private String xssEncode(String value) {
if (value == null || value.isEmpty()) {
return value;
}
value = value.replaceAll("eval\\((.*)\\)", "");
value = value.replaceAll("[\\\"\\\'][\\s]*javascript:(.*)[\\\"\\\']", "\"\"");
value = value.replaceAll("<script", "<script").replaceAll("script>", "script>");
return value;
}
xss过滤
最新推荐文章于 2024-05-04 20:20:27 发布