruct() {
+        log.debug("[ContiNew Starter] - Auto Configuration 'Security-XSS' completed initialization.");
+    }
 }

continew-starter-security/continew-starter-security-xss/src/main/java/top/continew/starter/security/xss/autoconfigure/XssProperties.java

@@ -14,11 +14,11 @@
  * limitations under the License.
  */
 
-package top.continew.starter.web.autoconfigure.xss;
+package top.continew.starter.security.xss.autoconfigure;
 
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import top.continew.starter.core.constant.PropertiesConstants;
-import top.continew.starter.web.enums.XssMode;
+import top.continew.starter.security.xss.enums.XssMode;
 
 import java.util.ArrayList;
 import java.util.List;
@@ -29,7 +29,7 @@ import java.util.List;
  * @author whhya
  * @since 2.0.0
  */
-@ConfigurationProperties(PropertiesConstants.WEB_XSS)
+@ConfigurationProperties(PropertiesConstants.SECURITY_XSS)
 public class XssProperties {
 
     /**

continew-starter-security/continew-starter-security-xss/src/main/java/top/continew/starter/security/xss/enums/XssMode.java

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package top.continew.starter.web.enums;
+package top.continew.starter.security.xss.enums;
 
 /**
  * XSS 模式枚举

continew-starter-security/continew-starter-security-xss/src/main/java/top/continew/starter/security/xss/filter/XssFilter.java

@@ -14,13 +14,14 @@
  * limitations under the License.
  */
 
-package top.continew.starter.web.autoconfigure.xss;
+package top.continew.starter.security.xss.filter;
 
 import cn.hutool.core.collection.CollUtil;
 import jakarta.servlet.*;
 import jakarta.servlet.http.HttpServletRequest;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import top.continew.starter.security.xss.autoconfigure.XssProperties;
 import top.continew.starter.web.util.SpringWebUtils;
 
 import java.io.IOException;

continew-starter-security/continew-starter-security-xss/src/main/java/top/continew/starter/security/xss/filter/XssServletRequestWrapper.java

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package top.continew.starter.web.autoconfigure.xss;
+package top.continew.starter.security.xss.filter;
 
 import cn.hutool.core.collection.CollUtil;
 import cn.hutool.core.io.IoUtil;
@@ -29,7 +29,8 @@ import jakarta.servlet.ServletInputStream;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletRequestWrapper;
 import top.continew.starter.core.constant.StringConstants;
-import top.continew.starter.web.enums.XssMode;
+import top.continew.starter.security.xss.autoconfigure.XssProperties;
+import top.continew.starter.security.xss.enums.XssMode;
 
 import java.io.BufferedReader;
 import java.io.ByteArrayInputStream;

continew-starter-security/continew-starter-security-xss/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports

@@ -0,0 +1 @@
+top.continew.starter.security.xss.autoconfigure.XssAutoConfiguration

continew-starter-security/pom.xml

@@ -18,6 +18,7 @@
         <module>continew-starter-security-mask</module>
         <module>continew-starter-security-crypto</module>
         <module>continew-starter-security-sensitivewords</module>
+        <module>continew-starter-security-xss</module>
     </modules>
 
     <dependencies>