From 48b08c81a10e832996d346a441e1b0b59643d50f Mon Sep 17 00:00:00 2001
From: thinkgem <thinkgem@163.com>
Date: Thu, 8 Nov 2018 23:42:18 +0800
Subject: [PATCH] =?UTF-8?q?=E6=89=8B=E6=9C=BA=E5=8F=B7=E9=AA=8C=E8=AF=81?=
 =?UTF-8?q?=E5=A2=9E=E5=8A=A0199=E5=8F=B7=E7=A0=81=E6=AE=B5=EF=BC=9B?=
 =?UTF-8?q?=E4=BF=AE=E6=AD=A3=E9=83=A8=E5=88=86=E5=8A=9F=E8=83=BDxss?=
 =?UTF-8?q?=E6=BC=8F=E6=B4=9E=EF=BC=9B?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../com/jeesite/common/codec/EncodeUtils.java | 85 +++++++++++++------
 .../sys/service/impl/MenuServiceImpl.java     |  2 +-
 .../sys/service/impl/RoleServiceImpl.java     |  2 +-
 .../sys/service/impl/UserServiceImpl.java     |  2 +-
 .../resources/config/beetl-core.properties    |  5 +-
 5 files changed, 63 insertions(+), 33 deletions(-)

diff --git a/common/src/main/java/com/jeesite/common/codec/EncodeUtils.java b/common/src/main/java/com/jeesite/common/codec/EncodeUtils.java
index 5188b183..e25d244f 100644
--- a/common/src/main/java/com/jeesite/common/codec/EncodeUtils.java
+++ b/common/src/main/java/com/jeesite/common/codec/EncodeUtils.java
@@ -216,7 +216,34 @@ public class EncodeUtils {
 					&& !(StringUtils.startsWith(value, "{") && StringUtils.endsWith(value, "}")) // JSON Object
 					&& !(StringUtils.startsWith(value, "[") && StringUtils.endsWith(value, "]")) // JSON Array
 				){
-				value = value.replaceAll("\"", "&quot;").replaceAll("<", "&lt;").replaceAll(">", "&gt;");
+				StringBuilder sb = new StringBuilder();
+				for (int i = 0; i < value.length(); i++) {
+					char c = value.charAt(i);
+					switch (c) {
+					case '>':
+						sb.append("＞");
+						break;
+					case '<':
+						sb.append("＜");
+						break;
+					case '\'':
+						sb.append("＇");
+						break;
+					case '\"':
+						sb.append("＂");
+						break;
+					case '&':
+						sb.append("＆");
+						break;
+					case '#':
+						sb.append("＃");
+						break;
+					default:
+						sb.append(c);
+						break;
+					}
+				}
+				value = sb.toString();
 			}
 			if (logger.isInfoEnabled() && !value.equals(oriValue)){
 				logger.info("xssFilter: {}   <=<=<=   {}", value, text);
@@ -250,33 +277,35 @@ public class EncodeUtils {
 	}
 	
 //	public static void main(String[] args) {
-//		xssFilter("你好，<script>alert(document.cookie)</script>我还在。");
-//		xssFilter("你好，<strong>加粗文字</strong>我还在。");
-//		xssFilter("<!--HTML-->你好，\"><strong>加粗文字</strong>我还在。");
-//		xssFilter("<!--HTML-->你好，<iframe src=\"abcdef\"></iframe><strong>加粗文字</strong>我还在。");
-//		xssFilter("<!--HTML-->你好，<iframe src=\"abcdef\"/><strong>加粗文字</strong>我还在。");
-//		xssFilter("<!--HTML-->你好，<iframe src=\"abcdef\"><strong>加粗文字</strong>我还在。");
-//		xssFilter("<!--HTML-->你好，<script type=\"text/javascript\">alert(document.cookie)</script>我还在。");
-//		xssFilter("<!--HTML-->你好，<script\n type=\"text/javascript\">\nalert(document.cookie)\n</script>我还在。");
-//		xssFilter("<!--HTML-->你好，<script src='' onerror='alert(document.cookie)'></script>我还在。");
-//		xssFilter("<!--HTML-->你好，<script type=text/javascript>alert()我还在。");
-//		xssFilter("<!--HTML-->你好，<script>alert(document.cookie)</script>我还在。");
-//		xssFilter("<!--HTML-->你好，<script>window.location='url'我还在。");
-//		xssFilter("<!--HTML-->你好，</script></iframe>我还在。");
-//		xssFilter("<!--HTML-->你好，eval(abc)我还在。");
-//		xssFilter("<!--HTML-->你好，xpression(abc)我还在。");
-//		xssFilter("<!--HTML-->你好，<img src='abc.jpg' onerror='location='';alert(document.cookie);'></img>我还在。");
-//		xssFilter("<!--HTML-->你好，<img src='abc.jpg' onerror='alert(document.cookie);'/>我还在。");
-//		xssFilter("<!--HTML-->你好，<img src='abc.jpg' onerror='alert(document.cookie);'>我还在。");
-//		xssFilter("<!--HTML-->你好，<a onload='alert(\"abc\")'>hello</a>我还在。");
-//		xssFilter("<!--HTML-->你好，<a href=\"/abc\">hello</a>我还在。");
-//		xssFilter("<!--HTML-->你好，<a href='/abc'>hello</a>我还在。");
-//		xssFilter("<!--HTML-->你好，<a href='vbscript:alert(\"abc\");'>hello</a>我还在。");
-//		xssFilter("<!--HTML-->你好，<a href='javascript:alert(\"abc\");'>hello</a>我还在。");
-//		xssFilter("<!--HTML-->你好，?abc=def&hello=123&world={\"a\":1}我还在。");
-//		sqlFilter("你好，select * from xxx where abc=def and 1=1我还在。");
-//		sqlFilter("你好，insert into xxx values(1,2,3,4,5)我还在。");
-//		sqlFilter("你好，delete from xxx我还在。");
+//		int i = 0;
+//		xssFilter((++i)+"你好，<script>alert(document.cookie)</script>我还在。");
+//		xssFilter((++i)+"你好，<strong>加粗文字</strong>我还在。");
+//		xssFilter("<!--HTML-->"+(++i)+"你好，\"><strong>加粗文字</strong>我还在。");
+//		xssFilter("<!--HTML-->"+(++i)+"你好，<iframe src=\"abcdef\"></iframe><strong>加粗文字</strong>我还在。");
+//		xssFilter("<!--HTML-->"+(++i)+"你好，<iframe src=\"abcdef\"/><strong>加粗文字</strong>我还在。");
+//		xssFilter("<!--HTML-->"+(++i)+"你好，<iframe src=\"abcdef\"><strong>加粗文字</strong>我还在。");
+//		xssFilter("<!--HTML-->"+(++i)+"你好，<script type=\"text/javascript\">alert(document.cookie)</script>我还在。");
+//		xssFilter("<!--HTML-->"+(++i)+"你好，<script\n type=\"text/javascript\">\nalert(document.cookie)\n</script>我还在。");
+//		xssFilter("<!--HTML-->"+(++i)+"你好，<script src='' onerror='alert(document.cookie)'></script>我还在。");
+//		xssFilter("<!--HTML-->"+(++i)+"你好，<script type=text/javascript>alert()我还在。");
+//		xssFilter("<!--HTML-->"+(++i)+"你好，<script>alert(document.cookie)</script>我还在。");
+//		xssFilter("<!--HTML-->"+(++i)+"你好，<script>window.location='url'我还在。");
+//		xssFilter("<!--HTML-->"+(++i)+"你好，</script></iframe>我还在。");
+//		xssFilter("<!--HTML-->"+(++i)+"你好，eval(abc)我还在。");
+//		xssFilter("<!--HTML-->"+(++i)+"你好，xpression(abc)我还在。");
+//		xssFilter("<!--HTML-->"+(++i)+"你好，<img src='abc.jpg' onerror='location='';alert(document.cookie);'></img>我还在。");
+//		xssFilter("<!--HTML-->"+(++i)+"你好，<img src='abc.jpg' onerror='alert(document.cookie);'/>我还在。");
+//		xssFilter("<!--HTML-->"+(++i)+"你好，<img src='abc.jpg' onerror='alert(document.cookie);'>我还在。");
+//		xssFilter("<!--HTML-->"+(++i)+"你好，<a onload='alert(\"abc\")'>hello</a>我还在。");
+//		xssFilter("<!--HTML-->"+(++i)+"你好，<a href=\"/abc\">hello</a>我还在。");
+//		xssFilter("<!--HTML-->"+(++i)+"你好，<a href='/abc'>hello</a>我还在。");
+//		xssFilter("<!--HTML-->"+(++i)+"你好，<a href='vbscript:alert(\"abc\");'>hello</a>我还在。");
+//		xssFilter("<!--HTML-->"+(++i)+"你好，<a href='javascript:alert(\"abc\");'>hello</a>我还在。");
+//		xssFilter("<!--HTML-->"+(++i)+"你好，?abc=def&hello=123&world={\"a\":1}我还在。");
+//		xssFilter("<!--HTML-->"+(++i)+"你好，?abc=def&hello=123&world={'a':1}我还在。");
+//		sqlFilter((++i)+"你好，select * from xxx where abc=def and 1=1我还在。");
+//		sqlFilter((++i)+"你好，insert into xxx values(1,2,3,4,5)我还在。");
+//		sqlFilter((++i)+"你好，delete from xxx我还在。");
 //	}
 	
 }
diff --git a/modules/core/src/main/java/com/jeesite/modules/sys/service/impl/MenuServiceImpl.java b/modules/core/src/main/java/com/jeesite/modules/sys/service/impl/MenuServiceImpl.java
index d8be05a8..acc1e1b5 100644
--- a/modules/core/src/main/java/com/jeesite/modules/sys/service/impl/MenuServiceImpl.java
+++ b/modules/core/src/main/java/com/jeesite/modules/sys/service/impl/MenuServiceImpl.java
@@ -18,7 +18,7 @@
 //@Service
 //public class MenuServiceImpl extends MenuServiceSupport {
 //
-//	public MenuServiceExtendImpl() {
+//	public MenuServiceImpl() {
 //		this.entityClass = Menu.class;
 //	}
 //	
diff --git a/modules/core/src/main/java/com/jeesite/modules/sys/service/impl/RoleServiceImpl.java b/modules/core/src/main/java/com/jeesite/modules/sys/service/impl/RoleServiceImpl.java
index 2e67bf79..c453d064 100644
--- a/modules/core/src/main/java/com/jeesite/modules/sys/service/impl/RoleServiceImpl.java
+++ b/modules/core/src/main/java/com/jeesite/modules/sys/service/impl/RoleServiceImpl.java
@@ -18,7 +18,7 @@
 //@Service
 //public class RoleServiceImpl extends RoleServiceSupport {
 //
-//	public RoleServiceExtendImpl() {
+//	public RoleServiceImpl() {
 //		this.entityClass = Role.class;
 //	}
 //	
diff --git a/modules/core/src/main/java/com/jeesite/modules/sys/service/impl/UserServiceImpl.java b/modules/core/src/main/java/com/jeesite/modules/sys/service/impl/UserServiceImpl.java
index 4784a29f..8f9c65da 100644
--- a/modules/core/src/main/java/com/jeesite/modules/sys/service/impl/UserServiceImpl.java
+++ b/modules/core/src/main/java/com/jeesite/modules/sys/service/impl/UserServiceImpl.java
@@ -18,7 +18,7 @@
 //@Service
 //public class UserServiceImpl extends UserServiceSupport {
 //
-//	public UserServiceExtendImpl() {
+//	public UserServiceImpl() {
 //		this.entityClass = User.class;
 //	}
 //	
diff --git a/modules/core/src/main/resources/config/beetl-core.properties b/modules/core/src/main/resources/config/beetl-core.properties
index 2d6c807c..39eae0c5 100644
--- a/modules/core/src/main/resources/config/beetl-core.properties
+++ b/modules/core/src/main/resources/config/beetl-core.properties
@@ -90,8 +90,9 @@ FNP.reg = org.beetl.ext.fn.RegxFunctionUtil
 FNP.array = org.beetl.ext.fn.ArrayUtil
 
 ##内置的格式化函数
-FT.dateFormat =  org.beetl.ext.format.DateFormat
-FT.numberFormat =  org.beetl.ext.format.NumberFormat
+FT.dateFormat = org.beetl.ext.format.DateFormat
+FT.numberFormat = org.beetl.ext.format.NumberFormat
+FT.xss = com.jeesite.common.beetl.ext.format.XssFormat
 
 ##内置的默认格式化函数
 FTC.java.util.Date = org.beetl.ext.format.DateFormat