直接干货不费事
在线求赞!
<!--java soup 过滤xss字段-->
<dependency>
<groupId>org.jsoup</groupId>
<artifactId>jsoup</artifactId>
<version>1.10.2</version>
</dependency>
package com.protectzaizai.schoolcardoa.utils;
import org.jsoup.Jsoup;
import org.jsoup.nodes.Document;
import org.jsoup.safety.Whitelist;
/**
* date: 2019/12/10 21:13 <br>
* author: Odd <br>
* version: 1.0 <br>
*/
public class XSSFilterUtil {
//使用默认的白名单,有一些默认的标签
private static final Whitelist WHITELIST = Whitelist.basicWithImages();
//配置过滤化参数,不对代码进行格式化
private static final Document.OutputSettings OUTPUT_SETTINGS = new Document.OutputSettings().prettyPrint(false);
public static String clean(String content) {
return Jsoup.clean(content, "", WHITELIST, OUTPUT_SETTINGS);
}
}
以下是config部分
package com.protectzaizai.schoolcardoa.config;
import com.alibaba.fastjson.serializer.SerializerFeature;
import com.alibaba.fastjson.support.config.FastJsonConfig;
import com.alibaba.fastjson.support.spring.FastJsonHttpMessageConverter;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.MediaType;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.http.converter.StringHttpMessageConverter;
import org.springframework.web.servlet.config