1、创建中间件
php artisan make:middleware XSSClean2、编辑app/Http/Middleware/XSSClean.php文件
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
class XSSClean
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse) $next
* @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
*/
public function handle(Request $request, Closure $next)
{
// return $next($request);
$query = $request->query->all();
$req = $request->request->all();
// $all = $request->all();
array_walk_recursive($query, function (&$params) {
// $params = htmlspecialchars($params);
$params = strip_tags($params);
});
$request->query->replace($query);
// $request->merge($query);
array_walk_recursive($req, function (&$params) {
// $params = htmlspecialchars($params);
$params = strip_tags($params);
});
$request->request->replace($req);
// $request->merge($req);
return $next($request);
}
}
3、配置app/Http/Kernel.php文件
protected $middleware = [
// ...
XSSClean::class, // 增加xss处理中间件
// ...
];其他方案:
composer require mews/purifier参考:
laravel8 实现XSS预防处理方案_laravel防止转义xss-CSDN博客
本站资源均来自互联网,仅供研究学习,禁止违法使用和商用,产生法律纠纷本站概不负责!如果侵犯了您的权益请与我们联系!
转载请注明出处: 免费源码网-免费的源码资源网站 » laravel8使用中间件实现xss处理
发表评论 取消回复