From 1b6ab1bcf5b6eafda969c3eb518ae21579366267 Mon Sep 17 00:00:00 2001
From: dushitaoyuan <lianglei_lzx@163.com>
Date: Sat, 2 Nov 2019 23:15:12 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E5=AD=97=E7=AC=A6=E5=A4=A7?=
 =?UTF-8?q?=E5=B0=8F=E5=86=99=E5=8C=B9=E9=85=8D?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../taoyuanx/securitydemo/utils/RequestParamFilterUtil.java  | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/main/java/com/taoyuanx/securitydemo/utils/RequestParamFilterUtil.java b/src/main/java/com/taoyuanx/securitydemo/utils/RequestParamFilterUtil.java
index 257f1ca..f94c418 100644
--- a/src/main/java/com/taoyuanx/securitydemo/utils/RequestParamFilterUtil.java
+++ b/src/main/java/com/taoyuanx/securitydemo/utils/RequestParamFilterUtil.java
@@ -1,9 +1,11 @@
 package com.taoyuanx.securitydemo.utils;
 
 import com.google.common.base.Splitter;
+import org.springframework.util.StringUtils;
 import org.springframework.web.util.HtmlUtils;
 
 import java.util.List;
+import java.util.Objects;
 
 /**
  * @author dushitaoyuan
@@ -51,7 +53,7 @@ public class RequestParamFilterUtil {
         }
         for (String param : params) {
             for (int i = 0, len = SQL_KEY_WORDS.size(); i < len; i++) {
-                if (param.contains(" " + SQL_KEY_WORDS.get(i) + " ")) {
+                if (param.toLowerCase().contains(" " + SQL_KEY_WORDS.get(i) + " ")) {
                     return true;
                 }
             }
@@ -59,4 +61,5 @@ public class RequestParamFilterUtil {
 
         return false;
     }
+
 }