JAVAWEB项目解决xss漏洞攻击

最新推荐文章于 2024-06-26 10:44:18 发布
最新推荐文章于 2024-06-26 10:44:18 发布
阅读量5.3k 收藏 8
点赞数 4
分类专栏: java 文章标签: 漏洞修复
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/lllkkk0126/article/details/90439332
版权

由于公司安全部门扫描公司上线网站发现了跨脚本传输漏洞,因此派我修复,特把修复心得记录下来

首先,什么是xss?xss攻击全称跨站脚本攻击,就比如< IMG SRC="javascri pt:alert('XSS');" >;可以在参数中加入js代码。

解决方案:

1、采用esapi通过入参校验过滤,这种方案是最安全的,也是最麻烦的。

2、采用过滤器的方法在获取参数的时候对入参进行特殊字符格式化。我采用的就是这种方法。

下面讲解一下 步骤

一:添加xssfilter类  XSSAttackInterceptor.java

public class XSSAttackInterceptor implements Filter {

    private static final long serialVersionUID = 7427725804042693717L;

    private Logger logger = Logger.getLogger(XSSAttackInterceptor.class);

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {

    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
        XssHttpServletRequestWrapper xssRequest = new XssHttpServletRequestWrapper((HttpServletRequest) request);
        filterChain.doFilter(xssRequest, response);
    }

    @Override
    public void destroy() {

    }

第二步:添加XssHttpServletRequestWrapper.java

public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
    public XssHttpServletRequestWrapper(HttpServletRequest servletRequest) {
        super(servletRequest);
    }

    public String[] getParameterValues(String parameter) {
        String[] values = super.getParameterValues(parameter);
        if (values == null) {
            return null;
        }
        int count = values.length;
        String[] encodedValues = new String[count];
        for (int i = 0; i < count; i++) {
            encodedValues[i] = cleanXSS(values[i]);
        }
        return encodedValues;
    }

    public String getParameter(String parameter) {
        String value = super.getParameter(parameter);
        if (value == null) {
            return null;
        }
        return cleanXSS(value);
    }

    public String getQueryString() {
        String value = super.getQueryString();
        if (value == null) {
            return null;
        }
        return cleanXSS(value);
    }

    public String getHeader(String name) {
        String value = super.getHeader(name);
        if (value == null)
            return null;
        return cleanXSS(value);
    }

    private String cleanXSS(String value) {
        if (StringUtils.isNotBlank(value)) {
            //删除script标签
            Pattern compile = Pattern.compile("<script>(.*?)</script>", Pattern.CASE_INSENSITIVE);
            value = compile.matcher(value).replaceAll("");
            compile = Pattern.compile("src[\r\n]*=[\r\n]*\\\'(.*?)\\\'", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
            value = compile.matcher(value).replaceAll("");
            compile = Pattern.compile("src[\r\n]*=[\r\n]*\\\"(.*?)\\\"", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
            value = compile.matcher(value).replaceAll("");
            // 删除单个的 </script> 标签
            compile = Pattern.compile("</script>", Pattern.CASE_INSENSITIVE);
            value = compile.matcher(value).replaceAll("");
            // 删除单个的<script ...> 标签
            compile = Pattern.compile("<script(.*?)>", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
            value = compile.matcher(value).replaceAll("");
            // 避免 eval(...) 形式表达式
            compile = Pattern.compile("eval\\((.*?)\\)", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
            value = compile.matcher(value).replaceAll("");
            // 避免 e­xpression(...) 表达式
            compile = Pattern.compile("e­xpression\\((.*?)\\)", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
            value = compile.matcher(value).replaceAll("");
            // 避免 javascript: 表达式
            compile = Pattern.compile("javascript:", Pattern.CASE_INSENSITIVE);
            value = compile.matcher(value).replaceAll("");
            // 避免 vbscript:表达式
            compile = Pattern.compile("vbscript:", Pattern.CASE_INSENSITIVE);
            value = compile.matcher(value).replaceAll("");
            value = cleanEventAttact(value);
            //替换特殊标签
            value = value.replaceAll("<", "&lt;").replaceAll(">", "&gt;");
        }
        return value;
    }

    /**
     * 屏蔽页面注入的所有html事件攻击
     *
     * @param value
     * @return
     */
    public String cleanEventAttact(String value) {
        //避免οnclick= 表达式
        Pattern compile = Pattern.compile("onafterprint(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onbeforeprint(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onbeforeunload(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onerror(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onhaschange(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onload(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onmessage(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onoffline(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("ononline(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onpagehide(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onpageshow(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onpopstate(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onredo(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onresize(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onstorage(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onundo(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onunload(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onblur(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onchange(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("oncontextmenu(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onfocus(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onformchange(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onforminput(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("oninput(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("oninvalid(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onreset(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onselect(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onsubmit(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onkeydown(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onkeypress(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onkeyup(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onclick(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("ondblclick(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("ondrag(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("ondragend(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("ondragenter(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("ondragleave(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("ondragover(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("ondragstart(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("ondrop(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onmousedown(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onmousemove(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onmouseout(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onmouseover(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onmouseenter(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onmouseup(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onmousewheel(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        compile = Pattern.compile("onscroll(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
        value = compile.matcher(value).replaceAll("");
        value = value.replace("document", "");//页面屏蔽document字样
        value = value.replace("alert", "");//页面屏蔽alert字样
        return value;
    }

}

 

第三步:在web.xml中添加filter

<filter>
  <filter-name>XSSAttackInterceptor</filter-name>
  <filter-class>com.xxx.common.filter.XSSAttackInterceptor</filter-class>
</filter>
<filter-mapping>
  <filter-name>XSSAttackInterceptor</filter-name>
  <url-pattern>*.do</url-pattern>
</filter-mapping>

 

经过上面三步即可完成xss漏洞攻击。

 

 

 

lllkkk0126
关注
  • 4
    点赞
  • 8
    收藏
    觉得还不错? 一键收藏
  • 7
    评论
专栏目录
Java 防御XSS攻击实战与示例代码
oscar999的专栏
01-08 1648
本篇介绍在Java 项目中如何快速修复XSS 漏洞。本篇使用的是黑名单的方式, 对于非法字符进行转义。 黑名单的方式虽然不能完全的解决XSS漏洞, 但是能有效的减轻攻击, 对于使用类似Coverity等代码静态扫描攻击扫描的漏洞修复之后就不会再报相关的警报了。
java web xss_JAVAWEB项目处理XSS漏洞攻击处理方案
weixin_35110758的博客
02-16 240
对页面传入的参数值进行过滤,过滤方法如下/*** 将容易引起xss漏洞的半角字符直接替换成全角字符** @param s* @return*/public static String xssEncode(String s) {if (s == null || s.equals("")) {return s;}try {s = URLDecoder.decode(s, UTF8);} catch ...
XSS漏洞-01】XSS漏洞简介、危害与分类及验证
最新发布
cc123489ll的博客
06-26 651
定义/原理:跨站脚本(Cross-Site Scripting),本应该缩写为CSS,但是该缩写已被层叠样式脚本Cascading Style Sheets所用,所以改简称为XSS。也称跨站脚本或跨站脚本攻击。跨站脚本攻击XSS通过将恶意得Script代码注入到Web页面中,当用户浏览该页之时,嵌入其中Web里面的Script代码会被执行,从而达到恶意攻击用户的目的。本质:是一种针对网站应用程序的安全漏洞攻击技术,是代码注入的一种。特点:XSS主要基于JavaScript。
Java接口xss_06_JavaWeb项目防止xss漏洞攻击解决办法
weixin_35182280的博客
03-01 269
步骤:pom添加maven依赖自定义过滤器Filter拦截请求,并对请求参数进行xss过滤处理具体实现如下:1. pom添加依赖org.apache.tomcattomcat-servlet-api8.0.36providedjavax.servletservlet-api2.5provided2. 自定义过滤器Filter,并对请求Request进行xss过滤处理@SpringBootConfi...
Java输入检验防止xss_06_JavaWeb项目防止xss漏洞攻击解决办法
weixin_35144564的博客
02-27 895
步骤:pom添加maven依赖自定义过滤器Filter拦截请求,并对请求参数进行xss过滤处理具体实现如下:1. pom添加依赖org.apache.tomcattomcat-servlet-api8.0.36providedjavax.servletservlet-api2.5provided2. 自定义过滤器Filter,并对请求Request进行xss过滤处理@SpringBootConfi...
JavaWeb 之 Springboot项目防止XSS漏洞攻击解决办法
古小龙
07-15 5800
1. 什么是XSS攻击 人们经常将跨站脚本攻击(Cross Site Scripting)缩写为CSS,但这会与层叠样式表(Cascading Style Sheets,CSS)的缩写混淆。因此,有人将跨站脚本攻击缩写为XSS。 跨站脚本攻击XSS),是目前最普遍的Web应用安全漏洞。这类漏洞能够使得攻击者嵌入恶意脚本代码到正常用户会访问到的页面中,当正常用户访问该页面时,则可导致嵌入的恶意...
XSS漏洞攻击与防护
m0_62425768的博客
10-27 122
(1) 熟悉 XSS漏洞攻击的流程;(2) 了解XSS漏洞攻击的危害;(3) 复现XSS漏洞攻击,并掌握一定的防护手段。
java web xss_javaWeb项目如何防止xss攻击详解
weixin_42131316的博客
02-13 794
关于xss的概念和解决方案网上很多,这里主要用到commons-lang3-3.1.jar这个包的org.apache.commons.lang3.StringEscapeUtils.escapeHtml4()这个方法。解决过程主要在用户输入和显示输出两步:在输入时对特殊字符如<>" ' & 转义,在输出时用jstl的fn:excapeXml("fff")方法。其中,输入时的过...
项目实战】Spring Boot项目抵御XSS攻击
apple_51673523的博客
11-22 3668
作为Web网站来说,抵御XSS攻击是必须要做的事情,这是非常常见的黑客攻击手段之一。XSS意思是跨站脚本攻击,英文全称Cross Site Scripting,为了不和层叠样式表(Cascading Style Sheets, CSS)的缩写混淆,故将跨站脚本攻击缩写为XSSXSS攻击的手段很简单,就是通过各种手段向我们的Web网站植入JS代码。
JAVA WEB之XSS漏洞详解及防御措施
洛阳泰山的博客
09-06 2103
pom文件依赖 <!--jsoup--> <dependency> <groupId>org.jsoup</groupId> <artifactId>jsoup</artifactId> <version>1.13.1</version> </dependency> 工具类代码
spring集成activity时启动报Tables missing for component(s) engine, history, identity
lllkkk0126的博客
10-16 9700
Caused By: org.activiti.engine.ActivitiException: Activiti database problem: Tables missing for component(s) engine, history, identity     at org.activiti.engine.impl.db.DbSqlSession.dbSchemaCheckVers...
pdfrenderer将pdf文件转化为图片
lllkkk0126的博客
08-31 7615
String path = fileName + ".pdf"; title = URLEncoder.encode(title, "UTF-8"); FtpUtils.getInstance("def").getFile(path, bos); os = response.getOutputStream(); InputStream is = new ByteArrayIn...
java对Data的操作
lllkkk0126的博客
05-22 6034
Date now = new Date(2018,5,1);   System.out.println(now.getDate());date有个构造函数可以输入年,月,日,当日=0时,其实输出的是上个月的最后一天SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd"); Date now = new Date(2018,5,1)...
Oracle数据库中clob字段转化成html展示到页面
lllkkk0126的博客
11-25 2075
数据库类型:oracle 今天在公司遇到一个问题,使用UEeditor将文章插入到clob字段中,然后无法将clob字段正常取出展示,我在网上查资料大部分人都是采用dbms_lob.substr(a.xxx,0,4000),对于数据库存储长度,最长为4000,这种方式的弊端就在于文章过长的时候截取字符串会报错。下面提供两种方式供参考 第一种:sql语句处理 1、--SQL语句 select...
class not found问题解析
lllkkk0126的博客
03-23 1827
场景:当启动tomcat时,报错信息为class not found ,而项目里面明明有这个jar包 分析:jvm的classLoader默认加载jar包为从上到下依次查找,当某个类被jvm加载之后他便不会往后查找此类, 解决方法:调整jar的位置,把需要先加载的jar包放在前面,后加载的jar包放在后面即可。 ...
把PDF文件展示在前端
lllkkk0126的博客
09-05 1518
第一步: 第二步:
springboot集成线程池并测试
lllkkk0126的博客
12-06 1282
&lt;dependency&gt; &lt;groupId&gt;org.springframework.boot&lt;/groupId&gt; &lt;artifactId&gt;spring-boot-starter-web&lt;/artifactId&gt; &lt;/dependency&gt; 其中已经包含了线程池需要用的的包,所以无需再引用,只需要配置就行 ...
java pdf转为image
lllkkk0126的博客
08-20 1228
public static void convertPdf2Image(String pdfFilepath,String imgFilepath) throws IOException { File file; file = new File(pdfFilepath); String filename = file.getName().substring...
JavaWeb项目腾讯云部署实战指南
"JavaWeb项目上云教程.pdf" 这篇教程主要介绍了如何将JavaWeb项目部署到腾讯云上,包括获取免费服务器、配置服务器、远程连接、安装管理面板、搭建环境以及最终部署项目的一系列步骤。 1. **白嫖服务器** - 注册...
评论 7
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值