通过在Java项目中添加一个过滤器类对跨脚本攻击漏洞进行修复,具体方法如下:
public class XssFilter implements Filter {
@Override
public void destroy() {
}
/**
* 过滤器用来过滤的方法
*/
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
//包装request
XssHttpServletRequestWrapper xssRequest = new XssHttpServletRequestWrapper((HttpServletRequest) request);
chain.doFilter(xssRequest, response);
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
}