李宇
2021-02-03 121031371e3556d9c2e6536ca4fea83f1c09f2f0
修改refer限制
已修改1个文件
6 ■■■■■ 文件已修改
src/main/java/org/springframework/web/filter/DelegatingFilterProxy.java 6 ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史
src/main/java/org/springframework/web/filter/DelegatingFilterProxy.java
@@ -241,9 +241,11 @@
            throws ServletException, IOException {
        String referer = ((HttpServletRequest)request).getHeader("Referer");
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(request.getScheme()).append("://").append(request.getServerName());
        stringBuffer.append("http://").append(request.getServerName());
        StringBuffer stringBuffer1 = new StringBuffer();
        stringBuffer1.append("https://").append(request.getServerName());
        if(referer != null && !referer.equals("") ){
            if(referer.lastIndexOf(String.valueOf(stringBuffer)) != 0){
            if(referer.lastIndexOf(String.valueOf(stringBuffer)) == 0 && referer.lastIndexOf(String.valueOf(stringBuffer1)) == 0){
                HttpServletResponse httpResp1 = (HttpServletResponse)response;
                httpResp1.setStatus(500);
                httpResp1.setContentType("text/html; charset=utf-8");