bonus
/
smart_archives_service
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

非法值校验

This commit is contained in:
cwchen 2025-09-29 18:12:00 +08:00
parent d92f9c3898
commit 677d735889
3 changed files with 100 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
bonus-common/src/main/java/com/bonus/common/utils/SafeUtil.java
View File

@ -15,24 +15,17 @@ public class SafeUtil {
* 安全SQL模式用于检测SQL注入的正则表达式
* 包含常见的SQL注入关键字和注释符号
*/
public final static String SAFE_SQL_PATTERN = "(?:')|(?:--)|(/\\*(?:.|[\\n\\r])*?\\*/)|"
+ "(\\b(select|update|delete|insert|trancate|char|into|substr|ascii|declare|exec|count|master|into|drop|execute)\\b)";
public final static String SAFE_SQL_PATTERN =
"(?:')|(?:--)|(/\\*(?:.|[\\n\\r])*?\\*/)|" +
"(\\b(select|update|delete|insert|trancate|char|into|substr|ascii|declare|exec|count|master|into|drop|execute|union|from|where|and|or|alter|create|truncate|sys|information_schema|concat|substring|xp_cmdshell)\\b)|" +
"(?:#)|(?:\")|(\\bsp_\\w+\\b)";
/**
* 安全脚本模式用于检测脚本注入的正则表达式
* 由于平台中setfilter中使用多个参数时用到&符号因此未包含&符号
*/
/*public final static String SAFE_SCRIPT_PATTERN =
"(\\||;|\\$|'|\\'|0x0d|0x0a|\\%27|\\%3B" +
"|<>|\\[\\]|\\(\\)|/|\"" +
"|script|alert|svg|confirm|prompt|onload" +
"|%3c|%3e|%2b|@|!|img|src" +
"|%)";*/
// 危险字符和编码
public final static String DANGEROUS_CHARS =
"(\\||;|\\$|'|\\'|0x0d|0x0a|\\%27|\\%3B" +
"|<>|\\[\\]|\\(\\)|/|\"" +
"|%3c|%3e|%2b|@|!|%)";
"(<.*>|\\[.*\\]|\\(.*\\)|\".*\"|'.*'|@|!|\\$|;|\\||/)" +
"|(%3[cdef]|%2[bf2789]|%5[bd]|%3b|%28|%29)" +
"|(\\\\x3[cdef]|\\\\x2[bf27])" +
"|(data:text/html|base64|document\\.|window\\.|location\\.|cookie)";
// JavaScript危险函数带括号
public final static String DANGEROUS_FUNCTIONS =

46
bonus-framework/src/main/java/com/bonus/framework/interceptor/XssCheck.java
View File

@ -87,6 +87,52 @@ public class XssCheck {
XSS_PATTERNS.add(Pattern.compile("window\\.", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("location\\.", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("cookie", Pattern.CASE_INSENSITIVE));
// 1. SQL注释模式
XSS_PATTERNS.add(Pattern.compile("--", Pattern.CASE_INSENSITIVE)); // 单行注释
XSS_PATTERNS.add(Pattern.compile("/\\*.*?\\*/", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL)); // 多行注释
XSS_PATTERNS.add(Pattern.compile("#", Pattern.CASE_INSENSITIVE)); // MySQL注释
// 2. 字符串分隔符
XSS_PATTERNS.add(Pattern.compile("'", Pattern.CASE_INSENSITIVE)); // 单引号
XSS_PATTERNS.add(Pattern.compile("\"", Pattern.CASE_INSENSITIVE)); // 双引号
// 3. DML操作关键字
XSS_PATTERNS.add(Pattern.compile("\\bselect\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\binsert\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bupdate\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bdelete\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bdrop\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\btruncate\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\balter\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bcreate\\b", Pattern.CASE_INSENSITIVE));
// 4. 系统函数和过程
XSS_PATTERNS.add(Pattern.compile("\\bexec\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bexecute\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bdeclare\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bxp_cmdshell\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bsp_\\w+\\b", Pattern.CASE_INSENSITIVE)); // 存储过程
// 5. 字符串和编码函数
XSS_PATTERNS.add(Pattern.compile("\\bchar\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bascii\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bsubstr\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bsubstring\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bconcat\\b", Pattern.CASE_INSENSITIVE));
// 6. 系统表和信息
XSS_PATTERNS.add(Pattern.compile("\\bmaster\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bsys\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\binformation_schema\\b", Pattern.CASE_INSENSITIVE));
// 7. 联合查询和其他操作
XSS_PATTERNS.add(Pattern.compile("\\bunion\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\binto\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bfrom\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bwhere\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\band\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bor\\b", Pattern.CASE_INSENSITIVE));
}
/**

46
bonus-framework/src/main/java/com/bonus/framework/interceptor/XssRequestWrapper.java
View File

@ -91,6 +91,52 @@ public class XssRequestWrapper extends HttpServletRequestWrapper {
XSS_PATTERNS.add(Pattern.compile("window\\.", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("location\\.", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("cookie", Pattern.CASE_INSENSITIVE));
// 1. SQL注释模式
XSS_PATTERNS.add(Pattern.compile("--", Pattern.CASE_INSENSITIVE)); // 单行注释
XSS_PATTERNS.add(Pattern.compile("/\\*.*?\\*/", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL)); // 多行注释
XSS_PATTERNS.add(Pattern.compile("#", Pattern.CASE_INSENSITIVE)); // MySQL注释
// 2. 字符串分隔符
XSS_PATTERNS.add(Pattern.compile("'", Pattern.CASE_INSENSITIVE)); // 单引号
XSS_PATTERNS.add(Pattern.compile("\"", Pattern.CASE_INSENSITIVE)); // 双引号
// 3. DML操作关键字
XSS_PATTERNS.add(Pattern.compile("\\bselect\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\binsert\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bupdate\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bdelete\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bdrop\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\btruncate\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\balter\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bcreate\\b", Pattern.CASE_INSENSITIVE));
// 4. 系统函数和过程
XSS_PATTERNS.add(Pattern.compile("\\bexec\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bexecute\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bdeclare\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bxp_cmdshell\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bsp_\\w+\\b", Pattern.CASE_INSENSITIVE)); // 存储过程
// 5. 字符串和编码函数
XSS_PATTERNS.add(Pattern.compile("\\bchar\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bascii\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bsubstr\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bsubstring\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bconcat\\b", Pattern.CASE_INSENSITIVE));
// 6. 系统表和信息
XSS_PATTERNS.add(Pattern.compile("\\bmaster\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bsys\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\binformation_schema\\b", Pattern.CASE_INSENSITIVE));
// 7. 联合查询和其他操作
XSS_PATTERNS.add(Pattern.compile("\\bunion\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\binto\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bfrom\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bwhere\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\band\\b", Pattern.CASE_INSENSITIVE));
XSS_PATTERNS.add(Pattern.compile("\\bor\\b", Pattern.CASE_INSENSITIVE));
}
public XssRequestWrapper(HttpServletRequest request) {