package org.ruoyi.common.web.config; import jakarta.servlet.DispatcherType; import org.ruoyi.common.core.utils.StringUtils; import org.ruoyi.common.web.config.properties.XssProperties; import org.ruoyi.common.web.filter.RepeatableFilter; import org.ruoyi.common.web.filter.XssFilter; import org.springframework.boot.autoconfigure.AutoConfiguration; import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; import org.springframework.boot.context.properties.EnableConfigurationProperties; import org.springframework.boot.web.servlet.FilterRegistrationBean; import org.springframework.context.annotation.Bean; import java.util.HashMap; import java.util.Map; /** * Filter配置 * * @author Lion Li */ @AutoConfiguration @EnableConfigurationProperties(XssProperties.class) public class FilterConfig { @SuppressWarnings({"rawtypes", "unchecked"}) @Bean @ConditionalOnProperty(value = "xss.enabled", havingValue = "true") public FilterRegistrationBean xssFilterRegistration(XssProperties xssProperties) { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setDispatcherTypes(DispatcherType.REQUEST); registration.setFilter(new XssFilter()); registration.addUrlPatterns(StringUtils.split(xssProperties.getUrlPatterns(), StringUtils.SEPARATOR)); registration.setName("xssFilter"); registration.setOrder(FilterRegistrationBean.HIGHEST_PRECEDENCE); Map initParameters = new HashMap<>(); initParameters.put("excludes", xssProperties.getExcludes()); registration.setInitParameters(initParameters); return registration; } @SuppressWarnings({"rawtypes", "unchecked"}) @Bean public FilterRegistrationBean someFilterRegistration() { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(new RepeatableFilter()); registration.addUrlPatterns("/*"); registration.setName("repeatableFilter"); registration.setOrder(FilterRegistrationBean.LOWEST_PRECEDENCE); return registration; } }