feat: 新增 SaFirewallStrategy 防火墙策略:请求 path 黑名单校验、非法字符校验、白名单放行
This commit is contained in:
click33
+4
-4
@@ -16,7 +16,7 @@
|
||||
package cn.dev33.satoken.reactor.filter;
|
||||
|
||||
import cn.dev33.satoken.exception.RequestPathInvalidException;
|
||||
import cn.dev33.satoken.strategy.SaStrategy;
|
||||
import cn.dev33.satoken.strategy.SaFirewallStrategy;
|
||||
import cn.dev33.satoken.util.SaTokenConsts;
|
||||
import org.springframework.core.annotation.Order;
|
||||
import org.springframework.web.server.ServerWebExchange;
|
||||
@@ -38,13 +38,13 @@ public class SaPathCheckFilterForReactor implements WebFilter {
|
||||
|
||||
// 校验本次请求 path 是否合法
|
||||
try {
|
||||
SaStrategy.instance.checkRequestPath.run(exchange.getRequest().getPath().toString(), exchange, null);
|
||||
SaFirewallStrategy.instance.checkRequestPath.run(exchange.getRequest().getPath().toString(), exchange, null);
|
||||
} catch (RequestPathInvalidException e) {
|
||||
if(SaStrategy.instance.requestPathInvalidHandle == null) {
|
||||
if(SaFirewallStrategy.instance.requestPathInvalidHandle == null) {
|
||||
exchange.getResponse().getHeaders().set(SaTokenConsts.CONTENT_TYPE_KEY, SaTokenConsts.CONTENT_TYPE_TEXT_PLAIN);
|
||||
return exchange.getResponse().writeWith(Mono.just(exchange.getResponse().bufferFactory().wrap(e.getMessage().getBytes())));
|
||||
} else {
|
||||
SaStrategy.instance.requestPathInvalidHandle.run(e, exchange, null);
|
||||
SaFirewallStrategy.instance.requestPathInvalidHandle.run(e, exchange, null);
|
||||
}
|
||||
return Mono.empty();
|
||||
}
|
||||
|
||||
+4
-4
@@ -16,7 +16,7 @@
|
||||
package cn.dev33.satoken.reactor.filter;
|
||||
|
||||
import cn.dev33.satoken.exception.RequestPathInvalidException;
|
||||
import cn.dev33.satoken.strategy.SaStrategy;
|
||||
import cn.dev33.satoken.strategy.SaFirewallStrategy;
|
||||
import cn.dev33.satoken.util.SaTokenConsts;
|
||||
import org.springframework.core.annotation.Order;
|
||||
import org.springframework.web.server.ServerWebExchange;
|
||||
@@ -38,13 +38,13 @@ public class SaPathCheckFilterForReactor implements WebFilter {
|
||||
|
||||
// 校验本次请求 path 是否合法
|
||||
try {
|
||||
SaStrategy.instance.checkRequestPath.run(exchange.getRequest().getPath().toString(), exchange, null);
|
||||
SaFirewallStrategy.instance.checkRequestPath.run(exchange.getRequest().getPath().toString(), exchange, null);
|
||||
} catch (RequestPathInvalidException e) {
|
||||
if(SaStrategy.instance.requestPathInvalidHandle == null) {
|
||||
if(SaFirewallStrategy.instance.requestPathInvalidHandle == null) {
|
||||
exchange.getResponse().getHeaders().set(SaTokenConsts.CONTENT_TYPE_KEY, SaTokenConsts.CONTENT_TYPE_TEXT_PLAIN);
|
||||
return exchange.getResponse().writeWith(Mono.just(exchange.getResponse().bufferFactory().wrap(e.getMessage().getBytes())));
|
||||
} else {
|
||||
SaStrategy.instance.requestPathInvalidHandle.run(e, exchange, null);
|
||||
SaFirewallStrategy.instance.requestPathInvalidHandle.run(e, exchange, null);
|
||||
}
|
||||
return Mono.empty();
|
||||
}
|
||||
|
||||
+4
-4
@@ -16,7 +16,7 @@
|
||||
package cn.dev33.satoken.filter;
|
||||
|
||||
import cn.dev33.satoken.exception.RequestPathInvalidException;
|
||||
import cn.dev33.satoken.strategy.SaStrategy;
|
||||
import cn.dev33.satoken.strategy.SaFirewallStrategy;
|
||||
import cn.dev33.satoken.util.SaTokenConsts;
|
||||
import org.springframework.core.annotation.Order;
|
||||
|
||||
@@ -39,14 +39,14 @@ public class SaPathCheckFilterForServlet implements Filter {
|
||||
// 校验本次请求 path 是否合法
|
||||
try {
|
||||
HttpServletRequest req = (HttpServletRequest) request;
|
||||
SaStrategy.instance.checkRequestPath.run(req.getRequestURI(), request, response);
|
||||
SaFirewallStrategy.instance.checkRequestPath.run(req.getRequestURI(), request, response);
|
||||
} catch (RequestPathInvalidException e) {
|
||||
if(SaStrategy.instance.requestPathInvalidHandle == null) {
|
||||
if(SaFirewallStrategy.instance.requestPathInvalidHandle == null) {
|
||||
response.setContentType("text/plain; charset=utf-8");
|
||||
response.getWriter().print(e.getMessage());
|
||||
response.getWriter().flush();
|
||||
} else {
|
||||
SaStrategy.instance.requestPathInvalidHandle.run(e, request, response);
|
||||
SaFirewallStrategy.instance.requestPathInvalidHandle.run(e, request, response);
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
||||
+4
-4
@@ -16,7 +16,7 @@
|
||||
package cn.dev33.satoken.filter;
|
||||
|
||||
import cn.dev33.satoken.exception.RequestPathInvalidException;
|
||||
import cn.dev33.satoken.strategy.SaStrategy;
|
||||
import cn.dev33.satoken.strategy.SaFirewallStrategy;
|
||||
import cn.dev33.satoken.util.SaTokenConsts;
|
||||
import jakarta.servlet.*;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
@@ -39,14 +39,14 @@ public class SaPathCheckFilterForJakartaServlet implements Filter {
|
||||
// 校验本次请求 path 是否合法
|
||||
try {
|
||||
HttpServletRequest req = (HttpServletRequest) request;
|
||||
SaStrategy.instance.checkRequestPath.run(req.getRequestURI(), request, response);
|
||||
SaFirewallStrategy.instance.checkRequestPath.run(req.getRequestURI(), request, response);
|
||||
} catch (RequestPathInvalidException e) {
|
||||
if(SaStrategy.instance.requestPathInvalidHandle == null) {
|
||||
if(SaFirewallStrategy.instance.requestPathInvalidHandle == null) {
|
||||
response.setContentType("text/plain; charset=utf-8");
|
||||
response.getWriter().print(e.getMessage());
|
||||
response.getWriter().flush();
|
||||
} else {
|
||||
SaStrategy.instance.requestPathInvalidHandle.run(e, request, response);
|
||||
SaFirewallStrategy.instance.requestPathInvalidHandle.run(e, request, response);
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user