1.修复方案,过滤引起Log Forging漏洞的敏感字符的公共方法
|
/**
* Log Forging漏洞校验
* @param logs
* @return
*/
public static String vaildLog(String logs) {
List<String> list=new ArrayList<String>();
list.add("%0d");
list.add("%0a");
list.add("%0A");
list.add("%0D");
list.add("
");
list.add("
");
String normalize = Normalizer.normalize(logs, Normalizer.Form.NFKC);
for (String str : list) {
normalize=normalize.replace(str, "");
}
return normalize;
}
原文:https://blog.csdn.net/weixin_41796956/article/details/82907733
版权声明:本文为博主原创文章,转载请附上博文链接!
|