Merge branch 'refs/heads/liujun-2024-05-23-接口漏洞修复' into dev

pet-图片单独上传接口-2024.8.28-徐绎丰
water_xu 2024-07-31 16:40:42 +08:00
commit f05613efad
2 changed files with 7 additions and 1 deletions

View File

@ -48,6 +48,11 @@ public class CORSFilter implements Filter {
response.setHeader("x-frame-options","SAMEORIGIN"); // **** response.setHeader("x-frame-options","SAMEORIGIN"); // ****
response.setHeader("X-Content-Type-Options","nosniff"); response.setHeader("X-Content-Type-Options","nosniff");
response.setHeader("Content-Security-Policy","default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self';"); response.setHeader("Content-Security-Policy","default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self';");
// 一公司烯体哦那个系统漏洞修复
response.setHeader("X-XSS-Protection", "1; mode=block");
response.setHeader("X-Permitted-Cross-Domain-Policies", "none");
response.setHeader("Strict-Transport-Security", "max-age=31536000; includeSubDomains; preload");
response.setHeader("Referrer-Policy", "strict-origin-when-cross-origin");
filterChain.doFilter(servletRequest, servletResponse); filterChain.doFilter(servletRequest, servletResponse);
// } // }
} }

View File

@ -19,6 +19,7 @@ public class EncodingFilterConfig {
characterEncodingFilter.setForceEncoding(true); characterEncodingFilter.setForceEncoding(true);
characterEncodingFilter.setEncoding("UTF-8"); characterEncodingFilter.setEncoding("UTF-8");
registrationBean.setFilter(characterEncodingFilter); registrationBean.setFilter(characterEncodingFilter);
registrationBean.addUrlPatterns("/*");
return registrationBean; return registrationBean;
} }
} }