From 1a87ee7c196e2d5d17dbe7a8a29d36858ccaed98 Mon Sep 17 00:00:00 2001
From: 若依 <yzz_ivy@163.com>
Date: 星期二, 22 十二月 2020 16:19:51 +0800
Subject: [PATCH] 防止get请求参数值为false或0等特殊值会导致无法正确的传参 Merge pull request !146 from wugh/hotfix/gitee-issue_I2A5FU

---
 ruoyi-common/src/main/java/com/ruoyi/common/utils/html/EscapeUtil.java |    5 ++++-
 1 files changed, 4 insertions(+), 1 deletions(-)

diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/utils/html/EscapeUtil.java b/ruoyi-common/src/main/java/com/ruoyi/common/utils/html/EscapeUtil.java
index 8989ca1..121681b 100644
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/html/EscapeUtil.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/html/EscapeUtil.java
@@ -144,7 +144,10 @@
 
     public static void main(String[] args)
     {
-        String html = "alert('11111');";
+        String html = "<script>alert(1);</script>";
+        // String html = "<scr<script>ipt>alert(\"XSS\")</scr<script>ipt>";
+        // String html = "<123";
+        // String html = "123>";
         System.out.println(EscapeUtil.clean(html));
         System.out.println(EscapeUtil.escape(html));
         System.out.println(EscapeUtil.unescape(html));

--
Gitblit v1.9.2