laravel8利用中间件实现xss处理
1、创建中间件php artisan make:middleware XSSClean 2、编辑app/Http/Middleware/XSSClean.php文件
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
class XSSClean
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse) $next
* @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
*/
public function handle(Request $request, Closure $next)
{
// return $next($request);
$query = $request->query->all();
$req = $request->request->all();
// $all = $request->all();
array_walk_recursive($query, function (&$params) {
// $params = htmlspecialchars($params);
$params = strip_tags($params);
});
$request->query->replace($query);
// $request->merge($query);
array_walk_recursive($req, function (&$params) {
// $params = htmlspecialchars($params);
$params = strip_tags($params);
});
$request->request->replace($req);
// $request->merge($req);
return $next($request);
}
}
3、配置app/Http/Kernel.php文件
protected $middleware = [
// ...
XSSClean::class, // 增加xss处理中间件
// ...
];
其他方案:
composer require mews/purifier
参考:
laravel8 实现XSS防备处理方案_laravel防止转义xss-CSDN博客
360通用php防护代码(利用操作详解)_php编程-跟版网
https://www.cnblogs.com/bingtang123/p/12844659.html
免责声明:如果侵犯了您的权益,请联系站长,我们会及时删除侵权内容,谢谢合作!更多信息从访问主页:qidao123.com:ToB企服之家,中国第一个企服评测及商务社交产业平台。
页:
[1]