From 5d9101e8627bca8e1ec25739777bfc2bdc8c104e Mon Sep 17 00:00:00 2001
From: xuefei <564615061@qq.cm>
Date: 星期五, 28 四月 2023 10:38:55 +0800
Subject: [PATCH] 测试漏洞修复
---
xboot-core/src/main/java/cn/exrick/xboot/core/config/security/permission/CorsFilter.java | 2 +-
xboot-core/src/main/java/cn/exrick/xboot/core/entity/User.java | 2 ++
xboot-core/src/main/java/cn/exrick/xboot/core/common/exception/GlobalExceptionHandler.java | 22 ++++++++++++++++++++++
xboot-admin/src/main/java/cn/exrick/xboot/XbootApplication.java | 2 +-
xboot-admin/src/main/resources/application.yml | 16 ++++++++--------
5 files changed, 34 insertions(+), 10 deletions(-)
diff --git a/xboot-admin/src/main/java/cn/exrick/xboot/XbootApplication.java b/xboot-admin/src/main/java/cn/exrick/xboot/XbootApplication.java
index a344a45..8ddaae0 100644
--- a/xboot-admin/src/main/java/cn/exrick/xboot/XbootApplication.java
+++ b/xboot-admin/src/main/java/cn/exrick/xboot/XbootApplication.java
@@ -21,7 +21,7 @@
// 鍚敤鑷甫瀹氭椂浠诲姟
@EnableScheduling
// 鍚敤Admin鐩戞帶
-@EnableAdminServer
+//@EnableAdminServer
public class XbootApplication {
public static void main(String[] args) {
diff --git a/xboot-admin/src/main/resources/application.yml b/xboot-admin/src/main/resources/application.yml
index 6d8c9e6..27becba 100644
--- a/xboot-admin/src/main/resources/application.yml
+++ b/xboot-admin/src/main/resources/application.yml
@@ -27,7 +27,7 @@
username: root
# Jasypt鍔犲瘑 鍙埌common-utils涓壘鍒癑asyptUtil鍔犺В瀵嗗伐鍏风被鐢熸垚鍔犲瘑缁撴灉 鏍煎紡涓篍NC(鍔犲瘑缁撴灉) 浠ヤ笅瑙e瘑缁撴灉涓�123456
#password: wanghaojie
- password: 123456
+ password: rootroot
type: com.alibaba.druid.pool.DruidDataSource
driverClassName: com.mysql.jdbc.Driver
# Druid StatViewServlet閰嶇疆
@@ -39,7 +39,7 @@
# 鍏佽娓呯┖缁熻鏁版嵁
reset-enable: true
login-username: root
- login-password: ENC(PYVnAYh+j5C3jkMV1d+myj6JzDaUk7pcfTWUaYsvQdEVkuvIVf7Y0mOU9XkffxT8)
+ login-password: boyingabcd12221!
# IP鐧藉悕鍗� 澶氫釜閫楀彿鍒嗛殧
allow:
# IP榛戝悕鍗�
@@ -297,11 +297,11 @@
- /hk/**
- /xboot/wx/**
- /index.html
- - /xboot/pcStatistic/**
- - /xboot/pcStatistic2/**
- - /xboot/pcStatistic3/**
- - /xboot/area/getAll
- - /xboot/areaSection/getAll2
+# - /xboot/pcStatistic/**
+# - /xboot/pcStatistic2/**
+# - /xboot/pcStatistic3/**
+# - /xboot/area/getAll
+# - /xboot/areaSection/getAll2
- /xboot/message/**
- /xboot/updateApp/**
- /xboot/fingerprint/getUserByCode
@@ -370,4 +370,4 @@
# 鏈�澶т繚瀛樺ぉ鏁�
max-history: 7
# 姣忎釜鏂囦欢鏈�澶уぇ灏�
- max-file-size: 5MB
\ No newline at end of file
+ max-file-size: 5MB
diff --git a/xboot-core/src/main/java/cn/exrick/xboot/core/common/exception/GlobalExceptionHandler.java b/xboot-core/src/main/java/cn/exrick/xboot/core/common/exception/GlobalExceptionHandler.java
new file mode 100644
index 0000000..421896d
--- /dev/null
+++ b/xboot-core/src/main/java/cn/exrick/xboot/core/common/exception/GlobalExceptionHandler.java
@@ -0,0 +1,22 @@
+package cn.exrick.xboot.core.common.exception;
+
+import cn.exrick.xboot.core.common.utils.ResultUtil;
+import cn.exrick.xboot.core.common.vo.Result;
+import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.bind.annotation.ResponseBody;
+
+/**
+ * @author xfei
+ * @date 2023/4/26 15:32
+ */
+@ControllerAdvice
+public class GlobalExceptionHandler {
+ //鎸囧畾鍑虹幇浠�涔堝紓甯告墽琛岃繖涓柟娉�
+ @ExceptionHandler(Exception.class)
+ @ResponseBody //涓轰簡杩斿洖鏁版嵁
+ public Result error(Exception e) {
+ e.printStackTrace();
+ return ResultUtil.error(500,"绯荤粺寮傚父璇疯仈绯荤鐞嗗憳锛�");
+ }
+}
diff --git a/xboot-core/src/main/java/cn/exrick/xboot/core/config/security/permission/CorsFilter.java b/xboot-core/src/main/java/cn/exrick/xboot/core/config/security/permission/CorsFilter.java
index afd87c1..f913d76 100644
--- a/xboot-core/src/main/java/cn/exrick/xboot/core/config/security/permission/CorsFilter.java
+++ b/xboot-core/src/main/java/cn/exrick/xboot/core/config/security/permission/CorsFilter.java
@@ -12,7 +12,7 @@
* @author jitwxs
* @since 2018/10/16 20:53
*/
-@Component
+//@Component
public class CorsFilter implements Filter {
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
diff --git a/xboot-core/src/main/java/cn/exrick/xboot/core/entity/User.java b/xboot-core/src/main/java/cn/exrick/xboot/core/entity/User.java
index 101e2b0..84f4529 100644
--- a/xboot-core/src/main/java/cn/exrick/xboot/core/entity/User.java
+++ b/xboot-core/src/main/java/cn/exrick/xboot/core/entity/User.java
@@ -8,6 +8,7 @@
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableName;
import com.fasterxml.jackson.annotation.JsonFormat;
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import io.swagger.annotations.ApiModel;
import io.swagger.annotations.ApiModelProperty;
import lombok.Data;
@@ -38,6 +39,7 @@
@Table(name = "t_user")
@TableName("t_user")
@ApiModel(value = "鐢ㄦ埛")
+@JsonIgnoreProperties(value = {"password"})
public class User extends XbootBaseEntity {
private static final long serialVersionUID = 1L;
--
Gitblit v1.9.1