public/PandaX
1
0
Fork 0
mirror of https://gitee.com/XM-GO/PandaX.git synced 2026-04-23 02:48:34 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
09e2877ae36ef84c2ac5ac48bd4d0afc982df93c
PandaX/pkg/middleware/escape_html.go
XM-GO 4344771547 iot init
2023-08-22 15:17:14 +08:00

18 lines
448 B
Go
Raw Blame History

package middleware
import (
"github.com/emicklei/go-restful/v3"
"html"
)
// 防止XSS攻击
func EscapeHTML(req *restful.Request, resp *restful.Response, chain *restful.FilterChain) {
// 获取请求参数中的HTML标签
for _, p := range req.Request.URL.Query() {
escaped := html.EscapeString(p[0])
// 将转义后的参数重新设置到请求参数中
req.Request.URL.Query().Set(p[0], escaped)
}
chain.ProcessFilter(req, resp)
}
Reference in New Issue View Git Blame Copy Permalink