4 лет назад · 8138a7ccbe
--- a/src/main/java/com/style24/front/support/config/TsfWebMvcConfig.java
+++ b/src/main/java/com/style24/front/support/config/TsfWebMvcConfig.java
@@ -1,14 +1,18 @@
 
				 package com.style24.front.support.config;
			
 
				 
			
 
				 import java.nio.charset.Charset;
			
 
				+import java.util.Iterator;
			
 
				 import java.util.List;
			
 
				 
			
 
				 import org.springframework.beans.factory.annotation.Autowired;
			
 
				 import org.springframework.boot.web.servlet.FilterRegistrationBean;
			
 
				 import org.springframework.context.annotation.Bean;
			
 
				 import org.springframework.context.annotation.Configuration;
			
 
				+import org.springframework.http.MediaType;
			
 
				 import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
			
 
				+import org.springframework.http.converter.HttpMessageConverter;
			
 
				 import org.springframework.http.converter.StringHttpMessageConverter;
			
 
				+import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
			
 
				 import org.springframework.mobile.device.DeviceHandlerMethodArgumentResolver;
			
 
				 import org.springframework.mobile.device.DeviceResolverHandlerInterceptor;
			
 
				 import org.springframework.mobile.device.site.SitePreferenceHandlerInterceptor;
			
@@ -18,7 +22,9 @@ import org.springframework.web.multipart.support.MultipartFilter;
 
				 import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
			
 
				 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
			
 
				 
			
 
				+import com.fasterxml.jackson.databind.ObjectMapper;
			
 
				 import com.style24.core.support.filter.TscXssServletFilter;
			
 
				+import com.style24.core.support.text.TscHtmlCharacterEscapes;
			
 
				 import com.style24.front.support.interceptor.TsfAflinkInterceptor;
			
 
				 import com.style24.front.support.interceptor.TsfDefaultInterceptor;
			
 
				 import com.style24.front.support.interceptor.TsfGoodsViewInterceptor;
			
@@ -193,6 +199,37 @@ public class TsfWebMvcConfig implements WebMvcConfigurer {
 
				 		return bean;
			
 
				 	}
			
 
				 
			
 
				+	/**
			
 
				+	 * MappingJackson2HttpMessageConverter가 여러 개일 경우 내가 추가한 것이 선택되지 않을 수 있음
			
 
				+	 * 그러므로 application/json으로 선택되는 converter를 덮어 써야 함
			
 
				+	 */
			
 
				+	@SuppressWarnings("rawtypes")
			
 
				+	@Override
			
 
				+	public void configureMessageConverters(List<HttpMessageConverter<?>> converters) {
			
 
				+		// Replace MessageConverter from default WebMvcConfigurer
			
 
				+		Iterator<HttpMessageConverter<?>> converterIterator = converters.iterator();
			
 
				+		while (converterIterator.hasNext()) {
			
 
				+			// Do not add new one, must replace
			
 
				+			HttpMessageConverter converter = converterIterator.next();
			
 
				+			if (converter.getSupportedMediaTypes().contains(MediaType.APPLICATION_JSON)) {
			
 
				+				converterIterator.remove();
			
 
				+			}
			
 
				+		}
			
 
				+		converters.add(jsonEscapeConverter());
			
 
				+	}
			
 
				+
			
 
				+	/**
			
 
				+	 * XSS(Cross Site Script) Prevention
			
 
				+	 * 		@ResponseBody로 전달되는 JSON에 대한 처리
			
 
				+	 * @return
			
 
				+	 */
			
 
				+	@Bean
			
 
				+	public MappingJackson2HttpMessageConverter jsonEscapeConverter() {
			
 
				+		ObjectMapper objectMapper = new ObjectMapper();
			
 
				+		objectMapper.getFactory().setCharacterEscapes(new TscHtmlCharacterEscapes());
			
 
				+		return new MappingJackson2HttpMessageConverter(objectMapper);
			
 
				+	}
			
 
				+
			
 
				 	/**
			
 
				 	 * API 호출을 위한 RestTemplate 설정
			
 
				 	 * @return