Commit 61c627d7 authored by AfirSraftGarrier's avatar AfirSraftGarrier

2.1.1 跨站脚本:存储型XSS

parent c2570541
...@@ -32,6 +32,7 @@ public class JwtFilter implements Filter { ...@@ -32,6 +32,7 @@ public class JwtFilter implements Filter {
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
final HttpServletRequest request = (HttpServletRequest) servletRequest; final HttpServletRequest request = (HttpServletRequest) servletRequest;
final HttpServletResponse response = (HttpServletResponse) servletResponse; final HttpServletResponse response = (HttpServletResponse) servletResponse;
response.setHeader("Set-Cookie","cookiename=cookievalue; path=/; Domain=domainvaule; Max-age=seconds; HttpOnly");
response.setContentType("text/html; charset=utf-8"); response.setContentType("text/html; charset=utf-8");
if ("OPTIONS".equals(request.getMethod())) { if ("OPTIONS".equals(request.getMethod())) {
response.setStatus(HttpServletResponse.SC_OK); response.setStatus(HttpServletResponse.SC_OK);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment