支持配置XSS跨站脚本过滤

2021-07-28 13:05:18 +08:00 · 2021-07-28 13:05:18 +08:00 · 00fa1c3158
parent 04edd66199
commit 00fa1c3158
1 changed files with 2 additions and 0 deletions
--- a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/XssFilter.java
+++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/XssFilter.java
@ -2,6 +2,7 @@ package com.ruoyi.gateway.filter;

 import java.nio.charset.StandardCharsets;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.cloud.gateway.filter.GatewayFilterChain;
 import org.springframework.cloud.gateway.filter.GlobalFilter;
 import org.springframework.core.Ordered;
@ -27,6 +28,7 @@ import reactor.core.publisher.Mono;
 * @author ruoyi
 */
@Component
+@ConditionalOnProperty(value = "security.xss.enabled", havingValue = "true")
 public class XssFilter implements GlobalFilter, Ordered
 {
    // 跨站脚本的 xss 配置，nacos自行添加