purovps/jshERP
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

优化接口路径的过滤

Browse Source
This commit is contained in:
jishenghua
2025-08-15 16:12:33 +08:00
parent fbda24da30
commit 2a75170e1c
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
jshERP-boot/src/main/java/com/jsh/erp/filter/LogCostFilter.java
View File

@@ -38,7 +38,7 @@ public class LogCostFilter implements Filter {
HttpServletRequest servletRequest = (HttpServletRequest) request;
HttpServletResponse servletResponse = (HttpServletResponse) response;
String requestUrl = servletRequest.getRequestURI();
if(requestUrl.contains("../") || requestUrl.contains("..;/") || requestUrl.contains("%2e") || requestUrl.contains("%2E")) {
if(requestUrl.contains("..") || requestUrl.contains("%2e") || requestUrl.contains("%2E")) {
servletResponse.setStatus(500);
servletResponse.getWriter().write("loginOut");
return;