commit
9e238aa6a0
|
@ -150,16 +150,16 @@ public class WebConfig implements WebMvcConfigurer {
|
|||
return new DefaultPointcutAdvisor(druidStatPointcut(), druidStatInterceptor());
|
||||
}
|
||||
|
||||
// /**
|
||||
// * xssFilter注册
|
||||
// */
|
||||
// @Bean
|
||||
// public FilterRegistrationBean xssFilterRegistration() {
|
||||
// XSSEscapeFilter xssFilter = new XSSEscapeFilter();
|
||||
// FilterRegistrationBean registration = new FilterRegistrationBean(xssFilter);
|
||||
// registration.addUrlPatterns("/*");
|
||||
// return registration;
|
||||
// }
|
||||
@Bean
|
||||
public FilterRegistrationBean xssFilterRegistration() {
|
||||
XSSEscapeFilter xssFilter = new XSSEscapeFilter();
|
||||
FilterRegistrationBean registration = new FilterRegistrationBean(xssFilter);
|
||||
xssFilter.excludes.add(".*file/upload.do");
|
||||
xssFilter.excludes.add(".*/jsp/editor.do");
|
||||
registration.addUrlPatterns("/*");
|
||||
|
||||
return registration;
|
||||
}
|
||||
|
||||
/**
|
||||
* RequestContextListener注册
|
||||
|
|
|
@ -12,7 +12,8 @@ ms:
|
|||
view-path: /WEB-INF/manager
|
||||
|
||||
upload:
|
||||
path: /upload
|
||||
path: /upload
|
||||
mapping: /upload/**
|
||||
denied: .exe,.jsp
|
||||
allowed: jpg
|
||||
max-size: 1
|
||||
|
|
Loading…
Reference in New Issue