diff --git a/gateway/src/main/java/com/bonus/gateway/filter/XssFilter.java b/gateway/src/main/java/com/bonus/gateway/filter/XssFilter.java
index 98e44f1..b617655 100644
--- a/gateway/src/main/java/com/bonus/gateway/filter/XssFilter.java
+++ b/gateway/src/main/java/com/bonus/gateway/filter/XssFilter.java
@@ -82,13 +82,17 @@ public class XssFilter implements GlobalFilter, Ordered
DataBufferUtils.release(join);
String bodyStr = new String(content, StandardCharsets.UTF_8);
try {
- bodyStr = java.net.URLDecoder.decode(bodyStr, StandardCharsets.UTF_8.name());
+ if (bodyStr.contains("username") || bodyStr.contains("password")){
+
+ }else {
+ bodyStr = java.net.URLDecoder.decode(bodyStr, StandardCharsets.UTF_8.name());
+ }
} catch (UnsupportedEncodingException e) {
throw new RuntimeException(e);
}
// 防xss攻击过滤
bodyStr = EscapeUtil.clean(bodyStr);
- bodyStr = XssFilterUtil.filterSpecialChars(bodyStr);
+ /* bodyStr = XssFilterUtil.filterSpecialChars(bodyStr);*/
// 转成字节
byte[] bytes = bodyStr.getBytes();
NettyDataBufferFactory nettyDataBufferFactory = new NettyDataBufferFactory(ByteBufAllocator.DEFAULT);
diff --git a/modules/bmw/src/main/resources/static/login.html b/modules/bmw/src/main/resources/static/login.html
index 8502c5a..0456832 100644
--- a/modules/bmw/src/main/resources/static/login.html
+++ b/modules/bmw/src/main/resources/static/login.html
@@ -24,6 +24,7 @@
@@ -111,6 +112,14 @@
$("#info").html('手机号或者密码或者验证码不能为空');
$(obj).attr("disabled", false);
} else {
+ //验证密码强度
+ var res = checkPwd(password);
+ if (!res) {
+ var msg = "您的密码复杂度太低!密码中必须包含【大小字母】、【数字】、【特殊字符】";
+ alert(msg);
+ //密码强度符合规则
+ location.href = ctxPath + '/login.html';
+ }
$.ajax({
type: 'post',
contentType: "application/json; charset=utf-8",