安全脚本模式去掉;

2025-03-07 13:54:10 +08:00 · 2025-03-07 13:54:10 +08:00 · a2793c4d5a
parent ea4a8a0731
commit a2793c4d5a
1 changed files with 4 additions and 1 deletions
--- a/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/utils/SafeUtil.java
+++ b/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/utils/SafeUtil.java
@ -22,7 +22,10 @@ public class SafeUtil {
     * 安全脚本模式，用于检测脚本注入的正则表达式
     * 由于平台中setfilter中使用多个参数时用到&符号，因此未包含&符号
     */
-    public final static String SAFE_SCRIPT_PATTERN = "(\\||;|\\$|'|\\'|0x0d|0x0a|\\%27|\\%3B)";
+//    public final static String SAFE_SCRIPT_PATTERN = "(\\||;|\\$|'|\\'|0x0d|0x0a|\\%27|\\%3B)";
+
+    public final static String SAFE_SCRIPT_PATTERN = "(\\||\\$|'|\\'|0x0d|0x0a|\\%27|\\%3B)";
+

    /**
     * 检查特殊字符的正则表达式