| | |
|---|
| | | |
|---|
| | | import cn.hutool.json.JSONUtil; |
|---|
| | | import com.example.jz.modle.R; |
|---|
| | | import org.springframework.context.annotation.Bean; |
|---|
| | | import org.springframework.security.access.AccessDeniedException; |
|---|
| | | import org.springframework.security.web.access.AccessDeniedHandler; |
|---|
| | | import org.springframework.security.web.firewall.HttpFirewall; |
|---|
| | | import org.springframework.security.web.firewall.StrictHttpFirewall; |
|---|
| | | import org.springframework.stereotype.Component; |
|---|
| | | |
|---|
| | | import javax.servlet.ServletException; |
|---|
| | |
|---|
| | | import javax.servlet.http.HttpServletResponse; |
|---|
| | | import java.io.IOException; |
|---|
| | | import java.io.PrintWriter; |
|---|
| | | import java.util.regex.Pattern; |
|---|
| | | |
|---|
| | | import static java.nio.charset.StandardCharsets.ISO_8859_1; |
|---|
| | | import static java.nio.charset.StandardCharsets.UTF_8; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * @author 安瑾然 |
|---|
| | |
|---|
| | | @Component |
|---|
| | | public class MyAccessDeniedHandler implements AccessDeniedHandler { |
|---|
| | | |
|---|
| | | @Bean |
|---|
| | | public HttpFirewall httpFirewall() { |
|---|
| | | StrictHttpFirewall firewall = new StrictHttpFirewall(); |
|---|
| | | Pattern allowed = Pattern.compile("[\\p{IsAssigned}&&[^\\p{IsControl}]]*"); |
|---|
| | | firewall.setAllowedHeaderValues((header) -> { |
|---|
| | | String parsed = new String(header.getBytes(ISO_8859_1), UTF_8); |
|---|
| | | return allowed.matcher(parsed).matches(); |
|---|
| | | }); |
|---|
| | | return firewall; |
|---|
| | | } |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AccessDeniedException e) throws IOException, ServletException { |
|---|
| | | R<String> r = new R<>(); |
|---|
