public static String XSSHtmlFilt(String msg) {
StringBuffer buffer = new StringBuffer(msg.length());
for (int i = 0; i < msg.length(); i++) {
char c = msg.charAt(i);
switch (c) {
case '\b':
buffer.append("\\b");
break;
case '\f':
buffer.append("\\f");
break;
case '\n':
buffer.append("<br />");
break;
case '\r':
// ignore
break;
case '\t':
buffer.append("\\t");
break;
case '\'':
buffer.append("\\'");
break;
case '\"':
buffer.append("\\\"");
break;
case '\\':
buffer.append("\\\\");
break;
case '<':
buffer.append("<");
break;
case '>':
buffer.append(">");
break;
case '&':
buffer.append("&");
break;
default:
buffer.append(c);
}
}
return buffer.toString();
}
防止XSS攻击过滤工具类
最新推荐文章于 2024-04-25 09:54:18 发布