xss修改

2016-03-23 16:00:42 +08:00
parent 49ac8e94dd
commit f5a3917629
1 changed files with 1 additions and 0 deletions
--- a/src/main/java/com/ai/net/xss/wrapper/XssRequestWrapper.java
+++ b/src/main/java/com/ai/net/xss/wrapper/XssRequestWrapper.java
@@ -109,6 +109,7 @@ public class XssRequestWrapper extends HttpServletRequestWrapper {
                String str = StringEscapeUtils.escapeHtml(cr.getCleanHTML());
                str = str.replaceAll((antiSamy.scan("&nbsp;", policy)).getCleanHTML(), "");
                str = StringEscapeUtils.unescapeHtml(str);
+                str = str.replaceAll("&quot;", "\"");
                log.info("xssfilter value after xssClean：" + str);
                return str;
        	}