From 6b5dd4d2be69759a8a2452195d0fb0b0ef52e72a Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: 星期三, 28 七月 2021 16:04:59 +0800
Subject: [PATCH] 优化XSS跨站脚本过滤

---
 ruoyi-framework/src/main/java/com/ruoyi/framework/config/FilterConfig.java |    6 ++----
 1 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/FilterConfig.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/FilterConfig.java
index 8b17834..ab12e41 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/FilterConfig.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/FilterConfig.java
@@ -4,6 +4,7 @@
 import java.util.Map;
 import javax.servlet.DispatcherType;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.boot.web.servlet.FilterRegistrationBean;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -17,11 +18,9 @@
  * @author ruoyi
  */
 @Configuration
+@ConditionalOnProperty(value = "xss.enabled", havingValue = "true")
 public class FilterConfig
 {
-    @Value("${xss.enabled}")
-    private String enabled;
-
     @Value("${xss.excludes}")
     private String excludes;
 
@@ -40,7 +39,6 @@
         registration.setOrder(FilterRegistrationBean.HIGHEST_PRECEDENCE);
         Map<String, String> initParameters = new HashMap<String, String>();
         initParameters.put("excludes", excludes);
-        initParameters.put("enabled", enabled);
         registration.setInitParameters(initParameters);
         return registration;
     }

--
Gitblit v1.9.2