From 579bc2c0c6db1cfa687e66051f11ca64d0a3578e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=86=B7=E5=86=B7?= Date: Sat, 21 Jul 2018 18:13:53 +0800 Subject: [PATCH] =?UTF-8?q?:lock:=20=E4=BF=AE=E5=A4=8D=E5=AE=89=E5=85=A8?= =?UTF-8?q?=E9=97=AE=E9=A2=98=E3=80=82xss=20debug=20=E6=97=A5=E5=BF=97?= =?UTF-8?q?=E7=AF=A1=E6=94=B9=E9=97=AE=E9=A2=98,thx=20@=E7=B2=92=E4=BB=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../github/pig/common/bean/xss/HtmlFilter.java | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/pig-common/src/main/java/com/github/pig/common/bean/xss/HtmlFilter.java b/pig-common/src/main/java/com/github/pig/common/bean/xss/HtmlFilter.java index 1afd799c..5b37b90b 100644 --- a/pig-common/src/main/java/com/github/pig/common/bean/xss/HtmlFilter.java +++ b/pig-common/src/main/java/com/github/pig/common/bean/xss/HtmlFilter.java @@ -23,6 +23,8 @@ import java.util.concurrent.ConcurrentMap; import java.util.logging.Logger; import java.util.regex.Matcher; import java.util.regex.Pattern; +import java.text.Normalizer; +import java.text.Normalizer.Form; /** * HTML filtering utility for protecting against XSS (Cross Site Scripting). @@ -222,10 +224,20 @@ public final class HtmlFilter { private void debug(final String msg) { if (vDebug) { - Logger.getAnonymousLogger().info(msg); + Logger.getAnonymousLogger().info(validMsg(msg)); } } - + /** + * valid msg + * + * @param msg + * @return encodeMsg + */ + public static String validMsg(String msg) { + String encodeMsg = Normalizer.normalize(msg, Form.NFKC); + encodeMsg = encodeMsg.replaceAll("(\r|\n|%0d|%0a)", ""); + return encodeMsg; + } /** * my versions of some PHP library functions *