private static String cleanXSS(String value) { if (StringUtils.isNotBlank(value)) { value = value.replaceAll("<", "<"); value = value.replaceAll(">", ">"); value = value.replaceAll("'", "'"); value = value.replaceAll("script", ""); value = value.replaceAll("alert", ""); value = value.replaceAll("javascript", ""); value = value.replaceAll("javasc", ""); value = value.replaceAll(";", "﹔"); value = value.replaceAll("&", "&"); value = value.replaceAll("#", "#"); value = value.replaceAll("html", ""); value = value.replaceAll("\\[", ""); value = value.replaceAll("wget", "wg?t");// "c"→"?" value = value.replaceAll(".ini", "");// "c"→"?" value = value.replaceAll("powershell", "pow?rsh?ll");// "c"→"?" value = value.replaceAll("select", "sele?t");// "c"→"?" value = value.replaceAll("truncate", "trun?ate");// "c"→"?" value = value.replaceAll("exec", "exe?");// "c"→"?" value = value.replaceAll("join", "j?in");// "o"→"?" value = value.replaceAll("union", "uni?n");// "o"→"?" value = value.replaceAll("drop", "dr?p");// "o"→"?" value = value.replaceAll("count", "c?unt");// "o"→"?" value = value.replaceAll("insert", "ins?rt");// "e"→"?" value = value.replaceAll("update", "updat?");// "e"→"?" value = value.replaceAll("delete", "d?l?t?");// "e"→"?" value = value.replaceAll("script", "s?ript");// "c"→"?" value = value.replaceAll("cookie", "c??kie");// "o"→"?" value = value.replaceAll("iframe", "ifram?");// "e"→"?" value = value.replaceAll("onmouseover", "?nmous?ov?r");// "e"→"?" value = value.replaceAll("onmousemove", "?nmous?mov?");// "e"→"?"*/ value = value.replaceAll("onclick", ""); value = value.replaceAll("prompt", ""); value = value.replaceAll("onmouseenter", ""); value = value.replaceAll("confirm", ""); value = value.replaceAll("eval", ""); value = value.replaceAll("onerror", "");// "e"→"?"*/ } return value; }
08-01
1938
![](https://csdnimg.cn/release/blogv2/dist/pc/img/readCountWhite.png)
“相关推荐”对你有帮助么?
-
非常没帮助
-
没帮助
-
一般
-
有帮助
-
非常有帮助
提交