From ad86486285cb865f124e5c83cdaf8fa8edc65408 Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: 星期五, 30 八月 2024 21:45:16 +0800
Subject: [PATCH] update sqlkeyword

---
 ruoyi-common/src/main/java/com/ruoyi/common/filter/XssFilter.java |    9 +++++----
 1 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/filter/XssFilter.java b/ruoyi-common/src/main/java/com/ruoyi/common/filter/XssFilter.java
index 703ce9a..b4eaabc 100644
--- a/ruoyi-common/src/main/java/com/ruoyi/common/filter/XssFilter.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/filter/XssFilter.java
@@ -12,6 +12,7 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.common.enums.HttpMethod;
 
 /**
  * 防止XSS攻击的过滤器
@@ -31,10 +32,10 @@
         String tempExcludes = filterConfig.getInitParameter("excludes");
         if (StringUtils.isNotEmpty(tempExcludes))
         {
-            String[] url = tempExcludes.split(",");
-            for (int i = 0; url != null && i < url.length; i++)
+            String[] urls = tempExcludes.split(",");
+            for (String url : urls)
             {
-                excludes.add(url[i]);
+                excludes.add(url);
             }
         }
     }
@@ -59,7 +60,7 @@
         String url = request.getServletPath();
         String method = request.getMethod();
         // GET DELETE 不过滤
-        if (method == null || method.matches("GET") || method.matches("DELETE"))
+        if (method == null || HttpMethod.GET.matches(method) || HttpMethod.DELETE.matches(method))
         {
             return true;
         }

--
Gitblit v1.9.2