加密解密需要引入的包
<!--加密相关配置--><dependency><groupId>com.yonyou.pap.caep</groupId><artifactId>jasypt-spring-boot</artifactId><version>1.0.8-SNAPSHOT</version></dependency><dependency><groupId>com.yonyou.pap.caep</groupId><artifactId>jasypt-spring-boot-starter</artifactId><version>1.0.8-SNAPSHOT</version></dependency><dependency><groupId>com.yonyou.pap.caep</groupId><artifactId>jasypt-mdd</artifactId><version>1.0.8-SNAPSHOT</version></dependency><dependency><groupId>com.yonyou.pap.caep</groupId><artifactId>jasypt-mdd-cache</artifactId><version>1.0.8-SNAPSHOT</version></dependency><dependency><groupId>com.yonyou.pap.caep</groupId><artifactId>jasypt-mdd-dao</artifactId><version>1.0.8-SNAPSHOT</version></dependency>
配置文件添加加密因子
#配置文件加密因子jasypt.encryptor.fact1=***jasypt.encryptor.fact2=***ucf.usingSqlInjectFilter=falseucf.usingXssFilter=false
统一包中对xss和sql注入的操作
上一小节的配置文件中可以看到,有
ucf.usingSqlInjectFilter=falseucf.usingXssFilter=false
这两个配置,可以让刘金华那边的替换不生效,因为目前的替换会把hrcm_contract_contract类似这样的billnum替换成乱码的形式,后边直接就报错了。(这公共方案也是TM的醉了,完全不顾实际情况)
若有收获,就点个赞吧
0 人点赞
