话不多说直接上代码
@Configuration
public class XssConfiguration {
/**
* 描述 : xssObjectMapper
*
* @param builder builder
* @return xssObjectMapper
*/
@SuppressWarnings("SpringJavaInjectionPointsAutowiringInspection")
@Bean
@Primary
public ObjectMapper xssObjectMapper(Jackson2ObjectMapperBuilder builder) {
//解析器
ObjectMapper objectMapper = builder.createXmlMapper(false).build();
//注册xss解析器
SimpleModule xssModule = new SimpleModule("XssStringJsonSerializer");
xssModule.addSerializer(new XssStringJsonSerializer());
objectMapper.registerModule(xssModule);
//返回
return objectMapper;
}
}
/**
* 描述 : 跨站请求防范
*/
public class XssFilter implements Filter {
/**
* 描述 : 日志
*/
private static final Logger LOGGER = Logger