非法值校验
This commit is contained in:
parent
d92f9c3898
commit
677d735889
|
|
@ -15,24 +15,17 @@ public class SafeUtil {
|
||||||
* 安全SQL模式,用于检测SQL注入的正则表达式
|
* 安全SQL模式,用于检测SQL注入的正则表达式
|
||||||
* 包含常见的SQL注入关键字和注释符号
|
* 包含常见的SQL注入关键字和注释符号
|
||||||
*/
|
*/
|
||||||
public final static String SAFE_SQL_PATTERN = "(?:')|(?:--)|(/\\*(?:.|[\\n\\r])*?\\*/)|"
|
public final static String SAFE_SQL_PATTERN =
|
||||||
+ "(\\b(select|update|delete|insert|trancate|char|into|substr|ascii|declare|exec|count|master|into|drop|execute)\\b)";
|
"(?:')|(?:--)|(/\\*(?:.|[\\n\\r])*?\\*/)|" +
|
||||||
|
"(\\b(select|update|delete|insert|trancate|char|into|substr|ascii|declare|exec|count|master|into|drop|execute|union|from|where|and|or|alter|create|truncate|sys|information_schema|concat|substring|xp_cmdshell)\\b)|" +
|
||||||
|
"(?:#)|(?:\")|(\\bsp_\\w+\\b)";
|
||||||
|
|
||||||
/**
|
|
||||||
* 安全脚本模式,用于检测脚本注入的正则表达式
|
|
||||||
* 由于平台中setfilter中使用多个参数时用到&符号,因此未包含&符号
|
|
||||||
*/
|
|
||||||
/*public final static String SAFE_SCRIPT_PATTERN =
|
|
||||||
"(\\||;|\\$|'|\\'|0x0d|0x0a|\\%27|\\%3B" +
|
|
||||||
"|<>|\\[\\]|\\(\\)|/|\"" +
|
|
||||||
"|script|alert|svg|confirm|prompt|onload" +
|
|
||||||
"|%3c|%3e|%2b|@|!|img|src" +
|
|
||||||
"|%)";*/
|
|
||||||
// 危险字符和编码
|
// 危险字符和编码
|
||||||
public final static String DANGEROUS_CHARS =
|
public final static String DANGEROUS_CHARS =
|
||||||
"(\\||;|\\$|'|\\'|0x0d|0x0a|\\%27|\\%3B" +
|
"(<.*>|\\[.*\\]|\\(.*\\)|\".*\"|'.*'|@|!|\\$|;|\\||/)" +
|
||||||
"|<>|\\[\\]|\\(\\)|/|\"" +
|
"|(%3[cdef]|%2[bf2789]|%5[bd]|%3b|%28|%29)" +
|
||||||
"|%3c|%3e|%2b|@|!|%)";
|
"|(\\\\x3[cdef]|\\\\x2[bf27])" +
|
||||||
|
"|(data:text/html|base64|document\\.|window\\.|location\\.|cookie)";
|
||||||
|
|
||||||
// JavaScript危险函数(带括号)
|
// JavaScript危险函数(带括号)
|
||||||
public final static String DANGEROUS_FUNCTIONS =
|
public final static String DANGEROUS_FUNCTIONS =
|
||||||
|
|
|
||||||
|
|
@ -87,6 +87,52 @@ public class XssCheck {
|
||||||
XSS_PATTERNS.add(Pattern.compile("window\\.", Pattern.CASE_INSENSITIVE));
|
XSS_PATTERNS.add(Pattern.compile("window\\.", Pattern.CASE_INSENSITIVE));
|
||||||
XSS_PATTERNS.add(Pattern.compile("location\\.", Pattern.CASE_INSENSITIVE));
|
XSS_PATTERNS.add(Pattern.compile("location\\.", Pattern.CASE_INSENSITIVE));
|
||||||
XSS_PATTERNS.add(Pattern.compile("cookie", Pattern.CASE_INSENSITIVE));
|
XSS_PATTERNS.add(Pattern.compile("cookie", Pattern.CASE_INSENSITIVE));
|
||||||
|
|
||||||
|
// 1. SQL注释模式
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("--", Pattern.CASE_INSENSITIVE)); // 单行注释
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("/\\*.*?\\*/", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL)); // 多行注释
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("#", Pattern.CASE_INSENSITIVE)); // MySQL注释
|
||||||
|
|
||||||
|
// 2. 字符串分隔符
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("'", Pattern.CASE_INSENSITIVE)); // 单引号
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\"", Pattern.CASE_INSENSITIVE)); // 双引号
|
||||||
|
|
||||||
|
// 3. DML操作关键字
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bselect\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\binsert\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bupdate\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bdelete\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bdrop\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\btruncate\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\balter\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bcreate\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
|
||||||
|
// 4. 系统函数和过程
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bexec\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bexecute\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bdeclare\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bxp_cmdshell\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bsp_\\w+\\b", Pattern.CASE_INSENSITIVE)); // 存储过程
|
||||||
|
|
||||||
|
// 5. 字符串和编码函数
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bchar\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bascii\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bsubstr\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bsubstring\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bconcat\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
|
||||||
|
// 6. 系统表和信息
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bmaster\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bsys\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\binformation_schema\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
|
||||||
|
// 7. 联合查询和其他操作
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bunion\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\binto\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bfrom\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bwhere\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\band\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bor\\b", Pattern.CASE_INSENSITIVE));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
||||||
|
|
@ -91,6 +91,52 @@ public class XssRequestWrapper extends HttpServletRequestWrapper {
|
||||||
XSS_PATTERNS.add(Pattern.compile("window\\.", Pattern.CASE_INSENSITIVE));
|
XSS_PATTERNS.add(Pattern.compile("window\\.", Pattern.CASE_INSENSITIVE));
|
||||||
XSS_PATTERNS.add(Pattern.compile("location\\.", Pattern.CASE_INSENSITIVE));
|
XSS_PATTERNS.add(Pattern.compile("location\\.", Pattern.CASE_INSENSITIVE));
|
||||||
XSS_PATTERNS.add(Pattern.compile("cookie", Pattern.CASE_INSENSITIVE));
|
XSS_PATTERNS.add(Pattern.compile("cookie", Pattern.CASE_INSENSITIVE));
|
||||||
|
|
||||||
|
// 1. SQL注释模式
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("--", Pattern.CASE_INSENSITIVE)); // 单行注释
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("/\\*.*?\\*/", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL)); // 多行注释
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("#", Pattern.CASE_INSENSITIVE)); // MySQL注释
|
||||||
|
|
||||||
|
// 2. 字符串分隔符
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("'", Pattern.CASE_INSENSITIVE)); // 单引号
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\"", Pattern.CASE_INSENSITIVE)); // 双引号
|
||||||
|
|
||||||
|
// 3. DML操作关键字
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bselect\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\binsert\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bupdate\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bdelete\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bdrop\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\btruncate\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\balter\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bcreate\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
|
||||||
|
// 4. 系统函数和过程
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bexec\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bexecute\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bdeclare\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bxp_cmdshell\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bsp_\\w+\\b", Pattern.CASE_INSENSITIVE)); // 存储过程
|
||||||
|
|
||||||
|
// 5. 字符串和编码函数
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bchar\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bascii\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bsubstr\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bsubstring\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bconcat\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
|
||||||
|
// 6. 系统表和信息
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bmaster\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bsys\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\binformation_schema\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
|
||||||
|
// 7. 联合查询和其他操作
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bunion\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\binto\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bfrom\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bwhere\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\band\\b", Pattern.CASE_INSENSITIVE));
|
||||||
|
XSS_PATTERNS.add(Pattern.compile("\\bor\\b", Pattern.CASE_INSENSITIVE));
|
||||||
}
|
}
|
||||||
|
|
||||||
public XssRequestWrapper(HttpServletRequest request) {
|
public XssRequestWrapper(HttpServletRequest request) {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue