|
|
@@ -0,0 +1,51 @@
|
|
|
+package com.style24.core.support.filter;
|
|
|
+
|
|
|
+import java.util.ArrayList;
|
|
|
+import java.util.List;
|
|
|
+
|
|
|
+import javax.servlet.http.HttpServletRequest;
|
|
|
+import javax.servlet.http.HttpServletRequestWrapper;
|
|
|
+
|
|
|
+import org.apache.commons.lang3.StringUtils;
|
|
|
+
|
|
|
+public class TscServletRequestWrapper extends HttpServletRequestWrapper {
|
|
|
+
|
|
|
+ public TscServletRequestWrapper(HttpServletRequest request) {
|
|
|
+ super(request);
|
|
|
+ }
|
|
|
+
|
|
|
+ public String[] getParameterValues(String name) {
|
|
|
+ String[] values = super.getParameterValues(name);
|
|
|
+ if (values == null) {
|
|
|
+ return null;
|
|
|
+ } else {
|
|
|
+ List<String> removedValues = new ArrayList();
|
|
|
+ String[] var4 = values;
|
|
|
+ int var5 = values.length;
|
|
|
+
|
|
|
+ for (int var6 = 0; var6 < var5; ++var6) {
|
|
|
+ String value = var4[var6];
|
|
|
+ if (StringUtils.isBlank(value)) {
|
|
|
+ removedValues.add(value);
|
|
|
+ } else {
|
|
|
+ removedValues.add(this.convertParameter(value));
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ return (String[])removedValues.toArray(new String[removedValues.size()]);
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ public String getParameter(String name) {
|
|
|
+ String value = super.getParameter(name);
|
|
|
+ return StringUtils.isBlank(value) ? value : this.convertParameter(value);
|
|
|
+ }
|
|
|
+
|
|
|
+ private String convertParameter(String value) {
|
|
|
+ value = value.replaceAll("<", "<");
|
|
|
+ value = value.replaceAll(">", ">");
|
|
|
+ value = value.replaceAll("script", "");
|
|
|
+ return value;
|
|
|
+ }
|
|
|
+
|
|
|
+}
|
gagamel