欧阳子桐 / RuoYi · 提交

转到一个项目

作者 RuoYi
提交 578d65dfb4c07bd75aa5a6d2f46fc63fa5701fc3 1 个父辈 db4c2d3d

定时任务目标字符串过滤特殊字符

内嵌 并排对比
正在显示 2 个修改的文件 包含 7 行增加7 行删除
@@ -142,16 +142,16 @@ public class Constants @@ -142,16 +142,16 @@ public class Constants
142 /** 142 /**
143 * RMI 远程方法调用 143 * RMI 远程方法调用
144 */ 144 */
145 - public static final String LOOKUP_RMI = "rmi://"; 145 + public static final String LOOKUP_RMI = "rmi:";
146 146
147 /** 147 /**
148 * LDAP 远程方法调用 148 * LDAP 远程方法调用
149 */ 149 */
150 - public static final String LOOKUP_LDAP = "ldap://"; 150 + public static final String LOOKUP_LDAP = "ldap:";
151 151
152 /** 152 /**
153 * 定时任务违规的字符 153 * 定时任务违规的字符
154 */ 154 */
155 public static final String[] JOB_ERROR_STR = { "java.net.URL", "javax.naming.InitialContext", "org.yaml.snakeyaml", 155 public static final String[] JOB_ERROR_STR = { "java.net.URL", "javax.naming.InitialContext", "org.yaml.snakeyaml",
156 - "org.springframework.jndi" }; 156 + "org.springframework" };
157 } 157 }
@@ -87,11 +87,11 @@ public class SysJobController extends BaseController @@ -87,11 +87,11 @@ public class SysJobController extends BaseController
87 } 87 }
88 else if (StringUtils.containsIgnoreCase(job.getInvokeTarget(), Constants.LOOKUP_RMI)) 88 else if (StringUtils.containsIgnoreCase(job.getInvokeTarget(), Constants.LOOKUP_RMI))
89 { 89 {
90 - return error("新增任务'" + job.getJobName() + "'失败,目标字符串不允许'rmi://'调用"); 90 + return error("新增任务'" + job.getJobName() + "'失败,目标字符串不允许'rmi'调用");
91 } 91 }
92 else if (StringUtils.containsIgnoreCase(job.getInvokeTarget(), Constants.LOOKUP_LDAP)) 92 else if (StringUtils.containsIgnoreCase(job.getInvokeTarget(), Constants.LOOKUP_LDAP))
93 { 93 {
94 - return error("新增任务'" + job.getJobName() + "'失败,目标字符串不允许'ldap://'调用"); 94 + return error("新增任务'" + job.getJobName() + "'失败,目标字符串不允许'ldap'调用");
95 } 95 }
96 else if (StringUtils.containsAnyIgnoreCase(job.getInvokeTarget(), new String[] { Constants.HTTP, Constants.HTTPS })) 96 else if (StringUtils.containsAnyIgnoreCase(job.getInvokeTarget(), new String[] { Constants.HTTP, Constants.HTTPS }))
97 { 97 {
@@ -119,11 +119,11 @@ public class SysJobController extends BaseController @@ -119,11 +119,11 @@ public class SysJobController extends BaseController
119 } 119 }
120 else if (StringUtils.containsIgnoreCase(job.getInvokeTarget(), Constants.LOOKUP_RMI)) 120 else if (StringUtils.containsIgnoreCase(job.getInvokeTarget(), Constants.LOOKUP_RMI))
121 { 121 {
122 - return error("修改任务'" + job.getJobName() + "'失败,目标字符串不允许'rmi://'调用"); 122 + return error("修改任务'" + job.getJobName() + "'失败,目标字符串不允许'rmi'调用");
123 } 123 }
124 else if (StringUtils.containsIgnoreCase(job.getInvokeTarget(), Constants.LOOKUP_LDAP)) 124 else if (StringUtils.containsIgnoreCase(job.getInvokeTarget(), Constants.LOOKUP_LDAP))
125 { 125 {
126 - return error("修改任务'" + job.getJobName() + "'失败,目标字符串不允许'ldap://'调用"); 126 + return error("修改任务'" + job.getJobName() + "'失败,目标字符串不允许'ldap'调用");
127 } 127 }
128 else if (StringUtils.containsAnyIgnoreCase(job.getInvokeTarget(), new String[] { Constants.HTTP, Constants.HTTPS })) 128 else if (StringUtils.containsAnyIgnoreCase(job.getInvokeTarget(), new String[] { Constants.HTTP, Constants.HTTPS }))
129 { 129 {