url存在sql注入漏洞的解决方法:
使用拦截器进行对request的host进行了验证,例如:
package com.XXX.interceptoer;
import com.jfinal.aop.Interceptor;
import com.jfinal.aop.Invocation;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
public class AuthInterceptor implements Interceptor {
@Override
public void intercept(Invocation invocation) {
// 头攻击检测
String requestHost = invocation.getController().getRequest().getHeader("host");
HttpServletResponse response = invocation.getController().getResponse();
response.addHeader("Set-Cookie", " Path=/; HttpOnly"); //Cookie 缺少 HttpOnly属性
response.addHeader("X-Frame-Options", "SAMEORIGIN"); //防止 x-frame-options 缺失
if (requestHost != null && !isWhite(requestHost)) {
response.setStatus(403);
return;
}else {
HttpSession session = invocation.getController().getSession();
String url = invocation.getController().getRequest().getRequestURI();
if (session.getAttribute("user") != null || checkUrl(url)) {
if (url.endsWith("/") && session.getAttribute("user") != null) {
try {
invocation.getController().getResponse().sendRedirect("/admin");
} catch (IOException e) {
e.printStackTrace();
}
} else
invocation.invoke();
} else {
try {
invocation.getController().getResponse().sendRedirect("/");
} catch (IOException e) {
e.printStackTrace();
}
}
}
}
private boolean checkUrl(String url) {
return "/".equals(url)
|| url.contains("/XXX/XXX");
}
private boolean isWhite(String host) {
List whiteList = new ArrayList();whiteList.add("localhost:8088");
whiteList.add("127.0.0.1:8088");
for (String str : whiteList) {
if (str != null && str.equals(host)) {
return true;
}
}
return false;
}
}
