|
|
@@ -196,7 +196,7 @@ public class XssHttpWrapper extends HttpServletRequestWrapper {
|
|
|
* @param s
|
|
|
* @return
|
|
|
*/
|
|
|
- /* private static String xssEncode(String s) {
|
|
|
+ private static String xssEncode(String s) {
|
|
|
if (s == null || s.isEmpty()) {
|
|
|
return s;
|
|
|
}
|
|
|
@@ -213,7 +213,7 @@ public class XssHttpWrapper extends HttpServletRequestWrapper {
|
|
|
}
|
|
|
return null;
|
|
|
}
|
|
|
- */
|
|
|
+
|
|
|
|
|
|
/**
|
|
|
* 将容易引起xss漏洞的半角字符直接替换成全角字符
|
|
|
@@ -221,7 +221,7 @@ public class XssHttpWrapper extends HttpServletRequestWrapper {
|
|
|
* @param s
|
|
|
* @return
|
|
|
*/
|
|
|
- public String xssEncode(String s)
|
|
|
+ /* public String xssEncode(String s)
|
|
|
{
|
|
|
if (s == null || s.isEmpty())
|
|
|
{
|
|
|
@@ -235,14 +235,14 @@ public class XssHttpWrapper extends HttpServletRequestWrapper {
|
|
|
}
|
|
|
|
|
|
return result;
|
|
|
- }
|
|
|
+ }*/
|
|
|
|
|
|
/**
|
|
|
* 插件之所以报 mismatched tree node: EOF expecting错误是因为其对注入的脚本格式有校验
|
|
|
* @param value
|
|
|
* @return
|
|
|
*/
|
|
|
- private String stripXSS(String value)
|
|
|
+ /*private String stripXSS(String value)
|
|
|
{
|
|
|
if (value != null)
|
|
|
{
|
|
|
@@ -291,5 +291,5 @@ public class XssHttpWrapper extends HttpServletRequestWrapper {
|
|
|
value = scriptPattern.matcher(value).replaceAll("");
|
|
|
}
|
|
|
return value;
|
|
|
- }
|
|
|
+ }*/
|
|
|
}
|
KeYuan