From 0d4f08b4756ad05b24e544733450c5b71974de58 Mon Sep 17 00:00:00 2001 From: smallchill Date: Thu, 27 Dec 2018 13:53:02 +0800 Subject: [PATCH] =?UTF-8?q?:zap:=20=E6=A0=B9=E6=8D=AEP3C=E4=BC=98=E5=8C=96?= =?UTF-8?q?=E4=BB=A3=E7=A0=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../config/BladeBootAutoConfiguration.java | 2 +- .../core/mp/support/Condition.java | 4 +- .../core/tool/date/SystemClock.java | 94 ---------------- .../tool/support/CaseInsensitiveHashMap.java | 74 ------------ .../core/tool/support/{CMap.java => Kv.java} | 27 ++--- .../xss/{HTMLFilter.java => HtmlFilter.java} | 98 +++++++--------- .../core/tool/support/xss/SQLFilter.java | 56 ---------- .../core/tool/support/xss/SqlFilter.java | 58 ---------- .../xss/XssHttpServletRequestWrapper.java | 4 +- .../org/springblade/core/tool/utils/Func.java | 4 +- .../core/tool/utils/SpringUtil.java | 12 +- .../core/tool/utils/StringPool.java | 105 +++++++++--------- 12 files changed, 124 insertions(+), 414 deletions(-) delete mode 100644 blade-core-tool/src/main/java/org/springblade/core/tool/date/SystemClock.java delete mode 100644 blade-core-tool/src/main/java/org/springblade/core/tool/support/CaseInsensitiveHashMap.java rename blade-core-tool/src/main/java/org/springblade/core/tool/support/{CMap.java => Kv.java} (87%) rename blade-core-tool/src/main/java/org/springblade/core/tool/support/xss/{HTMLFilter.java => HtmlFilter.java} (88%) delete mode 100644 blade-core-tool/src/main/java/org/springblade/core/tool/support/xss/SQLFilter.java delete mode 100644 blade-core-tool/src/main/java/org/springblade/core/tool/support/xss/SqlFilter.java diff --git a/blade-core-boot/src/main/java/org/springblade/core/boot/config/BladeBootAutoConfiguration.java b/blade-core-boot/src/main/java/org/springblade/core/boot/config/BladeBootAutoConfiguration.java index ed71df9..6a5ed8c 100644 --- a/blade-core-boot/src/main/java/org/springblade/core/boot/config/BladeBootAutoConfiguration.java +++ b/blade-core-boot/src/main/java/org/springblade/core/boot/config/BladeBootAutoConfiguration.java @@ -47,7 +47,7 @@ public class BladeBootAutoConfiguration { SystemConstant me = SystemConstant.me(); //设定开发模式 - me.setDevMode((bladeProperties.getEnv().equals("dev") ? true : false)); + me.setDevMode(("dev".equals(bladeProperties.getEnv()))); //设定文件上传远程地址 me.setDomain(bladeProperties.get("upload-domain", "http://localhost:8888")); diff --git a/blade-core-mybatis/src/main/java/org/springblade/core/mp/support/Condition.java b/blade-core-mybatis/src/main/java/org/springblade/core/mp/support/Condition.java index 7dec60a..e5392a4 100644 --- a/blade-core-mybatis/src/main/java/org/springblade/core/mp/support/Condition.java +++ b/blade-core-mybatis/src/main/java/org/springblade/core/mp/support/Condition.java @@ -67,7 +67,9 @@ public class Condition { qw.setEntity(BeanUtil.newInstance(clazz)); if (Func.isNotEmpty(query)) { query.forEach((k, v) -> { - if (Func.isNotEmpty(v)) qw.like(k, v); + if (Func.isNotEmpty(v)) { + qw.like(k, v); + } }); } return qw; diff --git a/blade-core-tool/src/main/java/org/springblade/core/tool/date/SystemClock.java b/blade-core-tool/src/main/java/org/springblade/core/tool/date/SystemClock.java deleted file mode 100644 index 2841904..0000000 --- a/blade-core-tool/src/main/java/org/springblade/core/tool/date/SystemClock.java +++ /dev/null @@ -1,94 +0,0 @@ -package org.springblade.core.tool.date; - -import java.sql.Timestamp; -import java.util.concurrent.Executors; -import java.util.concurrent.ScheduledExecutorService; -import java.util.concurrent.ThreadFactory; -import java.util.concurrent.TimeUnit; - -/** - * 系统时钟
- * 高并发场景下System.currentTimeMillis()的性能问题的优化 - * System.currentTimeMillis()的调用比new一个普通对象要耗时的多(具体耗时高出多少我还没测试过,有人说是100倍左右) - * System.currentTimeMillis()之所以慢是因为去跟系统打了一次交道 - * 后台定时更新时钟,JVM退出时,线程自动回收 - * - * see: http://git.oschina.net/yu120/sequence - * @author lry,looly - */ -public class SystemClock { - - /** 时钟更新间隔,单位毫秒 */ - private final long period; - /** 现在时刻的毫秒数 */ - private volatile long now; - - /** - * 构造 - * @param period - */ - private SystemClock(long period) { - this.period = period; - this.now = System.currentTimeMillis(); - scheduleClockUpdating(); - } - - /** - * 开启计时器线程 - */ - private void scheduleClockUpdating() { - ScheduledExecutorService scheduler = Executors.newSingleThreadScheduledExecutor(new ThreadFactory(){ - @Override - public Thread newThread(Runnable runnable) { - Thread thread = new Thread(runnable, "System Clock"); - thread.setDaemon(true); - return thread; - } - }); - scheduler.scheduleAtFixedRate(new Runnable(){ - @Override - public void run() { - now = System.currentTimeMillis(); - } - }, period, period, TimeUnit.MILLISECONDS); - } - - /** - * @return 当前时间毫秒数 - */ - private long currentTimeMillis() { - return now; - } - - //------------------------------------------------------------------------ static - /** - * 单例 - * @author Looly - * - */ - private static class InstanceHolder { - public static final SystemClock INSTANCE = new SystemClock(1); - } - - /** - * 单例实例 - * @return 单例实例 - */ - private static SystemClock instance() { - return InstanceHolder.INSTANCE; - } - - /** - * @return 当前时间 - */ - public static long now() { - return instance().currentTimeMillis(); - } - - /** - * @return 当前时间字符串表现形式 - */ - public static String nowDate() { - return new Timestamp(instance().currentTimeMillis()).toString(); - } -} diff --git a/blade-core-tool/src/main/java/org/springblade/core/tool/support/CaseInsensitiveHashMap.java b/blade-core-tool/src/main/java/org/springblade/core/tool/support/CaseInsensitiveHashMap.java deleted file mode 100644 index 020065d..0000000 --- a/blade-core-tool/src/main/java/org/springblade/core/tool/support/CaseInsensitiveHashMap.java +++ /dev/null @@ -1,74 +0,0 @@ -/** - * Copyright (c) 2018-2028, Chill Zhuang 庄骞 (smallchill@163.com). - *

- * Licensed under the GNU LESSER GENERAL PUBLIC LICENSE; - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - *

- * http://www.gnu.org/licenses/lgpl.html - *

- * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springblade.core.tool.support; - -import java.util.*; - -/** - * 大小写忽略Map拓展 - * - * @param - * @param - * @author smallchill - */ -public class CaseInsensitiveHashMap extends LinkedHashMap { - - private static final long serialVersionUID = 9178606903603606031L; - - private final Map lowerCaseMap = new HashMap(); - - @Override - public boolean containsKey(Object key) { - Object realKey = lowerCaseMap.get(key.toString().toLowerCase(Locale.ENGLISH)); - return super.containsKey(realKey); - } - - @Override - public Object get(Object key) { - Object realKey = lowerCaseMap.get(key.toString().toLowerCase(Locale.ENGLISH)); - return super.get(realKey); - } - - @Override - public Set keySet() { - return lowerCaseMap.keySet(); - } - - @Override - public Object put(String key, Object value) { - Object oldKey = lowerCaseMap.put(key.toLowerCase(Locale.ENGLISH), key); - Object oldValue = super.remove(oldKey); - super.put(key, value); - return oldValue; - } - - @Override - public void putAll(Map m) { - for (Map.Entry entry : m.entrySet()) { - String key = entry.getKey(); - Object value = entry.getValue(); - this.put(key, value); - } - } - - @Override - public Object remove(Object key) { - Object realKey = lowerCaseMap.remove(key.toString().toLowerCase(Locale.ENGLISH)); - return super.remove(realKey); - } - - -} diff --git a/blade-core-tool/src/main/java/org/springblade/core/tool/support/CMap.java b/blade-core-tool/src/main/java/org/springblade/core/tool/support/Kv.java similarity index 87% rename from blade-core-tool/src/main/java/org/springblade/core/tool/support/CMap.java rename to blade-core-tool/src/main/java/org/springblade/core/tool/support/Kv.java index 58869b9..e85e67f 100644 --- a/blade-core-tool/src/main/java/org/springblade/core/tool/support/CMap.java +++ b/blade-core-tool/src/main/java/org/springblade/core/tool/support/Kv.java @@ -16,6 +16,7 @@ package org.springblade.core.tool.support; import org.springblade.core.tool.utils.Func; +import org.springframework.util.LinkedCaseInsensitiveMap; import java.sql.Time; import java.sql.Timestamp; @@ -27,24 +28,24 @@ import java.util.HashMap; * * @author smallchill */ -public class CMap extends CaseInsensitiveHashMap { +public class Kv extends LinkedCaseInsensitiveMap { - private CMap() { + private Kv() { } /** - * 创建CMap + * 创建Kv * - * @return CMap + * @return Kv */ - public static CMap init() { - return new CMap(); + public static Kv init() { + return new Kv(); } - public static HashMap newHashMap() { - return new HashMap(); + public static HashMap newMap() { + return new HashMap(16); } /** @@ -54,7 +55,7 @@ public class CMap extends CaseInsensitiveHashMap { * @param value 值 * @return 本身 */ - public CMap set(String attr, Object value) { + public Kv set(String attr, Object value) { this.put(attr, value); return this; } @@ -66,7 +67,7 @@ public class CMap extends CaseInsensitiveHashMap { * @param value 值 * @return 本身 */ - public CMap setIgnoreNull(String attr, Object value) { + public Kv setIgnoreNull(String attr, Object value) { if (null != attr && null != value) { set(attr, value); } @@ -117,7 +118,7 @@ public class CMap extends CaseInsensitiveHashMap { * @return 字段值 */ public Long getLong(String attr) { - return Func.toLong(get(attr), -1l); + return Func.toLong(get(attr), -1L); } /** @@ -196,8 +197,8 @@ public class CMap extends CaseInsensitiveHashMap { } @Override - public CMap clone() { - return (CMap) super.clone(); + public Kv clone() { + return (Kv) super.clone(); } } diff --git a/blade-core-tool/src/main/java/org/springblade/core/tool/support/xss/HTMLFilter.java b/blade-core-tool/src/main/java/org/springblade/core/tool/support/xss/HtmlFilter.java similarity index 88% rename from blade-core-tool/src/main/java/org/springblade/core/tool/support/xss/HTMLFilter.java rename to blade-core-tool/src/main/java/org/springblade/core/tool/support/xss/HtmlFilter.java index fa0959b..2393796 100644 --- a/blade-core-tool/src/main/java/org/springblade/core/tool/support/xss/HTMLFilter.java +++ b/blade-core-tool/src/main/java/org/springblade/core/tool/support/xss/HtmlFilter.java @@ -1,5 +1,7 @@ package org.springblade.core.tool.support.xss; +import org.springblade.core.tool.utils.StringPool; + import java.util.*; import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.ConcurrentMap; @@ -27,7 +29,7 @@ import java.util.regex.Pattern; *

* Sample use: * String input = ... - * String clean = new HTMLFilter().filter( input ); + * String clean = new HtmlFilter().filter( input ); *

* The class is not thread safe. Create a new instance if in doubt. *

@@ -39,7 +41,7 @@ import java.util.regex.Pattern; * @author Cal Hendersen * @author Michael Semb Wever */ -public final class HTMLFilter { +public final class HtmlFilter { /** * regex flag union representing /si modifiers in php @@ -69,7 +71,7 @@ public final class HTMLFilter { private static final Pattern P_RIGHT_ARROW = Pattern.compile(">"); private static final Pattern P_BOTH_ARROWS = Pattern.compile("<>"); - // @xxx could grow large... maybe use sesat's ReferenceMap + private static final ConcurrentMap P_REMOVE_PAIR_BLANKS = new ConcurrentHashMap(); private static final ConcurrentMap P_REMOVE_SELF_BLANKS = new ConcurrentHashMap(); @@ -126,31 +128,31 @@ public final class HTMLFilter { /** * Default constructor. */ - public HTMLFilter() { + public HtmlFilter() { vAllowed = new HashMap<>(); - final ArrayList a_atts = new ArrayList(); - a_atts.add("href"); - a_atts.add("target"); - vAllowed.put("a", a_atts); + final ArrayList aAtts = new ArrayList(); + aAtts.add("href"); + aAtts.add("target"); + vAllowed.put("a", aAtts); - final ArrayList img_atts = new ArrayList(); - img_atts.add("src"); - img_atts.add("width"); - img_atts.add("height"); - img_atts.add("alt"); - vAllowed.put("img", img_atts); + final ArrayList imgAtts = new ArrayList(); + imgAtts.add("src"); + imgAtts.add("width"); + imgAtts.add("height"); + imgAtts.add("alt"); + vAllowed.put("img", imgAtts); - final ArrayList no_atts = new ArrayList(); - vAllowed.put("b", no_atts); - vAllowed.put("strong", no_atts); - vAllowed.put("i", no_atts); - vAllowed.put("em", no_atts); + final ArrayList noAtts = new ArrayList(); + vAllowed.put("b", noAtts); + vAllowed.put("strong", noAtts); + vAllowed.put("i", noAtts); + vAllowed.put("em", noAtts); vSelfClosingTags = new String[]{"img"}; vNeedClosingTags = new String[]{"a", "b", "strong", "i", "em"}; vDisallowed = new String[]{}; - vAllowedProtocols = new String[]{"http", "mailto", "https"}; // no ftp. + vAllowedProtocols = new String[]{"http", "mailto", "https"}; vProtocolAtts = new String[]{"src", "href"}; vRemoveBlanks = new String[]{"a", "b", "strong", "i", "em"}; vAllowedEntities = new String[]{"amp", "gt", "lt", "quot"}; @@ -164,7 +166,7 @@ public final class HTMLFilter { * * @param debug turn debug on with a true argument */ - public HTMLFilter(final boolean debug) { + public HtmlFilter(final boolean debug) { this(); vDebug = debug; @@ -175,7 +177,7 @@ public final class HTMLFilter { * * @param conf map containing configuration. keys match field names. */ - public HTMLFilter(final Map conf) { + public HtmlFilter(final Map conf) { assert conf.containsKey("vAllowed") : "configuration requires vAllowed"; assert conf.containsKey("vSelfClosingTags") : "configuration requires vSelfClosingTags"; @@ -209,8 +211,6 @@ public final class HTMLFilter { } } - //--------------------------------------------------------------- - // my versions of some PHP library functions public static String chr(final int decimal) { return String.valueOf((char) decimal); } @@ -271,7 +271,7 @@ public final class HTMLFilter { final Matcher m = P_COMMENTS.matcher(s); final StringBuffer buf = new StringBuffer(); if (m.find()) { - final String match = m.group(1); //(.*?) + final String match = m.group(1); m.appendReplacement(buf, Matcher.quoteReplacement("")); } m.appendTail(buf); @@ -346,13 +346,12 @@ public final class HTMLFilter { return result; } - private static String regexReplace(final Pattern regex_pattern, final String replacement, final String s) { - Matcher m = regex_pattern.matcher(s); + private static String regexReplace(final Pattern regexPattern, final String replacement, final String s) { + Matcher m = regexPattern.matcher(s); return m.replaceAll(replacement); } private String processTag(final String s) { - // ending tags Matcher m = P_END_TAG.matcher(s); if (m.find()) { final String name = m.group(1).toLowerCase(); @@ -365,40 +364,29 @@ public final class HTMLFilter { } } } - - // starting tags m = P_START_TAG.matcher(s); if (m.find()) { final String name = m.group(1).toLowerCase(); final String body = m.group(2); String ending = m.group(3); - - //debug( "in a starting tag, name='" + name + "'; body='" + body + "'; ending='" + ending + "'" ); if (allowed(name)) { String params = ""; - final Matcher m2 = P_QUOTED_ATTRIBUTES.matcher(body); final Matcher m3 = P_UNQUOTED_ATTRIBUTES.matcher(body); final List paramNames = new ArrayList(); final List paramValues = new ArrayList(); while (m2.find()) { - paramNames.add(m2.group(1)); //([a-z0-9]+) - paramValues.add(m2.group(3)); //(.*?) + paramNames.add(m2.group(1)); + paramValues.add(m2.group(3)); } while (m3.find()) { - paramNames.add(m3.group(1)); //([a-z0-9]+) - paramValues.add(m3.group(3)); //([^\"\\s']+) + paramNames.add(m3.group(1)); + paramValues.add(m3.group(3)); } - String paramName, paramValue; for (int ii = 0; ii < paramNames.size(); ii++) { paramName = paramNames.get(ii).toLowerCase(); paramValue = paramValues.get(ii); - -// debug( "paramName='" + paramName + "'" ); -// debug( "paramValue='" + paramValue + "'" ); -// debug( "allowed? " + vAllowed.get( name ).contains( paramName ) ); - if (allowedAttribute(name, paramName)) { if (inArray(paramName, vProtocolAtts)) { paramValue = processParamProtocol(paramValue); @@ -406,15 +394,12 @@ public final class HTMLFilter { params += " " + paramName + "=\"" + paramValue + "\""; } } - if (inArray(name, vSelfClosingTags)) { ending = " /"; } - if (inArray(name, vNeedClosingTags)) { ending = ""; } - if (ending == null || ending.length() < 1) { if (vTagCounts.containsKey(name)) { vTagCounts.put(name, vTagCounts.get(name) + 1); @@ -429,13 +414,10 @@ public final class HTMLFilter { return ""; } } - - // comments m = P_COMMENT.matcher(s); if (!stripComment && m.find()) { return "<" + m.group() + ">"; } - return ""; } @@ -446,9 +428,9 @@ public final class HTMLFilter { final String protocol = m.group(1); if (!inArray(protocol, vAllowedProtocols)) { // bad protocol, turn into local anchor link instead - s = "#" + s.substring(protocol.length() + 1, s.length()); - if (s.startsWith("#//")) { - s = "#" + s.substring(3, s.length()); + s = "#" + s.substring(protocol.length() + 1); + if (s.startsWith(StringPool.DOUBLE_SLASH)) { + s = "#" + s.substring(3); } } } @@ -462,7 +444,7 @@ public final class HTMLFilter { Matcher m = P_ENTITY.matcher(s); while (m.find()) { final String match = m.group(1); - final int decimal = Integer.decode(match).intValue(); + final int decimal = Integer.decode(match); m.appendReplacement(buf, Matcher.quoteReplacement(chr(decimal))); } m.appendTail(buf); @@ -498,8 +480,8 @@ public final class HTMLFilter { // validate entities throughout the string Matcher m = P_VALID_ENTITIES.matcher(s); while (m.find()) { - final String one = m.group(1); //([^&;]*) - final String two = m.group(2); //(?=(;|&|$)) + final String one = m.group(1); + final String two = m.group(2); m.appendReplacement(buf, Matcher.quoteReplacement(checkEntity(one, two))); } m.appendTail(buf); @@ -512,9 +494,9 @@ public final class HTMLFilter { StringBuffer buf = new StringBuffer(); Matcher m = P_VALID_QUOTES.matcher(s); while (m.find()) { - final String one = m.group(1); //(>|^) - final String two = m.group(2); //([^<]+?) - final String three = m.group(3); //(<|$) + final String one = m.group(1); + final String two = m.group(2); + final String three = m.group(3); m.appendReplacement(buf, Matcher.quoteReplacement(one + regexReplace(P_QUOTE, """, two) + three)); } m.appendTail(buf); diff --git a/blade-core-tool/src/main/java/org/springblade/core/tool/support/xss/SQLFilter.java b/blade-core-tool/src/main/java/org/springblade/core/tool/support/xss/SQLFilter.java deleted file mode 100644 index 0e0a1f8..0000000 --- a/blade-core-tool/src/main/java/org/springblade/core/tool/support/xss/SQLFilter.java +++ /dev/null @@ -1,56 +0,0 @@ -/** - * Copyright (c) 2018-2028, Chill Zhuang 庄骞 (smallchill@163.com). - *

- * Licensed under the GNU LESSER GENERAL PUBLIC LICENSE; - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - *

- * http://www.gnu.org/licenses/lgpl.html - *

- * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springblade.core.tool.support.xss; - - -import org.springblade.core.tool.utils.StringUtil; - -/** - * SQL过滤 - */ -public class SQLFilter { - - /** - * SQL注入过滤 - * - * @param str 待验证的字符串 - */ - public static String sqlInject(String str) { - if (StringUtil.isBlank(str)) { - return null; - } - //去掉'|"|;|\字符 - str = str.replace("'", ""); - str = str.replace("\"", ""); - str = str.replace(";", ""); - str = str.replace("\\", ""); - - //转换成小写 - str = str.toLowerCase(); - - //非法字符 - String[] keywords = {"master", "truncate", "insert", "select", "delete", "update", "declare", "alert", "drop"}; - - //判断是否包含非法字符 - for (String keyword : keywords) { - if (str.indexOf(keyword) != -1) { - throw new RuntimeException("包含非法字符"); - } - } - - return str; - } -} diff --git a/blade-core-tool/src/main/java/org/springblade/core/tool/support/xss/SqlFilter.java b/blade-core-tool/src/main/java/org/springblade/core/tool/support/xss/SqlFilter.java deleted file mode 100644 index d18cbcb..0000000 --- a/blade-core-tool/src/main/java/org/springblade/core/tool/support/xss/SqlFilter.java +++ /dev/null @@ -1,58 +0,0 @@ -/** - * Copyright (c) 2018-2028, Chill Zhuang 庄骞 (smallchill@163.com). - *

- * Licensed under the GNU LESSER GENERAL PUBLIC LICENSE; - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - *

- * http://www.gnu.org/licenses/lgpl.html - *

- * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springblade.core.tool.support.xss; - - -import org.springblade.core.tool.utils.StringUtil; - -/** - * SQL过滤 - * - * @author smallchill - */ -public class SqlFilter { - - /** - * SQL注入过滤 - * - * @param str 待验证的字符串 - */ - public static String sqlInject(String str) { - if (StringUtil.isBlank(str)) { - return null; - } - //去掉'|"|;|\字符 - str = str.replace("'", ""); - str = str.replace("\"", ""); - str = str.replace(";", ""); - str = str.replace("\\", ""); - - //转换成小写 - str = str.toLowerCase(); - - //非法字符 - String[] keywords = {"master", "truncate", "insert", "select", "delete", "update", "declare", "alert", "drop"}; - - //判断是否包含非法字符 - for (String keyword : keywords) { - if (str.indexOf(keyword) != -1) { - throw new RuntimeException("包含非法字符"); - } - } - - return str; - } -} diff --git a/blade-core-tool/src/main/java/org/springblade/core/tool/support/xss/XssHttpServletRequestWrapper.java b/blade-core-tool/src/main/java/org/springblade/core/tool/support/xss/XssHttpServletRequestWrapper.java index 8c25155..933c46d 100644 --- a/blade-core-tool/src/main/java/org/springblade/core/tool/support/xss/XssHttpServletRequestWrapper.java +++ b/blade-core-tool/src/main/java/org/springblade/core/tool/support/xss/XssHttpServletRequestWrapper.java @@ -47,7 +47,7 @@ public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper { /** * html过滤 */ - private final static HTMLFilter htmlFilter = new HTMLFilter(); + private final static HtmlFilter HTML_FILTER = new HtmlFilter(); /** * 缓存报文,支持多次读取流 @@ -160,7 +160,7 @@ public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper { } private String xssEncode(String input) { - return htmlFilter.filter(input); + return HTML_FILTER.filter(input); } /** diff --git a/blade-core-tool/src/main/java/org/springblade/core/tool/utils/Func.java b/blade-core-tool/src/main/java/org/springblade/core/tool/utils/Func.java index 3330ba1..3c95f46 100644 --- a/blade-core-tool/src/main/java/org/springblade/core/tool/utils/Func.java +++ b/blade-core-tool/src/main/java/org/springblade/core/tool/utils/Func.java @@ -447,7 +447,7 @@ public class Func { * @param defaultValue the default value * @return the int represented by the string, or the default if conversion fails */ - public static int toInt(@Nullable final Object value, final int defaultValue) { + public static int toInt(final Object value, final int defaultValue) { return NumberUtil.toInt(String.valueOf(value), defaultValue); } @@ -487,7 +487,7 @@ public class Func { * @param defaultValue the default value * @return the long represented by the string, or the default if conversion fails */ - public static long toLong(@Nullable final Object value, final long defaultValue) { + public static long toLong(final Object value, final long defaultValue) { return NumberUtil.toLong(String.valueOf(value), defaultValue); } diff --git a/blade-core-tool/src/main/java/org/springblade/core/tool/utils/SpringUtil.java b/blade-core-tool/src/main/java/org/springblade/core/tool/utils/SpringUtil.java index 21c285e..167f2d4 100644 --- a/blade-core-tool/src/main/java/org/springblade/core/tool/utils/SpringUtil.java +++ b/blade-core-tool/src/main/java/org/springblade/core/tool/utils/SpringUtil.java @@ -54,17 +54,23 @@ public class SpringUtil implements ApplicationContextAware { if (null == beanName || "".equals(beanName.trim())) { return null; } - if (clazz == null) return null; + if (clazz == null) { + return null; + } return (T) context.getBean(beanName, clazz); } public static ApplicationContext getContext() { - if (context == null) return null; + if (context == null) { + return null; + } return context; } public static void publishEvent(ApplicationEvent event) { - if (context == null) return; + if (context == null) { + return; + } try { context.publishEvent(event); } catch (Exception ex) { diff --git a/blade-core-tool/src/main/java/org/springblade/core/tool/utils/StringPool.java b/blade-core-tool/src/main/java/org/springblade/core/tool/utils/StringPool.java index 59a568d..440828b 100644 --- a/blade-core-tool/src/main/java/org/springblade/core/tool/utils/StringPool.java +++ b/blade-core-tool/src/main/java/org/springblade/core/tool/utils/StringPool.java @@ -22,60 +22,61 @@ package org.springblade.core.tool.utils; */ public interface StringPool { - String AMPERSAND = "&"; - String AND = "and"; - String AT = "@"; - String ASTERISK = "*"; - String STAR = ASTERISK; - char SLASH = '/'; - char BACK_SLASH = '\\'; - String COLON = ":"; - String COMMA = ","; - String DASH = "-"; - String DOLLAR = "$"; - String DOT = "."; - String EMPTY = ""; + String AMPERSAND = "&"; + String AND = "and"; + String AT = "@"; + String ASTERISK = "*"; + String STAR = ASTERISK; + char SLASH = '/'; + char BACK_SLASH = '\\'; + String DOUBLE_SLASH = "#//"; + String COLON = ":"; + String COMMA = ","; + String DASH = "-"; + String DOLLAR = "$"; + String DOT = "."; + String EMPTY = ""; String EMPTY_JSON = "{}"; - String EQUALS = "="; - String FALSE = "false"; - String HASH = "#"; - String HAT = "^"; - String LEFT_BRACE = "{"; - String LEFT_BRACKET = "("; - String LEFT_CHEV = "<"; - String NEWLINE = "\n"; - String N = "n"; - String NO = "no"; - String NULL = "null"; - String OFF = "off"; - String ON = "on"; - String PERCENT = "%"; - String PIPE = "|"; - String PLUS = "+"; - String QUESTION_MARK = "?"; - String EXCLAMATION_MARK = "!"; - String QUOTE = "\""; - String RETURN = "\r"; - String TAB = "\t"; - String RIGHT_BRACE = "}"; - String RIGHT_BRACKET = ")"; - String RIGHT_CHEV = ">"; - String SEMICOLON = ";"; - String SINGLE_QUOTE = "'"; - String BACKTICK = "`"; - String SPACE = " "; - String TILDA = "~"; - String LEFT_SQ_BRACKET = "["; - String RIGHT_SQ_BRACKET = "]"; - String TRUE = "true"; - String UNDERSCORE = "_"; - String UTF_8 = "UTF-8"; - String GBK = "GBK"; + String EQUALS = "="; + String FALSE = "false"; + String HASH = "#"; + String HAT = "^"; + String LEFT_BRACE = "{"; + String LEFT_BRACKET = "("; + String LEFT_CHEV = "<"; + String NEWLINE = "\n"; + String N = "n"; + String NO = "no"; + String NULL = "null"; + String OFF = "off"; + String ON = "on"; + String PERCENT = "%"; + String PIPE = "|"; + String PLUS = "+"; + String QUESTION_MARK = "?"; + String EXCLAMATION_MARK = "!"; + String QUOTE = "\""; + String RETURN = "\r"; + String TAB = "\t"; + String RIGHT_BRACE = "}"; + String RIGHT_BRACKET = ")"; + String RIGHT_CHEV = ">"; + String SEMICOLON = ";"; + String SINGLE_QUOTE = "'"; + String BACKTICK = "`"; + String SPACE = " "; + String TILDA = "~"; + String LEFT_SQ_BRACKET = "["; + String RIGHT_SQ_BRACKET = "]"; + String TRUE = "true"; + String UNDERSCORE = "_"; + String UTF_8 = "UTF-8"; + String GBK = "GBK"; String ISO_8859_1 = "ISO-8859-1"; - String Y = "y"; - String YES = "yes"; - String ONE = "1"; - String ZERO = "0"; + String Y = "y"; + String YES = "yes"; + String ONE = "1"; + String ZERO = "0"; String DOLLAR_LEFT_BRACE= "${"; }