From 16d8b71e21dc7298b30f46bf264cd9b3589a6978 Mon Sep 17 00:00:00 2001
From: who's hu <hup_dev@outlook.com>
Date: Tue, 22 Aug 2023 17:25:19 +0800
Subject: [PATCH] update ruoyi-ui/src/permission.js. 由于重定向url存在 http://xxx.xx.xxx/{id}?param={a}&name={b} 的场景, 当未登录访问时, 通过改js封装登录后重定向参数, 会丢失?后的query params 如: 访问 http://localhost:1024/core/doc/doc?id=1683734914907807745&version=31 期望 http://localhost:1024/login?redirect=%2Fcore%2Fdoc%2Fdoc%3Fid%3D1683734914907807745%26version%3D31 实际通过 to.fullPath 封装后 获得 http://localhost:1024/login?redirect=%2Fcore%2Fdoc%2Fdoc%3Fid%3D1683734914907807745&version=31
---
ruoyi-common/src/main/java/com/ruoyi/common/utils/sql/SqlUtil.java | 15 ++++++++++++---
1 files changed, 12 insertions(+), 3 deletions(-)
diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/utils/sql/SqlUtil.java b/ruoyi-common/src/main/java/com/ruoyi/common/utils/sql/SqlUtil.java
index 71a7ae1..9f40118 100644
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/sql/SqlUtil.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/sql/SqlUtil.java
@@ -13,12 +13,17 @@
/**
* 定义常用的 sql关键字
*/
- public static String SQL_REGEX = "select |insert |delete |update |drop |count |exec |chr |mid |master |truncate |char |and |declare ";
+ public static String SQL_REGEX = "and |extractvalue|updatexml|exec |insert |select |delete |update |drop |count |chr |mid |master |truncate |char |declare |or |+|user()";
/**
* 仅支持字母、数字、下划线、空格、逗号、小数点(支持多个字段排序)
*/
public static String SQL_PATTERN = "[a-zA-Z0-9_\\ \\,\\.]+";
+
+ /**
+ * 限制orderBy最大长度
+ */
+ private static final int ORDER_BY_MAX_LENGTH = 500;
/**
* 检查字符,防止注入绕过
@@ -28,6 +33,10 @@
if (StringUtils.isNotEmpty(value) && !isValidOrderBySql(value))
{
throw new UtilException("参数不符合规范,不能进行查询");
+ }
+ if (StringUtils.length(value) > ORDER_BY_MAX_LENGTH)
+ {
+ throw new UtilException("参数已超过最大限制,不能进行查询");
}
return value;
}
@@ -50,9 +59,9 @@
return;
}
String[] sqlKeywords = StringUtils.split(SQL_REGEX, "\\|");
- for (int i = 0; i < sqlKeywords.length; i++)
+ for (String sqlKeyword : sqlKeywords)
{
- if (StringUtils.indexOfIgnoreCase(value, sqlKeywords[i]) > -1)
+ if (StringUtils.indexOfIgnoreCase(value, sqlKeyword) > -1)
{
throw new UtilException("参数存在SQL注入风险");
}
--
Gitblit v1.9.2