java source code of XssHttpServletRequestWrapper

RuoYi-master
- sql
  - quartz.sql
  - ruoyi.pdm
  - ry_v3.4.0.sql
- img
  - index.jpg
  - oper_log.jpg
  - user_role.jpg
  - role_list.jpg
  - role_update.jpg
  - server_monitoring.jpg
  - user_update.jpg
  - gen_code.jpg
  - role_data.jpg
  - function_update.jpg
  - login_log.jpg
  - user.jpg
  - user_list.jpg
  - function.jpg
- ruoyi-quartz
  - src
    - main
      - resources
        templates
        monitor
        job
        job.html
        detail.html
        edit.html
        add.html
        jobLog.html
        mapper
        quartz
        SysJobMapper.xml
        SysJobLogMapper.xml
      - java
        com
        ruoyi
        quartz
        task
        RyTask.java
        util
        CronUtils.java
        AbstractQuartzJob.java
        SpringContextUtil.java
        ScheduleUtils.java
        QuartzJobExecution.java
        QuartzDisallowConcurrentExecution.java
        JobInvokeUtil.java
        config
        ScheduleConfig.java
        service
        impl
        SysJobServiceImpl.java
        SysJobLogServiceImpl.java
        ISysJobLogService.java
        ISysJobService.java
        domain
        SysJob.java
        SysJobLog.java
        mapper
        SysJobMapper.java
        SysJobLogMapper.java
  - pom.xml
- ruoyi-framework
  - src
    - main
      - java
        com
        ruoyi
        framework
        web
        page
        TableSupport.java
        base
        BaseController.java
        service
        ConfigService.java
        DictService.java
        PermissionService.java
        exception
        GlobalExceptionHandler.java
        domain
        Server.java
        server
        Jvm.java
        Mem.java
        Cpu.java
        Sys.java
        SysFile.java
        util
        ShiroUtils.java
        LogUtils.java
        config
        KaptchaTextCreator.java
        ApplicationConfig.java
        ResourcesConfig.java
        properties
        DruidProperties.java
        GenConfig.java
        FilterConfig.java
        DruidConfig.java
        CaptchaConfig.java
        ShiroConfig.java
        I18nConfig.java
        ServerConfig.java
        service
        SysShiroService.java
        shiro
        web
        filter
        kickout
        KickoutSessionFilter.java
        captcha
        CaptchaValidateFilter.java
        sync
        SyncOnlineSessionFilter.java
        online
        OnlineSessionFilter.java
        LogoutFilter.java
        session
        OnlineWebSessionManager.java
        SpringSessionValidationScheduler.java
        service
        SysLoginService.java
        SysPasswordService.java
        realm
        UserRealm.java
        session
        OnlineSessionFactory.java
        OnlineSession.java
        OnlineSessionDAO.java
        datasource
        DynamicDataSourceContextHolder.java
        DynamicDataSource.java
        manager
        AsyncManager.java
        factory
        AsyncFactory.java
        aspectj
        DataSourceAspect.java
        RestControllerAspect.java
        DataScopeAspect.java
        LogAspect.java
  - pom.xml
- pom.xml
- LICENSE
- .gitattributes
- ruoyi-common
  - src
    - main
      - java
        com
        ruoyi
        common
        page
        PageDomain.java
        TableDataInfo.java
        utils
        sql
        SqlUtil.java
        security
        Md5Utils.java
        PermissionUtils.java
        YamlUtil.java
        ExcelUtil.java
        AddressUtils.java
        Threads.java
        SpringUtils.java
        IpUtils.java
        file
        FileUploadUtils.java
        FileUtils.java
        MimeTypeUtils.java
        DateUtil.java
        ServletUtils.java
        ExceptionUtil.java
        MessageUtils.java
        xss
        XssHttpServletRequestWrapper.java
        XssFilter.java
        enums
        OnlineStatus.java
        UserStatus.java
        BusinessStatus.java
        OperatorType.java
        BusinessType.java
        DataSourceType.java
        constant
        PermissionConstants.java
        ShiroConstants.java
        UserConstants.java
        Constants.java
        ScheduleConstants.java
        base
        Ztree.java
        AjaxResult.java
        BaseEntity.java
        support
        CharsetKit.java
        config
        ThreadPoolConfig.java
        Global.java
        exception
        user
        UserException.java
        UserNotExistsException.java
        CaptchaException.java
        UserPasswordNotMatchException.java
        UserPasswordRetryLimitExceedException.java
        RoleBlockedException.java
        UserBlockedException.java
        UserPasswordRetryLimitCountException.java
        UserDeleteException.java
        base
        BaseException.java
        job
        TaskException.java
        DemoModeException.java
        file
        FileNameLengthLimitExceededException.java
        InvalidExtensionException.java
        FileSizeLimitExceededException.java
        FileException.java
        BusinessException.java
        annotation
        Log.java
        DataScope.java
        LoginAuth.java
        DataSource.java
        Excel.java
        Excels.java
        json
        JSONObject.java
        JSON.java
  - pom.xml
- ruoyi-generator
  - src
    - main
      - resources
        vm
        sql
        sql.vm
        xml
        Mapper.xml.vm
        html
        add.html.vm
        list.html.vm
        edit.html.vm
        java
        domain.java.vm
        Service.java.vm
        Controller.java.vm
        ServiceImpl.java.vm
        Mapper.java.vm
        templates
        tool
        gen
        gen.html
        generator.yml
        mapper
        generator
        GenMapper.xml
      - java
        com
        ruoyi
        generator
        util
        VelocityInitializer.java
        GenUtils.java
        service
        impl
        GenServiceImpl.java
        IGenService.java
        domain
        ColumnConfigInfo.java
        TableInfo.java
        ColumnInfo.java
        mapper
        GenMapper.java
  - pom.xml
- README.md
- ruoyi-system
  - src
    - main
      - resources
        mapper
        system
        SysDictTypeMapper.xml
        SysConfigMapper.xml
        SysDeptMapper.xml
        SysDictDataMapper.xml
        SysPostMapper.xml
        SysRoleDeptMapper.xml
        SysOperLogMapper.xml
        SysLogininforMapper.xml
        SysUserRoleMapper.xml
        SysUserPostMapper.xml
        SysRoleMenuMapper.xml
        SysUserOnlineMapper.xml
        SysNoticeMapper.xml
        SysMenuMapper.xml
        SysRoleMapper.xml
        SysUserMapper.xml
        mybatis-config.xml
      - java
        com
        ruoyi
        system
        service
        impl
        SysDictTypeServiceImpl.java
        SysLogininforServiceImpl.java
        SysDictDataServiceImpl.java
        SysUserOnlineServiceImpl.java
        SysNoticeServiceImpl.java
        SysRoleServiceImpl.java
        SysDeptServiceImpl.java
        SysPostServiceImpl.java
        SysOperLogServiceImpl.java
        SysConfigServiceImpl.java
        SysMenuServiceImpl.java
        SysUserServiceImpl.java
        ISysDeptService.java
        ISysNoticeService.java
        ISysUserOnlineService.java
        ISysConfigService.java
        ISysOperLogService.java
        ISysRoleService.java
        ISysDictDataService.java
        ISysMenuService.java
        ISysUserService.java
        ISysLogininforService.java
        ISysDictTypeService.java
        ISysPostService.java
        domain
        SysRoleDept.java
        SysOperLog.java
        SysNotice.java
        SysMenu.java
        SysConfig.java
        SysRole.java
        SysRoleMenu.java
        SysUserOnline.java
        SysUserPost.java
        SysPost.java
        SysDictData.java
        SysDept.java
        SysDictType.java
        SysLogininfor.java
        SysUserRole.java
        SysUser.java
        mapper
        SysOperLogMapper.java
        SysLogininforMapper.java
        SysMenuMapper.java
        SysRoleMapper.java
        SysRoleDeptMapper.java
        SysUserPostMapper.java
        SysPostMapper.java
        SysRoleMenuMapper.java
        SysUserMapper.java
        SysConfigMapper.java
        SysDeptMapper.java
        SysNoticeMapper.java
        SysUserOnlineMapper.java
        SysDictDataMapper.java
        SysUserRoleMapper.java
        SysDictTypeMapper.java
  - pom.xml
- ruoyi-admin
  - src
    - main
      - resources
        logback.xml
        uat
        application.yml
        templates
        demo
        report
        peity.html
        metrics.html
        sparkline.html
        echarts.html
        table
        image.html
        button.html
        params.html
        detail.html
        reorder.html
        other.html
        remember.html
        curd.html
        footer.html
        pageGo.html
        event.html
        export.html
        multi.html
        fixedColumns.html
        search.html
        groupHeader.html
        form
        upload.html
        button.html
        datetime.html
        duallistbox.html
        tabs_panels.html
        basic.html
        autocomplete.html
        sortable.html
        jasny.html
        select.html
        validate.html
        grid.html
        wizard.html
        modal
        dialog.html
        table.html
        layer.html
        form.html
        table
        parent.html
        check.html
        radio.html
        operate
        table.html
        detail.html
        other.html
        edit.html
        add.html
        icon
        glyphicons.html
        fontawesome.html
        main.html
        tool
        build
        build.html
        error
        business.html
        unauth.html
        404.html
        500.html
        monitor
        logininfor
        logininfor.html
        online
        online.html
        operlog
        detail.html
        operlog.html
        server
        server.html
        include.html
        system
        user
        resetPwd.html
        user.html
        edit.html
        add.html
        profile
        resetPwd.html
        profile.html
        avatar.html
        post
        edit.html
        post.html
        add.html
        menu
        icon.html
        edit.html
        tree.html
        menu.html
        add.html
        config
        config.html
        edit.html
        add.html
        dept
        dept.html
        edit.html
        tree.html
        add.html
        dict
        type
        edit.html
        type.html
        add.html
        data
        data.html
        edit.html
        add.html
        role
        selectUser.html
        dataScope.html
        edit.html
        authUser.html
        add.html
        role.html
        notice
        notice.html
        edit.html
        add.html
        index.html
        main_v1.html
        login.html
        dev
        application.yml
        ehcache
        ehcache-shiro.xml
        run
        application.yml
        banner.txt
        static
        img
        login-background.jpg
        loading-upload.gif
        loading.gif
        profile.jpg
        i18n
        messages.properties
        file
        rml.txt
        ruoyi
        login.js
        js
        common.js
        ry-ui.js
        css
        ry-ui.css
        index.js
        favicon.ico
        ajax
        libs
        iCheck
        icheck.min.js
        custom.css
        datapicker
        bootstrap-datetimepicker.min.js
        bootstrap-datetimepicker.min.css
        bootstrap-datetimepicker.css
        bootstrap-datetimepicker.js
        jsonview
        jquery.jsonview.js
        jquery.jsonview.css
        blockUI
        jquery.blockUI.js
        jquery-layout
        jquery.layout-latest.js
        jquery.layout-latest.css
        suggest
        bootstrap-suggest.js
        bootstrap-suggest.min.js
        typeahead
        bootstrap3-typeahead.min.js
        bootstrap3-typeahead.js
        report
        sparkline
        jquery.sparkline.min.js
        peity
        jquery.peity.min.js
        echarts
        layui
        lay
        modules
        laydate.js
        css
        modules
        laydate
        default
        laydate.css
        font
        iconfont.svg
        iconfont.eot
        iconfont.ttf
        iconfont.woff
        layui.js
        jquery-ztree
        3.5
        log v3.x.txt
        js
        jquery.ztree.exedit-3.5.js
        jquery.ztree.all-3.5.js
        jquery.ztree.core-3.5.js
        jquery.ztree.excheck-3.5.js
        jquery.ztree.exhide-3.5.js
        css
        simple
        zTreeStyle.css
        img
        line_conn.gif
        loading.gif
        zTreeStandard.gif
        left_menu.gif
        default
        zTreeStyle.css
        img
        line_conn.gif
        loading.gif
        zTreeStandard.gif
        diy
        metro
        zTreeStyle.css
        img
        line_conn.gif
        loading.gif
        metro.gif
        layer
        theme
        default
        loading-0.gif
        layer.css
        loading-1.gif
        loading-2.gif
        moon
        style.css
        layer.min.js
        fullscreen
        jquery.fullscreen.js
        validate
        additional-methods.min.js
        jquery.validate.extend.js
        jquery.validate.min.js
        messages_zh.min.js
        bootstrap-table
        extensions
        columns
        bootstrap-table-fixed-columns.js
        reorder
        jquery.tablednd.js
        bootstrap-table-reorder.js
        mobile
        bootstrap-table-mobile.js
        toolbar
        bootstrap-table-toolbar.min.js
        bootstrap-table-toolbar.js
        export
        bootstrap-table-export.js
        tableExport.js
        editable
        bootstrap-table-editable.js
        bootstrap-table-editable.min.js
        bootstrap-table.min.css
        locale
        bootstrap-table-zh-CN.min.js
        bootstrap-table-zh-CN.js
        bootstrap-table.min.js
        cropbox
        cropbox.js
        cropbox.css
        jasny
        jasny-bootstrap.min.js
        jasny-bootstrap.js
        jasny-bootstrap.min.css
        jasny-bootstrap.css
        summernote
        summernote-bs3.css
        summernote.min.js
        summernote-zh-CN.js
        summernote-zh-CN.min.js
        font
        summernote.eot
        summernote.woff
        summernote.ttf
        summernote.css
        bootstrap-fileinput
        fileinput.min.css
        fileinput.min.js
        fileinput.css
        flot
        jquery.flot.symbol.js
        jquery.flot.spline.js
        jquery.flot.pie.js
        jquery.flot.tooltip.min.js
        curvedLines.js
        jquery.flot.js
        jquery.flot.resize.js
        select2
        select2.js
        select2.min.css
        select2.min.js
        select2.css
        select2-bootstrap.css
        bootstrap-select
        bootstrap-select.css
        bootstrap-select.min.js
        bootstrap-select.js
        bootstrap-select.min.css
        bootstrap-treetable
        bootstrap-treetable.js
        duallistbox
        bootstrap-duallistbox.css
        bootstrap-duallistbox.min.css
        bootstrap-duallistbox.min.js
        bootstrap-duallistbox.js
        beautifyhtml
        beautifyhtml.js
        staps
        jquery.steps.js
        jquery.steps.min.js
        jquery.steps.css
        fonts
        fontawesome-webfont.woff2
        fontawesome-webfont.woff
        glyphicons-halflings-regular.woff
        glyphicons-halflings-regular.eot
        fontawesome-webfont.eot
        glyphicons-halflings-regular.woff2
        glyphicons-halflings-regular.ttf
        FontAwesome.otf
        Simple-Line-Icons.woff2
        fontawesome-webfont.ttf
        glyphicons-halflings-regular.svg
        js
        bootstrap.min.js
        jquery.min.js
        plugins
        metisMenu
        jquery.metisMenu.js
        slimscroll
        jquery.slimscroll.min.js
        jquery.tmpl.js
        jquery.i18n.properties.min.js
        jquery.contextMenu.min.js
        css
        animate.css
        jquery.contextMenu.min.css
        main
        font-awesome.min93e3.css
        style.min862f.css
        animate.min.css
        bootstrap.min14ed.css
        login.css
        style.css
        skins.css
        bootstrap.min.css
        font-awesome.min.css
        login.min.css
        patterns
      - java
        com
        ruoyi
        RuoYiApplication.java
        web
        core
        resolver
        LoginUserArgumentResolver.java
        config
        SwaggerConfig.java
        InterceptorConfig.java
        interceptor
        LoginAuthInterceptor.java
        controller
        demo
        domain
        UserOperateModel.java
        controller
        DemoIconController.java
        DemoDialogController.java
        DemoFormController.java
        DemoTableController.java
        DemoOperateController.java
        DemoReportController.java
        tool
        SwaggerController.java
        BuildController.java
        GenController.java
        common
        CommonController.java
        monitor
        SysLogininforController.java
        SysOperlogController.java
        SysJobController.java
        ServerController.java
        SysJobLogController.java
        SysUserOnlineController.java
        DruidController.java
        system
        SysProfileController.java
        SysPostController.java
        SysDeptController.java
        SysUserController.java
        SysDictTypeController.java
        SysConfigController.java
        SysLoginController.java
        SysMenuController.java
        SysCaptchaController.java
        SysRoleController.java
        SysIndexController.java
        SysDictDataController.java
        SysNoticeController.java
        RuoYiServletInitializer.java
  - pom.xml
  - Dockerfile
- .gitignore

package com.ruoyi.common.xss;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;

import org.jsoup.Jsoup;
import org.jsoup.safety.Whitelist;

/**
 * XSS过滤处理
 *
 * @author ruoyi
 */
public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
    /**
     * @param request 请求
     */
    XssHttpServletRequestWrapper(HttpServletRequest request) {
        super(request);
    }

    @Override
    public String[] getParameterValues(String name) {
        String[] values = super.getParameterValues(name);
        if (values != null) {
            int length = values.length;
            String[] escapseValues = new String[length];
            for (int i = 0; i < length; i++) {
                // 防xss攻击和过滤前后空格
                escapseValues[i] = Jsoup.clean(values[i], Whitelist.relaxed()).trim();
            }
            return escapseValues;
        }
        return super.getParameterValues(name);
    }
}