Skip to content

I
ioc_sixiang_license
Commit c600c541 authored by zengtianlai3's avatar zengtianlai3
Browse files
Options

xss 优化

parent 45a49a85
Hide whitespace changes
Inline Side-by-side
Showing with 8 additions and 1 deletion
license/src/main/java/iot/sixiang/license/controller/OperateController.java
View file @ c600c541
......@@ -25,6 +25,7 @@ import iot.sixiang.license.service.AlarmReadService;
import iot.sixiang.license.service.AlarmService;
import iot.sixiang.license.service.MonitorService;
import iot.sixiang.license.service.ServerService;
import iot.sixiang.license.xss.BeanCopyUtil;
import iot.sixiang.license.xss.XssUtil;
import lombok.extern.slf4j.Slf4j;
import org.owasp.esapi.ESAPI;
......@@ -103,7 +104,8 @@ public class OperateController {
String user = UserUtils.getLoginUserId();
int userI = Integer.valueOf(user);
List<AlarmVo> alarmList = alarmService.getAlarmList(userI);
return ResResult.success().goRecord(alarmList);
List<AlarmVo> alarmVos = BeanCopyUtil.copyListProperties(alarmList, AlarmVo::new);
return ResResult.success().goRecord(alarmVos);
}
@ApiOperation(value = "告警已读接口", notes = "将告警信息状态设为已读")
......
license/src/main/java/iot/sixiang/license/service/impl/AlarmReadServiceImpl.java
View file @ c600c541
......@@ -50,6 +50,11 @@ public class AlarmReadServiceImpl extends ServiceImpl<AlarmReadMapper, AlarmRead
String title = alarm.getTitle();
String content = alarm.getContent();
alarmId = Integer.valueOf(XssUtil.checkXSS(String.valueOf(alarmId)));
typeId = Integer.valueOf(XssUtil.checkXSS(String.valueOf(typeId)));
title = XssUtil.checkXSS(title);
content = XssUtil.checkXSS(content);
boolean res = alarmReadMapper.readAlarm(alarmId, typeId, title, content, userId);
if (!res) {
return false;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment