diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/filter/RepeatedlyRequestWrapper.java b/ruoyi-common/src/main/java/com/ruoyi/common/filter/RepeatedlyRequestWrapper.java index caacba63..ca822ede 100644 --- a/ruoyi-common/src/main/java/com/ruoyi/common/filter/RepeatedlyRequestWrapper.java +++ b/ruoyi-common/src/main/java/com/ruoyi/common/filter/RepeatedlyRequestWrapper.java @@ -10,6 +10,7 @@ import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequestWrapper; import com.ruoyi.common.utils.http.HttpHelper; +import com.ruoyi.common.constant.Constants; /** * 构建可重复读取inputStream的request @@ -23,10 +24,10 @@ public class RepeatedlyRequestWrapper extends HttpServletRequestWrapper public RepeatedlyRequestWrapper(HttpServletRequest request, ServletResponse response) throws IOException { super(request); - request.setCharacterEncoding("UTF-8"); - response.setCharacterEncoding("UTF-8"); + request.setCharacterEncoding(Constants.UTF8); + response.setCharacterEncoding(Constants.UTF8); - body = HttpHelper.getBodyString(request).getBytes("UTF-8"); + body = HttpHelper.getBodyString(request).getBytes(Constants.UTF8); } @Override diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/filter/XssFilter.java b/ruoyi-common/src/main/java/com/ruoyi/common/filter/XssFilter.java index 703ce9ac..23a76fe1 100644 --- a/ruoyi-common/src/main/java/com/ruoyi/common/filter/XssFilter.java +++ b/ruoyi-common/src/main/java/com/ruoyi/common/filter/XssFilter.java @@ -12,6 +12,7 @@ import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import com.ruoyi.common.utils.StringUtils; +import com.ruoyi.common.enums.HttpMethod; /** * 防止XSS攻击的过滤器 @@ -59,7 +60,7 @@ public class XssFilter implements Filter String url = request.getServletPath(); String method = request.getMethod(); // GET DELETE 不过滤 - if (method == null || method.matches("GET") || method.matches("DELETE")) + if (method == null || HttpMethod.GET.matches(method) || HttpMethod.DELETE.matches(method)) { return true; }