From 3c4fee1db116c11d4f04727cfe076d7c94daeaf2 Mon Sep 17 00:00:00 2001 From: yanzhaofeige <yanzhaofeige@qq.com> Date: Mon, 30 Sep 2024 12:10:57 +0800 Subject: [PATCH] init --- cpzidc-common/src/main/java/com/odcc/cpzidc/common/xss/XssValidator.java | 39 +++++++++++++++++++++++++++++++++++++++ 1 files changed, 39 insertions(+), 0 deletions(-) diff --git a/cpzidc-common/src/main/java/com/odcc/cpzidc/common/xss/XssValidator.java b/cpzidc-common/src/main/java/com/odcc/cpzidc/common/xss/XssValidator.java new file mode 100644 index 0000000..478e0c2 --- /dev/null +++ b/cpzidc-common/src/main/java/com/odcc/cpzidc/common/xss/XssValidator.java @@ -0,0 +1,39 @@ +package com.odcc.cpzidc.common.xss; + +import com.odcc.cpzidc.common.utils.StringUtils; +import javax.validation.ConstraintValidator; +import javax.validation.ConstraintValidatorContext; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +/** + * 自定义xss校验注解实现 + * + * @author ruoyi + */ +public class XssValidator implements ConstraintValidator<Xss, String> +{ + private static final String HTML_PATTERN = "<(\\S*?)[^>]*>.*?|<.*? />"; + + @Override + public boolean isValid(String value, ConstraintValidatorContext constraintValidatorContext) + { + if (StringUtils.isBlank(value)) + { + return true; + } + return !containsHtml(value); + } + + public static boolean containsHtml(String value) + { + StringBuilder sHtml = new StringBuilder(); + Pattern pattern = Pattern.compile(HTML_PATTERN); + Matcher matcher = pattern.matcher(value); + while (matcher.find()) + { + sHtml.append(matcher.group()); + } + return pattern.matcher(sHtml).matches(); + } +} \ No newline at end of file -- Gitblit v1.9.3