public/dataease
1
0
Fork 0
mirror of https://github.com/dataease/dataease.git synced 2026-05-15 05:22:13 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: 安全漏洞隐患

Browse Source
This commit is contained in:
fit2cloud-chenyw
2025-02-28 13:13:59 +08:00
committed by fit2cloud-chenyw
parent 9552ae5f19
commit 03ba46641d
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
sdk/common/src/main/java/io/dataease/utils/WhitelistUtils.java
View File

@@ -103,7 +103,7 @@ public class WhitelistUtils {
}
private static void invalidUrl(String requestURI) {
if (requestURI.contains("./") || requestURI.contains(".%") || (requestURI.contains(";") && !requestURI.contains("?"))) {
if (requestURI.contains("./") || requestURI.contains("%") || (requestURI.contains(";") && !requestURI.contains("?"))) {
DEException.throwException(INTERFACE_ADDRESS_INVALID.code(), String.format("%s [%s]", INTERFACE_ADDRESS_INVALID.message(), requestURI));
}
}