purovps/jshERP
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

优化过滤的代码,修复漏洞

Browse Source
This commit is contained in:
jishenghua
2025-08-07 16:48:46 +08:00
parent a32d453d07
commit 6c7d8fd63a
1 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
jshERP-boot/src/main/java/com/jsh/erp/filter/LogCostFilter.java
View File

@@ -49,23 +49,23 @@ public class LogCostFilter implements Filter {
chain.doFilter(request, response); chain.doFilter(request, response);
return; return;
} }
if (requestUrl != null && (requestUrl.equals("/jshERP-boot/doc.html") || if (requestUrl.equals("/jshERP-boot/doc.html") || requestUrl.equals("/jshERP-boot/user/login")
requestUrl.equals("/jshERP-boot/user/login") || requestUrl.equals("/jshERP-boot/user/register") || requestUrl.equals("/jshERP-boot/user/register") || requestUrl.equals("/jshERP-boot/user/weixinLogin")
|| requestUrl.equals("/jshERP-boot/user/weixinLogin") || requestUrl.equals("/jshERP-boot/user/weixinBind") || requestUrl.equals("/jshERP-boot/user/weixinBind") || requestUrl.equals("/jshERP-boot/user/registerUser")
|| requestUrl.equals("/jshERP-boot/user/registerUser") || requestUrl.equals("/jshERP-boot/user/randomImage"))) { || requestUrl.equals("/jshERP-boot/user/randomImage")) {
chain.doFilter(request, response); chain.doFilter(request, response);
return; return;
} }
if (null != allowUrls && allowUrls.length > 0) { if (null != allowUrls && allowUrls.length > 0) {
for (String url : allowUrls) { for (String url : allowUrls) {
if (requestUrl != null && requestUrl.startsWith(url)) { if (requestUrl.startsWith(url)) {
chain.doFilter(request, response); chain.doFilter(request, response);
return; return;
} }
} }
} }
servletResponse.setStatus(500); servletResponse.setStatus(500);
if(requestUrl != null && !requestUrl.equals("/jshERP-boot/user/logout") && !requestUrl.equals("/jshERP-boot/function/findMenuByPNumber")) { if(!requestUrl.equals("/jshERP-boot/user/logout") && !requestUrl.equals("/jshERP-boot/function/findMenuByPNumber")) {
servletResponse.getWriter().write("loginOut"); servletResponse.getWriter().write("loginOut");
} }
} }