package com.ots.common.xss;
|
import org.jsoup.Jsoup;
|
import org.jsoup.safety.Whitelist;
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletRequestWrapper;
|
|
public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
|
|
public XssHttpServletRequestWrapper(HttpServletRequest request) {
|
super(request);
|
}
|
@Override
|
public String[] getParameterValues(String name) {
|
String[] values = super.getParameterValues(name);
|
if (values != null) {
|
int length = values.length;
|
String[] escapseValues = new String[length];
|
for (int i = 0; i < length; i++) {
|
|
escapseValues[i] = Jsoup.clean(values[i], Whitelist.relaxed()).trim();
|
}
|
return escapseValues;
|
}
|
return super.getParameterValues(name);
|
}
|
}
|
