防止脚本注入

DSP

防止脚本注入

2019-07-13 16:57发布生成海报

站内文章 / DSP

14620 0

response.setHeader("P3P","CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"");
		boolean needRedirect = false;
		String uri = request.getRequestURI();
		String destUrl = "";
		Enumeration paramNames = request.getParameterNames();
		while(paramNames.hasMoreElements())
		{
			String val = paramNames.nextElement();
			val = request.getParameter(val);
			logger.debug("攻击检测: " + val);
			if(val != null)
			{
				String asciiVal = new String(val.getBytes(), "ASCII");
				if(asciiVal.toLowerCase().indexOf("




   


  
    
    



      
      
       
  
      




  
             
            
                    Copyright © 2025 平头弟 京ICP备15032243号-1
                         投诉举报邮箱：nettui@qq.com