[英]Java / Spring - Securing a Parameter ( Pathvariable )
Is there a common way to secure a pathvariable? 有保护路径变量的通用方法吗?
@RequestMapping("/image/{id}")
public String getArticleImageUrl(@PathVariable String id) {
....
I mean remove unusual content eg javascript or other security issue related things to prevent "hacking" or abusive use? 我的意思是删除异常内容,例如javascript或其他与安全问题相关的内容,以防止“黑客入侵”或滥用?
What is secure depends on what you want to use the input for. 安全性取决于您要使用输入的内容。 Bottom line: You should take the same care with these kinds of parameters as any other parameter you would accept from the outside into the system, eg: 底线:您应该像对待外部要接受的其他任何参数一样,小心对待这些类型的参数,例如:
"Washing" the input from unwanted characters is possible but, as always: tricky and depending on what the data will be used for. 可以“清洗”来自不需要的字符的输入,但是,一如既往:棘手并取决于数据将用于什么目的。
Nvm. NVM。 I used a regex to check if this String is alphanumeric. 我使用了正则表达式来检查此字符串是否为字母数字。 ( ^[\\\\pL\\\\pN]+$
) Should be enough. ( ^[\\\\pL\\\\pN]+$
)应该足够了。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.