惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

N
Netflix TechBlog - Medium
V
Vulnerabilities – Threatpost
Google Online Security Blog
Google Online Security Blog
Hugging Face - Blog
Hugging Face - Blog
L
LINUX DO - 热门话题
云风的 BLOG
云风的 BLOG
P
Proofpoint News Feed
D
Docker
C
Cyber Attacks, Cyber Crime and Cyber Security
MyScale Blog
MyScale Blog
P
Palo Alto Networks Blog
T
Tenable Blog
P
Privacy International News Feed
Google DeepMind News
Google DeepMind News
小众软件
小众软件
Cisco Talos Blog
Cisco Talos Blog
aimingoo的专栏
aimingoo的专栏
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
A
Arctic Wolf
C
Cybersecurity and Infrastructure Security Agency CISA
C
Cisco Blogs
T
Threat Research - Cisco Blogs
NISL@THU
NISL@THU
The Hacker News
The Hacker News
Project Zero
Project Zero
AWS News Blog
AWS News Blog
Simon Willison's Weblog
Simon Willison's Weblog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
T
Threatpost
V
Visual Studio Blog
The GitHub Blog
The GitHub Blog
The Cloudflare Blog
Last Week in AI
Last Week in AI
Jina AI
Jina AI
Cyberwarzone
Cyberwarzone
The Register - Security
The Register - Security
C
CXSECURITY Database RSS Feed - CXSecurity.com
Vercel News
Vercel News
D
Darknet – Hacking Tools, Hacker News & Cyber Security
MongoDB | Blog
MongoDB | Blog
U
Unit 42
Scott Helme
Scott Helme
A
About on SuperTechFans
WordPress大学
WordPress大学
F
Fortinet All Blogs
大猫的无限游戏
大猫的无限游戏
G
GRAHAM CLULEY
Latest news
Latest news
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
S
Schneier on Security

博客园 - BigOrang

在vim中搜索关键字 linux top快捷键 druid 获取数据库连接失败,一直wait.DruidDataSource.takeLast -Xmx3G -Xms2G 在已经指定了最小内存2G后,启动的时候,就会直接分配2G给jvm吗 ?还是动态从1m到2G逐步分配的 java8类加载器示例&类加载1.8和1.8+的区别 windows查看端口占用 vmware Docker 设置代理 腾讯云域名托管到 cloudflare nginx 代理eureka后css/js/fonts无法访问 docker 基础镜像损坏 mysql SHOW PROFILE 将所有容器docker都重启, 但是不重启mysql 正则 .*? 和 .* 的区别是什么 nginx打印所有配置内容 NoClassDefFoundError: org/slf4j/impl/StaticLoggerBinder kubesphere org.tmatesoft.svn.core.SVNException: svn: E160013: '/leifengyang/yygh-parent.git' path not found: 404 Not Found (https://gitee.com) 布隆过滤器原理及应用场景 linux中,使用alias, 应该在/etc/bashrc 中写,还是~/.bashrc中写,哪个更好 java date 时间最大连续天数
一起来找bug茬-01
BigOrang · 2024-07-05 · via 博客园 - BigOrang

/**
 * @description 对HttpServletRequest 请求的数据进行转义,防止xss攻击
 * URL: home.html?mothod=space&pid=335511
 */
public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {

  private byte[] body;

  public XssHttpServletRequestWrapper(HttpServletRequest request) throws IOException {
    super(request);

    String method = request.getMethod();
    String pathInfo = request.getPathInfo();
    String contentType = request.getContentType();
    // 由于request并没有提供现成的获取json字符串的方法,所以我们需要将body中的流转为字符串
    BufferedReader reader = request.getReader();
    StringBuilder stringBuilder = new StringBuilder();
    String line = null;
    while ((line = reader.readLine()) != null) {
      stringBuilder.append(line);
    }
    String json = stringBuilder.toString();
    if ((HttpMethod.POST.equalsIgnoreCase(method) ||
      HttpMethod.PUT.equalsIgnoreCase(method)) && StrUtil.isNotEmpty(contentType) && contentType.contains(
      MediaType.APPLICATION_JSON_VALUE)) {
      json = HtmlUtil.cleanHtmlTag(json);
      json = json.replaceAll("iframe.*iframe","").replaceAll("javascript.*\\)","").replaceAll("alert","");
      body = json.getBytes();
    }
  }

  /**
   * 重写getParameter方法,用HtmlUtil转义后再返回
   */
  @Override
  public String getParameter(String name) {
    String value= super.getParameter(name);
    if(!StrUtil.hasEmpty(value)){
//      value= HtmlUtil.filter(value);
      value = value.replaceAll("<iframe.*iframe>","").replaceAll("iframe.*iframe","").replaceAll("javascript.*\\)","").replaceAll("alert","");
    }
    return value;
  }


  public static void main(String[] args) {
    String address = "<p>fegreef&lt;iframe+src=javascript:&amp;#37;&amp;#53;&amp8#67;&amp;#117;&amp;#48;&amp;#48;&amp8#54;&amp;#49;&amp;#37;&amp;#53;&amp;#67;&amp;#117;&amp;#48;&amp;#48;&amp;#54;&amp;#67;&amp;#378&amp;#53;&amp;#67;&amp;#117;&amp;#48;&amp;#48;&amp;#54;&amp;#53;&amp;#37;&amp;#53;&amp;#67;&amp;#11F;&amp8#48;&amp;#48;&amp;#55;&amp;#50;&amp;#37;&amp;#53;&amp;#67;&amp;#117;&amp;#48;&amp;#48;&amp;#55;&amp;#52;(88888)&gt;&1t;/iframe&gt;e</p>alert909090></p>";

    String b = "<iframe src=//a.com></iframe>";

    System.out.println(b.replaceAll("iframe.*iframe","").replaceAll("javascript.*\\)","").replaceAll("alert.*",""));

  }

  /**
   * 重写getParameterValues方法,
   * 遍历每一个值,用HtmlUtil转义后再返回
   */
  @Override
  public String[] getParameterValues(String name) {
    String[] values= super.getParameterValues(name);
    if(values!=null){
      for (int i=0;i<values.length;i++){
        String value=values[i];
        if(!StrUtil.hasEmpty(value)){
//          value= HtmlUtil.filter(value);
          value = value.replaceAll("<iframe.*iframe>","").replaceAll("iframe.*iframe","").replaceAll("javascript.*\\)","").replaceAll("alert","");
        }
        values[i]=value;
      }
    }
    return values;
  }

  /**
   * 重写getParameterMap方法,
   * 拿到所有的k-v键值对,用LinkedHashMap接收,
   * key不变,value用HtmlUtil转义后再返回
   */
  @Override
  public Map<String, String[]> getParameterMap() {
    Map<String, String[]> parameters = super.getParameterMap();
    LinkedHashMap<String, String[]> map=new LinkedHashMap();
    if(parameters!=null){
      for (String key:parameters.keySet()){
        String[] values=parameters.get(key);
        for (int i = 0; i < values.length; i++) {
          String value = values[i];
          if (!StrUtil.hasEmpty(value)) {
//            value = HtmlUtil.filter(value);
            value = value.replaceAll("<iframe.*iframe>","").replaceAll("iframe.*iframe","").replaceAll("javascript.*\\)","").replaceAll("alert","");
          }
          values[i] = value;
        }
        map.put(key,values);
      }
    }
    return map;
  }

  /**
   * 重写getHeader方法,用HtmlUtil转义后再返回
   */
  @Override
  public String getHeader(String name) {
    String value= super.getHeader(name);
    if (!StrUtil.hasEmpty(value)) {
      value = HtmlUtil.filter(value);
    }
    return value;
  }

  @Override
  public ServletInputStream getInputStream(){
    if (body != null && body.length > 0) {
      final ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(body);
      //匿名内部类,只需要重写read方法,把转义后的值,创建成ServletInputStream对象
      return new ServletInputStream() {
        @Override
        public boolean isFinished() {
          return byteArrayInputStream.available() == 0;
        }

        @Override
        public boolean isReady() {
          return true;
        }

        @Override
        public void setReadListener(ReadListener readListener) {

        }

        @Override
        public int read() throws IOException {
          return byteArrayInputStream.read();
        }
      };
    } else {
        try {
            return super.getInputStream();
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }
  }
    @Override
    public BufferedReader getReader(){
        return new BufferedReader(new InputStreamReader(this.getInputStream()));
    }
}