Sanitizing user inputs with Spring MVC framework

2018-06-07 00:51:09

我正在使用spring mvc框架开发Web应用程序，我想知道有没有最好的方法来清理用户输入或通用方法来清理弹簧中的所有用户输入以避免XSS和Sql Injection攻击？

You can use Filters in Spring framework to clean your forms. Filters will fetch all your request attributes and clean them all before processing the request. Another option is to use JSoup API's. visit following links to know more.

JSoup XSS Api's

Filter approach to prevent XSS threat

EDIT :

Read OWASP sheets to know how to avoid XSS and SQL injection.

OWASP - prevention of XSS

OWASP - prevention of SQL injection

Take a look at HDIV which integrates with spring 3.1, it has out-of-the-box support for XSS, CSRF, Data Integrity Checks.

链接地址: http://www.djcxy.com/p/21648.html

上一篇: 我需要清理用户输入Laravel吗？

下一篇: 用Spring MVC框架消除用户输入