Home Esplora Aiuto
Registrati Accedi
hanzhiwei
/
zd-parents-v2
Segui 1
Vota 0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Sfoglia il codice sorgente

索引异味处理

hanzhiwei 2 anni fa
parent
2601e848b3
commit
3a96ac6d31
3 ha cambiato i file con 115 aggiunte e 1 eliminazioni
Visualizzazione unificata Mostra Diff Stats
  1. 87 0
      zd-gateway/src/main/java/com/zd/gateway/filter/RefererFilter.java
  2. 25 0
      zd-gateway/src/main/java/com/zd/gateway/filter/RefererProperty.java
  3. 3 1
      zd-modules/zd-modules-laboratory/src/main/java/com/zd/laboratory/service/impl/LabAudioSynthesisServiceImpl.java

+ 87 - 0
zd-gateway/src/main/java/com/zd/gateway/filter/RefererFilter.java
Vedi File 

@@ -0,0 +1,87 @@
 
+package com.zd.gateway.filter;
 
+
 
+import cn.hutool.core.util.StrUtil;
 
+import cn.hutool.json.JSONUtil;
 
+import com.zd.model.domain.ResultData;
 
+import org.springframework.stereotype.Component;
 
+import org.springframework.util.AntPathMatcher;
 
+import org.springframework.util.CollectionUtils;
 
+import org.springframework.util.PathMatcher;
 
+
 
+import javax.annotation.Resource;
 
+import javax.servlet.*;
 
+import javax.servlet.annotation.WebFilter;
 
+import javax.servlet.http.HttpServletRequest;
 
+import javax.servlet.http.HttpServletResponse;
 
+import java.io.IOException;
 
+import java.io.PrintWriter;
 
+import java.nio.charset.StandardCharsets;
 
+import java.util.List;
 
+
 
+/**
 
+ * @author Hey, rog
 
+ * @version V1.0
 
+ * @since 2023/1/11 15:12
 
+ */
 
+@Component
 
+@WebFilter(filterName = "refererFilter", urlPatterns = "/")
 
+public class RefererFilter implements Filter {
 
+
 
+    @Resource
 
+    private RefererProperty refererProperty;
 
+
 
+    private static PathMatcher pathMatcher = new AntPathMatcher();
 
+
 
+    @Override
 
+    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
 
+            throws IOException, ServletException {
 
+        HttpServletRequest request = (HttpServletRequest) servletRequest;
 
+        HttpServletResponse response = (HttpServletResponse) servletResponse;
 
+
 
+        // 检测地址是否在白名单,若在直接放过
 
+        if (isBlank(request)) {
 
+            filterChain.doFilter(servletRequest, servletResponse);
 
+            return;
 
+        }
 
+
 
+        // 启用了Refer检测且不存在配置站点直接拦截
 
+        if (refererProperty.getEnabled() && !existsReferer(request)) {
 
+            response.setCharacterEncoding(StandardCharsets.UTF_8.name());
 
+            response.setContentType("application/json;charset=UTF-8");
 
+            try (PrintWriter writer = response.getWriter()) {
 
+                writer.write(JSONUtil.toJsonStr(ResultData.fail("非法访问")));
 
+            }
 
+            return;
 
+        }
 
+        filterChain.doFilter(request, response);
 
+    }
 
+
 
+    /**
 
+     * 是否存在支持跨站点配置地址,存在true、不存在false
 
+     */
 
+    private boolean existsReferer(HttpServletRequest request) {
 
+        String referer = request.getHeader("Referer");
 
+        if (StrUtil.isBlank(referer)) {
 
+            return false;
 
+        }
 
+        List<String> allows = this.refererProperty.getExcludes();
 
+        if (!CollectionUtils.isEmpty(allows)) {
 
+            return allows.stream().anyMatch(url -> referer.contains(url));
 
+        }
 
+        return false;
 
+    }
 
+
 
+    /**
 
+     * 是否存在白名单
 
+     */
 
+    private boolean isBlank(HttpServletRequest request) {
 
+        String path = request.getServletPath();
 
+        List<String> excludes = refererProperty.getIncludes();
 
+        for (String exclude : excludes) {
 
+            if (pathMatcher.match(exclude, path)) {
 
+                return true;
 
+            }
 
+        }
 
+        return false;
 
+    }
 
+}

+ 25 - 0
zd-gateway/src/main/java/com/zd/gateway/filter/RefererProperty.java
Vedi File 

@@ -0,0 +1,25 @@
 
+package com.zd.gateway.filter;
 
+
 
+import lombok.Data;
 
+import org.springframework.boot.context.properties.ConfigurationProperties;
 
+import org.springframework.context.annotation.Configuration;
 
+
 
+import java.util.List;
 
+
 
+@Data
 
+@Configuration
 
+@ConfigurationProperties(prefix = "security.csrf")
 
+public class RefererProperty {
 
+    /**
 
+     * 是否启用referer检查
 
+     */
 
+    private Boolean enabled;
 
+    /**
 
+     * 支持跨站点列表
 
+     */
 
+    private List<String> excludes;
 
+    /**
 
+     * 访问地址白名单,常用来配置swagger或一些静态资源配置
 
+     */
 
+    private List<String> includes;
 
+}

+ 3 - 1
zd-modules/zd-modules-laboratory/src/main/java/com/zd/laboratory/service/impl/LabAudioSynthesisServiceImpl.java
Vedi File 

@@ -81,7 +81,9 @@ public class LabAudioSynthesisServiceImpl implements ILabAudioSynthesisService
 
         //通过配置加载文件域名
 
         //通过配置加载文件域名
 
         String url = fileConfigUtils.getFileDomainApp();
 
         String url = fileConfigUtils.getFileDomainApp();
 
         String newMusic = java.util.UUID.randomUUID()+".mp3";
 
         String newMusic = java.util.UUID.randomUUID()+".mp3";
 
-        String localFilePath = "/home/upload"+labAudioSynthesis.getMusicUrl().substring(labAudioSynthesis.getMusicUrl().substring(1).indexOf("/")+1,labAudioSynthesis.getMusicUrl().substring(1).indexOf("/")+13)+newMusic;
 
+        String substring = labAudioSynthesis.getMusicUrl().substring(1);
 
+        int index = substring.indexOf("/");
 
+        String localFilePath = "/home/upload"+labAudioSynthesis.getMusicUrl().substring(index+1,index+13)+newMusic;
 
 
 
         labAudioSynthesis.setMusicUrl(url+labAudioSynthesis.getMusicUrl());
 
         labAudioSynthesis.setMusicUrl(url+labAudioSynthesis.getMusicUrl());
 
         labAudioSynthesis.setBgmusicUrl(url+labAudioSynthesis.getBgmusicUrl());
 
         labAudioSynthesis.setBgmusicUrl(url+labAudioSynthesis.getBgmusicUrl());