参数拦截修改

2025-10-20 13:27:15 +08:00 · 2025-10-20 13:27:15 +08:00 · 05c3507dae
parent 7196a0694e
commit 05c3507dae
1 changed files with 1 additions and 1 deletions
--- a/bonus-framework/src/main/java/com/bonus/framework/interceptor/XssRequestWrapper.java
+++ b/bonus-framework/src/main/java/com/bonus/framework/interceptor/XssRequestWrapper.java
@ -110,7 +110,7 @@ public class XssRequestWrapper extends HttpServletRequestWrapper {
        // 1. SQL注释模式
        XSS_PATTERNS.add(Pattern.compile("--", Pattern.CASE_INSENSITIVE)); // 单行注释
        XSS_PATTERNS.add(Pattern.compile("/\\*.*?\\*/", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL)); // 多行注释
-        XSS_PATTERNS.add(Pattern.compile("#", Pattern.CASE_INSENSITIVE)); // MySQL注释
+//        XSS_PATTERNS.add(Pattern.compile("#", Pattern.CASE_INSENSITIVE)); // MySQL注释

        // 2. 字符串分隔符
        XSS_PATTERNS.add(Pattern.compile("'", Pattern.CASE_INSENSITIVE)); // 单引号