앱)servletparamutil 자바 common 코드

Posted by HULIA(휴리아)
2018. 3. 30. 10:36 백엔드개발/자바스프링
String param(HttpServletRequest request, String param, String def){
         return checkParam(request.getParameter(param), def);
}


String param(HttpServletRequest request, String param){
       return param(request, param, "").trim();
}

String nonCheckParam(HttpServletRequest request, String param){
       return request.getParameter(param);
}

String checkParam(String temp, String default){
        if(temp != null){
         temp = temp.trim();
         //temp = URLDecoder.decode(temp, "UTF-8");

         Matcher m;
         /* XSS(Cross Site Scription) depend code */
          Pattern scripts = Pattern.compile("<(no)?script[^>]*>.*?</(no)?script>", Pattern.DOTALL);
          Pattern style = Pattern.compile("<style[^>]*>.*</style>", Pattern.DOTALL);
          Pattern tags = Pattern.compile("<(\"[^\"]*\"|\'[^\']*\'|[^\'\">])*>");

        m = scripts.matcher(temp);
        temp = m.replaceAll("");
         m = style.matcher(temp);
         temp = m.replaceAll("");
          m = tags.matcher(temp);
        temp = m.repaceAll("");

        //SQL Injection depend code
        Pattern sql = Pattern.compile("(\\%27)|(\\')|(\\-\\-)", Pattern.DOTALL);

         m = sql.matcher(temp);
         temp = m.replaceAll("");
         } else {
           temp = default;
         }
         return temp;
}         

'백엔드개발 > 자바스프링' 카테고리의 다른 글

앱)aesciperutil 자바 common 코드  (0) 2018.04.02
앱)md5util 자바 common 코드  (0) 2018.04.02
앱)hashutil 자바 common 코드  (0) 2018.03.30
앱)fileutil 자바 common 코드  (0) 2018.03.30
앱)Springframework version 버젼별 간단 특징 요약 역사  (0) 2018.02.06
Trackback: Comment:

티스토리툴바