From f7cf4dc521d70da4eeef37236cf23526d32fa426 Mon Sep 17 00:00:00 2001 From: thinkgem Date: Wed, 9 Dec 2020 19:43:26 +0800 Subject: [PATCH] =?UTF-8?q?shiro1.7=E6=96=B0=E5=A2=9E=E4=BA=86=E9=9D=9E?= =?UTF-8?q?=E6=B3=95=E8=AF=B7=E6=B1=82=E8=BF=87=E6=BB=A4=E5=99=A8=EF=BC=8C?= =?UTF-8?q?=E5=9B=A0=E4=B8=BA=E4=B8=8D=E6=94=AF=E6=8C=81=E4=B8=AD=E6=96=87?= =?UTF-8?q?URL=EF=BC=8C=E6=89=80=E4=BB=A5=E5=85=B3=E9=97=ADNonAscii?= =?UTF-8?q?=E9=AA=8C=E8=AF=81=E3=80=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/com/jeesite/modules/config/ShiroConfig.java | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/modules/core/src/main/java/com/jeesite/modules/config/ShiroConfig.java b/modules/core/src/main/java/com/jeesite/modules/config/ShiroConfig.java index 1205660d..e0179ea5 100644 --- a/modules/core/src/main/java/com/jeesite/modules/config/ShiroConfig.java +++ b/modules/core/src/main/java/com/jeesite/modules/config/ShiroConfig.java @@ -13,6 +13,7 @@ import org.apache.shiro.cas.CasSubjectFactory; import org.apache.shiro.realm.Realm; import org.apache.shiro.spring.LifecycleBeanPostProcessor; import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor; +import org.apache.shiro.web.filter.InvalidRequestFilter; import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator; import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; import org.springframework.boot.web.servlet.FilterRegistrationBean; @@ -115,6 +116,15 @@ public class ShiroConfig { private UserFilter shiroUserFilter() { return new UserFilter(); } + + /** + * 非法请求过滤器 + */ + private InvalidRequestFilter invalidRequestFilter() { + InvalidRequestFilter bean = new InvalidRequestFilter(); + bean.setBlockNonAscii(false); + return bean; + } /** * Shiro认证过滤器 @@ -134,6 +144,7 @@ public class ShiroConfig { filters.put("perms", shiroPermsFilter()); filters.put("roles", shiroRolesFilter()); filters.put("user", shiroUserFilter()); + filters.put("invalidRequest", invalidRequestFilter()); FilterChainDefinitionMap chains = new FilterChainDefinitionMap(); chains.setFilterChainDefinitions(Global.getProperty("shiro.filterChainDefinitions")); chains.setDefaultFilterChainDefinitions(Global.getProperty("shiro.defaultFilterChainDefinitions"));