提交 | 用户 | 时间
|
e57a89
|
1 |
package com.jcdm.common.xss; |
懒 |
2 |
|
|
3 |
import com.jcdm.common.utils.StringUtils; |
|
4 |
import javax.validation.ConstraintValidator; |
|
5 |
import javax.validation.ConstraintValidatorContext; |
|
6 |
import java.util.regex.Matcher; |
|
7 |
import java.util.regex.Pattern; |
|
8 |
|
|
9 |
/** |
|
10 |
* 自定义xss校验注解实现 |
|
11 |
* |
|
12 |
* @author jc |
|
13 |
*/ |
|
14 |
public class XssValidator implements ConstraintValidator<Xss, String> |
|
15 |
{ |
|
16 |
private static final String HTML_PATTERN = "<(\\S*?)[^>]*>.*?|<.*? />"; |
|
17 |
|
|
18 |
@Override |
|
19 |
public boolean isValid(String value, ConstraintValidatorContext constraintValidatorContext) |
|
20 |
{ |
|
21 |
if (StringUtils.isBlank(value)) |
|
22 |
{ |
|
23 |
return true; |
|
24 |
} |
|
25 |
return !containsHtml(value); |
|
26 |
} |
|
27 |
|
|
28 |
public static boolean containsHtml(String value) |
|
29 |
{ |
|
30 |
Pattern pattern = Pattern.compile(HTML_PATTERN); |
|
31 |
Matcher matcher = pattern.matcher(value); |
|
32 |
return matcher.matches(); |
|
33 |
} |
|
34 |
} |