后端校验入参:
/**Map集合解码,安全处理**/
public static Map<String, Object> decodeSecureMap(Map<String, Object> paraMap) {
for (String key : paraMap.keySet()) {
if (paraMap.get(key) == null) {
continue;
}
if (paraMap.get(key) instanceof File[]) {
continue;
}
if (paraMap.get(key) instanceof String) {
String para = (String) paraMap.get(key);
paraMap.put(key, decodeSecureString(para));
}
if (paraMap.get(key) instanceof String[]) {
String[] para = (String[]) paraMap.get(key);
for (int i = 0; i < para.length; i++) {
para[i] = decodeSecureString(para[i]);
}
paraMap.put(key, para);
}
}
return paraMap;
}
/**安全处理字符串**/
private static String decodeSecureString(String value) {
if (StringUtil.isEmpty(value)) {
return value;
}
return value.replaceAll("'", "").replaceAll("%", "").replaceAll("--", "");
}
遍历前端Map入参,对于每一个键值对,替换其中的特殊字符。第一个博客,请多多关照