Inicio Explorar Axuda
Iniciar sesión
xusl
/
ssi
1
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Explorar o código

修改appscan扫描漏洞

xusl %!s(int64=2) %!d(string=hai) anos
pai
2ba5e5e081
achega
46c60f9f4f
Modificáronse 2 ficheiros con 25 adicións e 8 borrados
Dividir vista Mostrar estatísticas de Diff
  1. 8 8
      backend/src/main/java/com/jiayue/ssi/SsiApplication.java
  2. 17 0
      backend/src/main/java/com/jiayue/ssi/config/WebConfig.java

+ 8 - 8
backend/src/main/java/com/jiayue/ssi/SsiApplication.java
Ver ficheiro 

@@ -1,17 +1,17 @@
 
 package com.jiayue.ssi;
 
 
 import com.ulisesbocchio.jasyptspringboot.annotation.EnableEncryptableProperties;
 
-import org.apache.catalina.Context;
 
-import org.apache.catalina.connector.Connector;
 
-import org.apache.tomcat.util.descriptor.web.SecurityCollection;
 
-import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
 
+//import org.apache.catalina.Context;
 
+//import org.apache.catalina.connector.Connector;
 
+//import org.apache.tomcat.util.descriptor.web.SecurityCollection;
 
+//import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
 
 import org.mybatis.spring.annotation.MapperScan;
 
 import org.springframework.boot.SpringApplication;
 
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 
-import org.springframework.boot.web.embedded.tomcat.TomcatConnectorCustomizer;
 
-import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
 
-import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;
 
-import org.springframework.context.annotation.Bean;
 
+//import org.springframework.boot.web.embedded.tomcat.TomcatConnectorCustomizer;
 
+//import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
 
+//import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;
 
+//import org.springframework.context.annotation.Bean;
 
 
 /**
 
  * TODO

+ 17 - 0
backend/src/main/java/com/jiayue/ssi/config/WebConfig.java
Ver ficheiro 

@@ -6,11 +6,17 @@ import com.jiayue.ssi.interceptor.TokenStatusInterceptor;
 
 import com.jiayue.ssi.service.SysBlacklistService;
 
 import com.jiayue.ssi.service.SysParameterService;
 
 import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.boot.web.servlet.ServletContextInitializer;
 
 import org.springframework.context.annotation.Bean;
 
 import org.springframework.context.annotation.Configuration;
 
+import org.springframework.security.web.firewall.HttpFirewall;
 
+import org.springframework.security.web.firewall.StrictHttpFirewall;
 
 import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
 
+import javax.servlet.ServletContext;
 
+import javax.servlet.ServletException;
 
+import java.util.Arrays;
 
 import java.util.List;
 
 
 /**
 
@@ -53,4 +59,15 @@ public class WebConfig implements WebMvcConfigurer {
 
             CacheConstants.blacklistMap.put(sysBlacklist.getIp(),sysBlacklist);
 
         }
 
     }
 
+
 
+    @Bean
 
+    public ServletContextInitializer servletContextInitializer() {
 
+        return new ServletContextInitializer() {
 
+            @Override
 
+            public void onStartup(ServletContext servletContext) throws ServletException {
 
+                // 解决加密会话(SSL)Cookie 中缺少 Secure 属性
 
+                servletContext.getSessionCookieConfig().setSecure(true);
 
+            }
 
+        };
 
+    }
 
 }