Skip to content

Sureness
Sureness

lzh_me / Sureness
与 Fork 源项目一致

Fork自 sureness / Sureness

通知 1
Star 0
Fork 0
Sureness
Sureness

前往新版Gitcode,体验更适合开发者的 AI 搜索 >>

提交 abc6eb9d 编写于 作者: sinat_25235033's avatar sinat_25235033
浏览文件
操作

Revert "sample-bootstrap use xss sql filter"

上级 05cd5812
隐藏空白更改
内联 并排
Showing with 2 addition and 6 deletion
sample-bootstrap/src/main/java/com/usthe/sureness/sample/bootstrap/SurenessFilterExample.java
浏览文件 @ abc6eb9d
...@@ -3,7 +3,6 @@ package com.usthe.sureness.sample.bootstrap; ...@@ -3,7 +3,6 @@ package com.usthe.sureness.sample.bootstrap;
import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.ObjectMapper;
import com.usthe.sureness.mgt.SurenessSecurityManager; import com.usthe.sureness.mgt.SurenessSecurityManager;
import com.usthe.sureness.processor.exception.*; import com.usthe.sureness.processor.exception.*;
import com.usthe.sureness.security.XssSqlServletRequestWrapper;
import com.usthe.sureness.subject.SubjectSum; import com.usthe.sureness.subject.SubjectSum;
import com.usthe.sureness.util.SurenessContextHolder; import com.usthe.sureness.util.SurenessContextHolder;
import org.slf4j.Logger; import org.slf4j.Logger;
...@@ -19,7 +18,6 @@ import javax.servlet.ServletException; ...@@ -19,7 +18,6 @@ import javax.servlet.ServletException;
import javax.servlet.ServletRequest; import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse; import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter; import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import java.io.IOException; import java.io.IOException;
import java.io.PrintWriter; import java.io.PrintWriter;
...@@ -54,10 +52,8 @@ public class SurenessFilterExample implements Filter { ...@@ -54,10 +52,8 @@ public class SurenessFilterExample implements Filter {
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
throws IOException, ServletException { throws IOException, ServletException {
XssSqlServletRequestWrapper requestWrapper = new XssSqlServletRequestWrapper((HttpServletRequest) servletRequest);
try { try {
SubjectSum subject = SurenessSecurityManager.getInstance().checkIn(requestWrapper); SubjectSum subject = SurenessSecurityManager.getInstance().checkIn(servletRequest);
// You can consider using SurenessContextHolder to bind subject in threadLocal // You can consider using SurenessContextHolder to bind subject in threadLocal
// if bind, please remove it when end // if bind, please remove it when end
if (subject != null) { if (subject != null) {
...@@ -97,7 +93,7 @@ public class SurenessFilterExample implements Filter { ...@@ -97,7 +93,7 @@ public class SurenessFilterExample implements Filter {
} }
try { try {
// if ok, doFilter and add subject in request // if ok, doFilter and add subject in request
filterChain.doFilter(requestWrapper, servletResponse); filterChain.doFilter(servletRequest, servletResponse);
} finally { } finally {
int statusCode = ((HttpServletResponse) servletResponse).getStatus(); int statusCode = ((HttpServletResponse) servletResponse).getStatus();
String upgrade = ((HttpServletResponse) servletResponse).getHeader(UPGRADE); String upgrade = ((HttpServletResponse) servletResponse).getHeader(UPGRADE);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册