manager/my-worker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

xssFilter和sqlFilter增加附加参数,方便追踪调用来源

Browse Source
This commit is contained in:
thinkgem
2021-05-27 19:52:15 +08:00
parent ff04855966
commit 11e1934d04
4 changed files with 22 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modules/core/src/main/java/com/jeesite/common/shiro/filter/FormAuthenticationFilter.java
View File

@@ -115,7 +115,7 @@ public class FormAuthenticationFilter extends org.apache.shiro.web.filter.authc.
}
// 登录时判断是否需要记住用户名
if (WebUtils.isTrue(request, REMEMBER_USERCODE_PARAM)) {
rememberUserCodeCookie.setValue(EncodeUtils.encodeUrl(EncodeUtils.xssFilter(username)));
rememberUserCodeCookie.setValue(EncodeUtils.encodeUrl(EncodeUtils.xssFilter(username, (HttpServletRequest)request)));
rememberUserCodeCookie.saveTo((HttpServletRequest)request, (HttpServletResponse)response);
} else {
rememberUserCodeCookie.removeFrom((HttpServletRequest)request, (HttpServletResponse)response);

2
modules/core/src/main/java/com/jeesite/modules/sys/utils/LogUtils.java
View File

@@ -94,7 +94,7 @@ public class LogUtils {
}
log.setServerAddr(request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort());
log.setRemoteAddr(IpUtils.getRemoteAddr(request));
log.setUserAgent(EncodeUtils.xssFilter(request.getHeader("User-Agent")));
log.setUserAgent(EncodeUtils.xssFilter(request.getHeader("User-Agent"), request));
UserAgent userAgent = UserAgent.parseUserAgentString(log.getUserAgent());
log.setDeviceName(userAgent.getOperatingSystem().getName());
log.setBrowserName(userAgent.getBrowser().getName());