当发生SQL注入时不会执行控制器的方法,直接上代码
//tip:自定义一个切面类,并添加@Aspect,@Component
@Pointcut("execution(public * Your package path.*.*(..)")
public void test() {
}
@Around("test()")
public Object arround(ProceedingJoinPoint pjp) {
ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
HttpServletRequest request = attributes.getRequest();
String url = request.getRequestURL().toString();
String[] strings = {"add","select","drop","delete","from","where"};//简单定义
for (int i = 0; i < strings.length; i++) {
if (url.indexOf(strings[i]) >= 0) {//请求的URL中不能包含
System.out.println("当前请求:" + IS_SQL_INJECTION + ",有注入的字符:" + strings[i]);
return url;
}
}
Object[] args =pjp.getArgs();// 参数
for (int i = 0; i < args.length; i++) {
for (int j = 0; j < strings.length; j++) {
if (strings[j].indexOf((String)args[i]) >= 0){// 参数不能包含
System.out.println(UNVALIDATED_INPUT + ":" + args[i] );
return args[i];
}
}
}
return null;
}
@Autowired
UserService userService;
@RequestMapping("/a2ddUser")//这里用mapping和name测试
public String addUser(String name,int age,String sex){
System.out.println("你开始插进来了吗?");
if (name != null) {//简单判断一下
User user = new User();
user.setAge(age);
user.setName(name);
user.setSex(sex);
int i = userService.insertUser(user);
if(i > 0) {
System.out.println(name + "我开始插进来了?我没感觉到!");
return "success";
}
}
System.out.println(name + "你插入失败了" );
return "error";
}
以下分析SQL注入方式,URL注入和参数注入
(PS:可以不看下面的分析1和2,用上面的代码可以解决了!)
1、请求的URL包含自定义的关键字注入方式,直接上代码
@Pointcut("execution(public * "Your package path.*.*(..)")
public void test() {
}
@Around("test()")
public Object arround(ProceedingJoinPoint pjp) {
ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
HttpServletRequest request = attributes.getRequest();
String url = request.getRequestURL().toString()
String[] strings = {"add", "select", "drop", "delete", "from", "where"};//简单定义
for (int i = 0; i < strings.length; i++) {
if (url.indexOf(strings[i]) >= 0) {//请求的URL中不能包含
System.out.println("当前请求:" + IS_SQL_INJECTION + ",有注入的字符:" + strings[i]);
return url;
}
}
return "success";
}
@Autowired
UserService userService;
@RequestMapping("/addUser")
public String addUser(String name,int age,String sex){
System.out.println("你开始插进来了吗?");
if (name != null) {//简单判断一下
User user = new User();
user.setAge(age);
user.setName(name);
user.setSex(sex);
int i = userService.insertUser(user);
if(i > 0) {
System.out.println(name + "我开始插进来了?我没感觉到!");
return "success";
}
}
System.out.println(name + "你插入失败了" );
return "error";
}
可以看到当URL包含自定义的关键字时直接返回了当前URL,连控制器的方法都不执行了!
2、当URL没有包含自定义的关键字,而参数包含自定义的关键字的注入方式,直接上代码
@Around("test()")
public Object arround(ProceedingJoinPoint pjp) {
Object[] args =pjp.getArgs();
String[] strings = {"add","select","drop","delete","from","where"};//简单定义
for (int i = 0; i < args.length; i++) {
for (int j = 0; j < strings.length; j++) {
if (strings[j].indexOf((String)args[i]) >= 0){// 参数不能包含
System.out.println(UNVALIDATED_INPUT + ":" + args[i] );
return args[i];
}
}
}
return null;
}
@Autowired
UserService userService;
@RequestMapping("/a2ddUser")
public String addUser(String name,int age,String sex){
System.out.println("你开始插进来了吗?");
if (name != null) {//简单判断一下
User user = new User();
user.setAge(age);
user.setName(name);
user.setSex(sex);
int i = userService.insertUser(user);
if(i > 0) {
System.out.println(name + "我开始插进来了?我没感觉到!");
return "success";
}
}
System.out.println(name + "你插入失败了" );
return "error";
}
同样可以看到当参数值包含自定义的关键字时,直接返回了当前参数值,连控制器的方法都不执行