mirror of
https://gitee.com/XM-GO/PandaX.git
synced 2026-04-23 10:58:35 +08:00
18 lines
448 B
Go
18 lines
448 B
Go
package middleware
|
|
|
|
import (
|
|
"github.com/emicklei/go-restful/v3"
|
|
"html"
|
|
)
|
|
|
|
// 防止XSS攻击
|
|
func EscapeHTML(req *restful.Request, resp *restful.Response, chain *restful.FilterChain) {
|
|
// 获取请求参数中的HTML标签
|
|
for _, p := range req.Request.URL.Query() {
|
|
escaped := html.EscapeString(p[0])
|
|
// 将转义后的参数重新设置到请求参数中
|
|
req.Request.URL.Query().Set(p[0], escaped)
|
|
}
|
|
chain.ProcessFilter(req, resp)
|
|
}
|