Merge branch 'refs/heads/liujun-2024-05-23-接口漏洞修复' into dev
commit
f05613efad
|
@ -48,6 +48,11 @@ public class CORSFilter implements Filter {
|
|||
response.setHeader("x-frame-options","SAMEORIGIN"); // ****
|
||||
response.setHeader("X-Content-Type-Options","nosniff");
|
||||
response.setHeader("Content-Security-Policy","default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self';");
|
||||
// 一公司烯体哦那个系统漏洞修复
|
||||
response.setHeader("X-XSS-Protection", "1; mode=block");
|
||||
response.setHeader("X-Permitted-Cross-Domain-Policies", "none");
|
||||
response.setHeader("Strict-Transport-Security", "max-age=31536000; includeSubDomains; preload");
|
||||
response.setHeader("Referrer-Policy", "strict-origin-when-cross-origin");
|
||||
filterChain.doFilter(servletRequest, servletResponse);
|
||||
// }
|
||||
}
|
||||
|
|
|
@ -19,6 +19,7 @@ public class EncodingFilterConfig {
|
|||
characterEncodingFilter.setForceEncoding(true);
|
||||
characterEncodingFilter.setEncoding("UTF-8");
|
||||
registrationBean.setFilter(characterEncodingFilter);
|
||||
registrationBean.addUrlPatterns("/*");
|
||||
return registrationBean;
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue