Merge branch 'refs/heads/liujun-2024-05-23-接口漏洞修复' into dev
commit
f05613efad
|
@ -48,7 +48,12 @@ public class CORSFilter implements Filter {
|
||||||
response.setHeader("x-frame-options","SAMEORIGIN"); // ****
|
response.setHeader("x-frame-options","SAMEORIGIN"); // ****
|
||||||
response.setHeader("X-Content-Type-Options","nosniff");
|
response.setHeader("X-Content-Type-Options","nosniff");
|
||||||
response.setHeader("Content-Security-Policy","default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self';");
|
response.setHeader("Content-Security-Policy","default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self';");
|
||||||
filterChain.doFilter(servletRequest, servletResponse);
|
// 一公司烯体哦那个系统漏洞修复
|
||||||
|
response.setHeader("X-XSS-Protection", "1; mode=block");
|
||||||
|
response.setHeader("X-Permitted-Cross-Domain-Policies", "none");
|
||||||
|
response.setHeader("Strict-Transport-Security", "max-age=31536000; includeSubDomains; preload");
|
||||||
|
response.setHeader("Referrer-Policy", "strict-origin-when-cross-origin");
|
||||||
|
filterChain.doFilter(servletRequest, servletResponse);
|
||||||
// }
|
// }
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -19,6 +19,7 @@ public class EncodingFilterConfig {
|
||||||
characterEncodingFilter.setForceEncoding(true);
|
characterEncodingFilter.setForceEncoding(true);
|
||||||
characterEncodingFilter.setEncoding("UTF-8");
|
characterEncodingFilter.setEncoding("UTF-8");
|
||||||
registrationBean.setFilter(characterEncodingFilter);
|
registrationBean.setFilter(characterEncodingFilter);
|
||||||
|
registrationBean.addUrlPatterns("/*");
|
||||||
return registrationBean;
|
return registrationBean;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue