From 19b868875992821a28f408cbbd2a31fa47f91072 Mon Sep 17 00:00:00 2001
From: Live <1005297262@qq.com>
Date: 星期二, 09 六月 2020 11:36:10 +0800
Subject: [PATCH] IpUtils工具，清除Xss特殊字符，防止Xff注入攻击

---
 ruoyi/src/main/java/com/ruoyi/common/utils/html/HTMLFilter.java |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/ruoyi/src/main/java/com/ruoyi/common/utils/html/HTMLFilter.java b/ruoyi/src/main/java/com/ruoyi/common/utils/html/HTMLFilter.java
index e99e487..6244cd5 100644
--- a/ruoyi/src/main/java/com/ruoyi/common/utils/html/HTMLFilter.java
+++ b/ruoyi/src/main/java/com/ruoyi/common/utils/html/HTMLFilter.java
@@ -522,7 +522,8 @@
                 final String one = m.group(1); // (>|^)
                 final String two = m.group(2); // ([^<]+?)
                 final String three = m.group(3); // (<|$)
-                m.appendReplacement(buf, Matcher.quoteReplacement(one + regexReplace(P_QUOTE, "&quot;", two) + three));
+                // 不替换双引号为&quot;，防止json格式无效 regexReplace(P_QUOTE, "&quot;", two)
+                m.appendReplacement(buf, Matcher.quoteReplacement(one + two + three));
             }
             m.appendTail(buf);
             return buf.toString();

--
Gitblit v1.9.2