From 5d20be2976d4f9958f98532b5adc08dbfb96ea74 Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: 星期一, 13 四月 2020 11:58:03 +0800
Subject: [PATCH] 升级fastjson到最新版1.2.68 修复安全加固
---
ruoyi/src/main/java/com/ruoyi/common/utils/html/HTMLFilter.java | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/ruoyi/src/main/java/com/ruoyi/common/utils/html/HTMLFilter.java b/ruoyi/src/main/java/com/ruoyi/common/utils/html/HTMLFilter.java
index e99e487..6244cd5 100644
--- a/ruoyi/src/main/java/com/ruoyi/common/utils/html/HTMLFilter.java
+++ b/ruoyi/src/main/java/com/ruoyi/common/utils/html/HTMLFilter.java
@@ -522,7 +522,8 @@
final String one = m.group(1); // (>|^)
final String two = m.group(2); // ([^<]+?)
final String three = m.group(3); // (<|$)
- m.appendReplacement(buf, Matcher.quoteReplacement(one + regexReplace(P_QUOTE, """, two) + three));
+ // 不替换双引号为",防止json格式无效 regexReplace(P_QUOTE, """, two)
+ m.appendReplacement(buf, Matcher.quoteReplacement(one + two + three));
}
m.appendTail(buf);
return buf.toString();
--
Gitblit v1.9.2