From 5271c8dc01935252dfcf7d63c8eb2fe14826818b Mon Sep 17 00:00:00 2001 From: lbw Date: Sat, 3 Feb 2024 13:14:26 +0000 Subject: [PATCH 1/4] up spring cloud alibab 2021.0.6.0 Signed-off-by: lbw --- README.md | 2 +- pom.xml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 5b079d29..046777f9 100644 --- a/README.md +++ b/README.md @@ -42,7 +42,7 @@ |-----------------------------|------------| | Spring Boot | 2.7.18 | | Spring Cloud | 2021.0.8 | -| Spring Cloud Alibaba | 2021.0.5.0 | +| Spring Cloud Alibaba | 2021.0.6.0 | | Spring Authorization Server | 0.4.4 | | Mybatis Plus | 3.5.5 | | hutool | 5.8.22 | diff --git a/pom.xml b/pom.xml index a8023fa3..88b84898 100644 --- a/pom.xml +++ b/pom.xml @@ -31,11 +31,11 @@ 3.7.4-JDK8 2.7.18 2021.0.8 - 2021.0.5.0 + 2021.0.6.0 UTF-8 1.8 1.8 - 2.7.10 + 2.7.15 0.4.5 2.2.3 0.0.1 From 41036e957eb39ee1ac01c64dff4adf8910e239d0 Mon Sep 17 00:00:00 2001 From: lbw Date: Thu, 15 Feb 2024 06:07:43 +0000 Subject: [PATCH 2/4] up hutool 5.8.26 Signed-off-by: lbw --- pig-common/pig-common-bom/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pig-common/pig-common-bom/pom.xml b/pig-common/pig-common-bom/pom.xml index 7ab89093..b392d9dd 100644 --- a/pig-common/pig-common-bom/pom.xml +++ b/pig-common/pig-common-bom/pom.xml @@ -34,7 +34,7 @@ 1.0.5 2.0.2 2.3.5 - 5.8.23 + 5.8.26 2.7.4 1.8.4 4.9.9 From b9651daaaf06c174a26db7d07c3c2b67ea4d1fbc Mon Sep 17 00:00:00 2001 From: mijun Date: Mon, 19 Feb 2024 15:47:09 +0800 Subject: [PATCH 3/4] =?UTF-8?q?fix:oss=E5=88=9B=E5=BB=BAbucket=E6=96=B9?= =?UTF-8?q?=E6=B3=95=E5=90=8D=E6=8B=BC=E5=86=99=E9=94=99=E8=AF=AF=E4=BF=AE?= =?UTF-8?q?=E5=A4=8D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/pig4cloud/pig/common/file/oss/http/OssEndpoint.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pig-common/pig-common-oss/src/main/java/com/pig4cloud/pig/common/file/oss/http/OssEndpoint.java b/pig-common/pig-common-oss/src/main/java/com/pig4cloud/pig/common/file/oss/http/OssEndpoint.java index 4ab42ca7..4691c198 100755 --- a/pig-common/pig-common-oss/src/main/java/com/pig4cloud/pig/common/file/oss/http/OssEndpoint.java +++ b/pig-common/pig-common-oss/src/main/java/com/pig4cloud/pig/common/file/oss/http/OssEndpoint.java @@ -55,7 +55,7 @@ public class OssEndpoint { */ @SneakyThrows @PostMapping("/bucket/{bucketName}") - public Bucket createBucker(@PathVariable String bucketName) { + public Bucket createBucket(@PathVariable String bucketName) { template.createBucket(bucketName); return template.getBucket(bucketName).get(); From 7031ba049c3699d82aca662673276b79d07d4ea0 Mon Sep 17 00:00:00 2001 From: lbw Date: Thu, 22 Feb 2024 19:27:22 +0800 Subject: [PATCH 4/4] =?UTF-8?q?:sparkles:=20Introducing=20new=20features.?= =?UTF-8?q?=20#I9300D=20sql=E6=B3=A8=E5=85=A5=E6=A3=80=E6=B5=8B=E6=8F=90?= =?UTF-8?q?=E4=BE=9B=E6=8D=A2=20mybatis-plus=20=E6=8F=90=E4=BE=9B=E5=B7=A5?= =?UTF-8?q?=E5=85=B7=E7=B1=BB?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../resolver/SqlFilterArgumentResolver.java | 17 +++-------------- 1 file changed, 3 insertions(+), 14 deletions(-) diff --git a/pig-common/pig-common-mybatis/src/main/java/com/pig4cloud/pig/common/mybatis/resolver/SqlFilterArgumentResolver.java b/pig-common/pig-common-mybatis/src/main/java/com/pig4cloud/pig/common/mybatis/resolver/SqlFilterArgumentResolver.java index 3b9a9a20..88d870a9 100644 --- a/pig-common/pig-common-mybatis/src/main/java/com/pig4cloud/pig/common/mybatis/resolver/SqlFilterArgumentResolver.java +++ b/pig-common/pig-common-mybatis/src/main/java/com/pig4cloud/pig/common/mybatis/resolver/SqlFilterArgumentResolver.java @@ -20,6 +20,7 @@ package com.pig4cloud.pig.common.mybatis.resolver; import cn.hutool.core.util.StrUtil; import com.baomidou.mybatisplus.core.metadata.OrderItem; +import com.baomidou.mybatisplus.core.toolkit.sql.SqlInjectionUtils; import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import javax.servlet.http.HttpServletRequest; import lombok.extern.slf4j.Slf4j; @@ -45,9 +46,6 @@ import java.util.stream.Collectors; @Slf4j public class SqlFilterArgumentResolver implements HandlerMethodArgumentResolver { - private final static String[] KEYWORDS = { "master", "truncate", "insert", "select", "delete", "update", "declare", - "alter", "drop", "sleep", "extractvalue", "concat" }; - /** * 判断Controller是否包含page 参数 * @param parameter 参数 @@ -90,21 +88,12 @@ public class SqlFilterArgumentResolver implements HandlerMethodArgumentResolver List orderItemList = new ArrayList<>(); Optional.ofNullable(ascs) .ifPresent(s -> orderItemList.addAll( - Arrays.stream(s).filter(sqlInjectPredicate()).map(OrderItem::asc).collect(Collectors.toList()))); + Arrays.stream(s).filter(SqlInjectionUtils::check).map(OrderItem::asc).collect(Collectors.toList()))); Optional.ofNullable(descs) .ifPresent(s -> orderItemList.addAll( - Arrays.stream(s).filter(sqlInjectPredicate()).map(OrderItem::desc).collect(Collectors.toList()))); + Arrays.stream(s).filter(SqlInjectionUtils::check).map(OrderItem::desc).collect(Collectors.toList()))); page.addOrder(orderItemList); return page; } - - /** - * 判断用户输入里面有没有关键字 - * @return Predicate - */ - private Predicate sqlInjectPredicate() { - return sql -> Arrays.stream(KEYWORDS).noneMatch(keyword -> StrUtil.containsIgnoreCase(sql, keyword)); - } - }