34 lines
928 B
Plaintext
34 lines
928 B
Plaintext
package com.securityControl.common.core.xss;
|
|
|
|
import java.util.regex.Matcher;
|
|
import java.util.regex.Pattern;
|
|
import javax.validation.ConstraintValidator;
|
|
import javax.validation.ConstraintValidatorContext;
|
|
import com.securityControl.common.core.utils.StringUtils;
|
|
|
|
/**
|
|
* 自定义xss校验注解实现
|
|
*
|
|
* @author czc
|
|
*/
|
|
public class XssValidator implements ConstraintValidator<Xss, String>
|
|
{
|
|
private static final String HTML_PATTERN = "<(\\S*?)[^>]*>.*?|<.*? />";
|
|
|
|
@Override
|
|
public boolean isValid(String value, ConstraintValidatorContext constraintValidatorContext)
|
|
{
|
|
if (StringUtils.isBlank(value))
|
|
{
|
|
return true;
|
|
}
|
|
return !containsHtml(value);
|
|
}
|
|
|
|
public static boolean containsHtml(String value)
|
|
{
|
|
Pattern pattern = Pattern.compile(HTML_PATTERN);
|
|
Matcher matcher = pattern.matcher(value);
|
|
return matcher.matches();
|
|
}
|
|
} |