diff --git a/README.md b/README.md
index 5b079d29..046777f9 100644
--- a/README.md
+++ b/README.md
@@ -42,7 +42,7 @@
|-----------------------------|------------|
| Spring Boot | 2.7.18 |
| Spring Cloud | 2021.0.8 |
-| Spring Cloud Alibaba | 2021.0.5.0 |
+| Spring Cloud Alibaba | 2021.0.6.0 |
| Spring Authorization Server | 0.4.4 |
| Mybatis Plus | 3.5.5 |
| hutool | 5.8.22 |
diff --git a/pig-common/pig-common-bom/pom.xml b/pig-common/pig-common-bom/pom.xml
index 7ab89093..b392d9dd 100644
--- a/pig-common/pig-common-bom/pom.xml
+++ b/pig-common/pig-common-bom/pom.xml
@@ -34,7 +34,7 @@
1.0.5
2.0.2
2.3.5
- 5.8.23
+ 5.8.26
2.7.4
1.8.4
4.9.9
diff --git a/pig-common/pig-common-mybatis/src/main/java/com/pig4cloud/pig/common/mybatis/resolver/SqlFilterArgumentResolver.java b/pig-common/pig-common-mybatis/src/main/java/com/pig4cloud/pig/common/mybatis/resolver/SqlFilterArgumentResolver.java
index 3b9a9a20..88d870a9 100644
--- a/pig-common/pig-common-mybatis/src/main/java/com/pig4cloud/pig/common/mybatis/resolver/SqlFilterArgumentResolver.java
+++ b/pig-common/pig-common-mybatis/src/main/java/com/pig4cloud/pig/common/mybatis/resolver/SqlFilterArgumentResolver.java
@@ -20,6 +20,7 @@ package com.pig4cloud.pig.common.mybatis.resolver;
import cn.hutool.core.util.StrUtil;
import com.baomidou.mybatisplus.core.metadata.OrderItem;
+import com.baomidou.mybatisplus.core.toolkit.sql.SqlInjectionUtils;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import javax.servlet.http.HttpServletRequest;
import lombok.extern.slf4j.Slf4j;
@@ -45,9 +46,6 @@ import java.util.stream.Collectors;
@Slf4j
public class SqlFilterArgumentResolver implements HandlerMethodArgumentResolver {
- private final static String[] KEYWORDS = { "master", "truncate", "insert", "select", "delete", "update", "declare",
- "alter", "drop", "sleep", "extractvalue", "concat" };
-
/**
* 判断Controller是否包含page 参数
* @param parameter 参数
@@ -90,21 +88,12 @@ public class SqlFilterArgumentResolver implements HandlerMethodArgumentResolver
List orderItemList = new ArrayList<>();
Optional.ofNullable(ascs)
.ifPresent(s -> orderItemList.addAll(
- Arrays.stream(s).filter(sqlInjectPredicate()).map(OrderItem::asc).collect(Collectors.toList())));
+ Arrays.stream(s).filter(SqlInjectionUtils::check).map(OrderItem::asc).collect(Collectors.toList())));
Optional.ofNullable(descs)
.ifPresent(s -> orderItemList.addAll(
- Arrays.stream(s).filter(sqlInjectPredicate()).map(OrderItem::desc).collect(Collectors.toList())));
+ Arrays.stream(s).filter(SqlInjectionUtils::check).map(OrderItem::desc).collect(Collectors.toList())));
page.addOrder(orderItemList);
return page;
}
-
- /**
- * 判断用户输入里面有没有关键字
- * @return Predicate
- */
- private Predicate sqlInjectPredicate() {
- return sql -> Arrays.stream(KEYWORDS).noneMatch(keyword -> StrUtil.containsIgnoreCase(sql, keyword));
- }
-
}
diff --git a/pig-common/pig-common-oss/src/main/java/com/pig4cloud/pig/common/file/oss/http/OssEndpoint.java b/pig-common/pig-common-oss/src/main/java/com/pig4cloud/pig/common/file/oss/http/OssEndpoint.java
index 4ab42ca7..4691c198 100755
--- a/pig-common/pig-common-oss/src/main/java/com/pig4cloud/pig/common/file/oss/http/OssEndpoint.java
+++ b/pig-common/pig-common-oss/src/main/java/com/pig4cloud/pig/common/file/oss/http/OssEndpoint.java
@@ -55,7 +55,7 @@ public class OssEndpoint {
*/
@SneakyThrows
@PostMapping("/bucket/{bucketName}")
- public Bucket createBucker(@PathVariable String bucketName) {
+ public Bucket createBucket(@PathVariable String bucketName) {
template.createBucket(bucketName);
return template.getBucket(bucketName).get();
diff --git a/pom.xml b/pom.xml
index a8023fa3..88b84898 100644
--- a/pom.xml
+++ b/pom.xml
@@ -31,11 +31,11 @@
3.7.4-JDK8
2.7.18
2021.0.8
- 2021.0.5.0
+ 2021.0.6.0
UTF-8
1.8
1.8
- 2.7.10
+ 2.7.15
0.4.5
2.2.3
0.0.1