guoyuepeng
/
qa-prevention-gwj
1
0
Fork 3
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

代码回滚调整

liujun-2024-05-23-接口漏洞修复
liujun 2024-05-23 16:00:45 +08:00
parent 00e4c37c83
commit dfab57b1d5
2 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/main/java/com/zcloud/config/CORSFilter.java
View File

@ -48,6 +48,11 @@ public class CORSFilter implements Filter {
response.setHeader("x-frame-options","SAMEORIGIN"); // ****
response.setHeader("X-Content-Type-Options","nosniff");
response.setHeader("Content-Security-Policy","default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self';");
// 一公司烯体哦那个系统漏洞修复
response.setHeader("X-XSS-Protection", "1; mode=block");
response.setHeader("X-Permitted-Cross-Domain-Policies", "none");
response.setHeader("Strict-Transport-Security", "max-age=31536000; includeSubDomains; preload");
response.setHeader("Referrer-Policy", "strict-origin-when-cross-origin");
filterChain.doFilter(servletRequest, servletResponse);
// }
}

1
src/main/java/com/zcloud/config/EncodingFilterConfig.java
View File

@ -19,6 +19,7 @@ public class EncodingFilterConfig {
characterEncodingFilter.setForceEncoding(true);
characterEncodingFilter.setEncoding("UTF-8");
registrationBean.setFilter(characterEncodingFilter);
registrationBean.addUrlPatterns("/*");
return registrationBean;
}
}