Table of contents
1. Valid dependency introduction:
1. Valid dependency introduction:
2. Examples show:
In the Zoyi code, I can find that there are many custom parameter annotations, and many of them are used to check whether a parameter is abnormal or not. We can try to give an example:
If the Xss in the code is a custom annotation module:
Xss: Responsible for setting scope and built-in properties.
@Retention(RetentionPolicy.RUNTIME)
@Target(value = { ElementType.METHOD, ElementType.FIELD, ElementType.CONSTRUCTOR, ElementType.PARAMETER })
@Constraint(validatedBy = { XssValidator.class })
public @interface Xss
{
String message()
default "不允许任何脚本运行";
Class<?>[] groups() default {};
Class<? extends Payload>[] payload() default {};
}XssValidator: Write the verification rule XssValidator class.
public class XssValidator implements ConstraintValidator<Xss, String>
{
private static final String HTML_PATTERN = "<(\\S*?)[^>]*>.*?|<.*? />";
@Override
public boolean isValid(String value, ConstraintValidatorContext constraintValidatorContext)
{
if (StringUtils.isBlank(value))
{
return true;
}
return !containsHtml(value);
}
public static boolean containsHtml(String value)
{
Pattern pattern = Pattern.compile(HTML_PATTERN);
Matcher matcher = pattern.matcher(value);
return matcher.matches();
}
}Example display: use this annotation in the responsible entity class in the entity of the domain layer.
@Xss(message = "User nickname cannot contain script characters")