非法值校验

2025-09-30 15:55:35 +08:00 · 2025-09-30 15:55:35 +08:00 · 219169c25b
parent 548dae5b4f
commit 219169c25b
1 changed files with 2 additions and 3 deletions
--- a/bonus-framework/src/main/java/com/bonus/framework/interceptor/XssRequestWrapper.java
+++ b/bonus-framework/src/main/java/com/bonus/framework/interceptor/XssRequestWrapper.java
@ -518,10 +518,9 @@ public class XssRequestWrapper extends HttpServletRequestWrapper {

        // 记录警告日志（特殊字符攻击在修改密码时不记录）
        if (!(isPasswordUpdateRequest() && attackType.startsWith("SPECIAL_CHAR_PATTERN_"))) {
-            log.warn("检测到安全威胁 - 参数: {}, 攻击类型: {}, 原始值: {}, 客户端IP: {}",
+            log.warn("检测到安全威胁 - 参数: {}, 攻击类型: {}, 原始值: {}",
                    paramName, attackType,
-                    originalValue.length() > 100 ? originalValue.substring(0, 100) + "..." : originalValue,
-                    illegalParam.getClientIp());
+                    originalValue.length() > 100 ? originalValue.substring(0, 100) + "..." : originalValue);
        }
    }