Problem Description:
This vulnerability is caused by the fact that the attributes are not corresponding when the front-end parameters are passed to the back-end
solution:
There are three solutions:
1. The entity corresponding to the background needs to have set/get methods with their own attributes.
2. Put these two properties in the try...catch... statement.
3. If it is still not possible, the front-end code must verify these two attributes to ensure that the format type passed to the back-end parameter is correct with the data type of the back-end.
There are other cases of this problem. It is necessary to jump to a page for background exceptions. The class is the 500.html page. The following is the control of the jump page by spring boot by writing a configuration file.
package com.qzt.config.cors;
import org.springframework.boot.context.embedded.ConfigurableEmbeddedServletContainer;
import org.springframework.boot.context.embedded.EmbeddedServletContainerCustomizer;
import org.springframework.boot.web.servlet.ErrorPage;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpStatus;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
@Configuration
public class CorsConfig {
//统一页码处理配置
@Bean
public EmbeddedServletContainerCustomizer containerCustomizer() {
return new EmbeddedServletContainerCustomizer() {
@Override
public void customize(ConfigurableEmbeddedServletContainer container) {
//ErrorPage error401Page = new ErrorPage(HttpStatus.UNAUTHORIZED, "/401.html");
// ErrorPage error404Page = new ErrorPage(HttpStatus.NOT_FOUND, "/Err404.html");
ErrorPage error500Page = new ErrorPage(HttpStatus.INTERNAL_SERVER_ERROR, "/page/500.html");
container.addErrorPages(error500Page);
}
};
}
}