NutzCN Logo
问答 关于IOS移动端 请求NUTZ接口问题
发布于 2274天前 作者 smileQQQQQ 4969 次浏览 复制 上一个帖子 下一个帖子
标签: nutzwk

IOS的请求

http://192.168.1.148:8080?companyNum=123456&content=%21%28%22%22%29.%E7%BB%BF%E8%81%94%20usb-c%20to%2010/100%20Ethernet%20AdapterUSBC%E8%BD%AC%E7%99%BE%E5%90%8C%E5%8D%A1%20ctonSBC%E5%8D%A1%2C%E6%9C%AC%E4%BA%A7%E5%93%81%E8%BF%87410.%E8%AE%BE%E8%BF%9E%E6%8E%A5%E6%9C%89%20you%20a%E9%97%B4%E7%BB%9C%E6%8E%A5%E5%8F%A3%E6%97%B6%2C%E6%AD%A4%E9%80%82%E9%85%8D%20%26O.%E4%BA%A7%E5%93%81%E8%AE%BE%E8%AE%A1%E5%B0%8F%2C%E6%93%8D%E4%BD%9C%E7%AE%80%E5%8D%95%E3%80%81%E8%83%BD%20a%20po%20oo%E7%94%A8%E6%88%B7%E7%9A%84%E5%85%A5%3AUSB2CC%E5%85%AC%2C%E4%BC%A0%E8%BE%93%E9%80%9F%E7%8E%87%E8%BE%BE4BM%C2%B7%20E%20wm82eCcm%E8%BE%93%E5%87%BA%E9%A2%98%3A145%28%E9%AB%98%29%20w%20c%20a%20s.%E6%99%AF%E5%AE%B9EE802310a0-/1O0aSe-D%20EE%E6%94%AF%E5%85%A8%E5%8F%8C%E5%B7%A5%E5%8F%8A%E5%8D%8A%E5%8F%8C%E5%B7%A5%20Fu%20ao%20r%E6%94%AF%E6%8C%81%E5%90%8C%E7%BB%9C%E8%BF%9C%E7%A8%8B%E6%98%A0%E5%8A%9F%E8%83%BD%20W%E6%94%AF%E6%8C%81%20Mac/ndows%E7%AD%89%E7%B3%BB%E7%BB%9F%20w%E4%B8%BB%E4%BD%93%E5%B0%BA%E5%AF%B8%3AL6W261Amm%2C%E4%BA%A7%E5%93%81%E6%80%BB%E9%95%BF%3A16cm%C2%B7%E8%81%94%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B840381%E6%B7%B1%E5%9C%B3%E5%B8%82%E9%BE%99%E5%8D%8E%E5%8C%BA%E9%BE%99%E8%A5%BF%E9%BE%99%E5%9F%8E%E5%B7%A5%E4%B8%9A%E5%8C%BA%E7%BB%BF%E5%8A%9E%E5%85%AC%E5%A4%A7%E6%A5%BC236uaCt700%E5%85%A8%E6%9C%8D%E5%8A%A1%E7%83%AD%E7%BA%BF%3A40068390%E7%94%B5%E8%AF%9D%3A%2B8675528095%E8%A1%8C%E6%A0%87%E5%87%86%3AO004-2015%20o6957303838.%20Lon%3A4000308TL%3A%2B8075807%E7%BB%BF%E8%81%94%E4%B8%AD%E5%88%B6%E9%80%A0%20Made%20in%208%20CEFC%20ROHS89RTYU&type=2

我的接收接口

	 */
	@SuppressWarnings({ "rawtypes", "unchecked" })
	@At("/do")
	@POST
	public Object saveDraft( @Param("content")String content,@Param("type")String type) {

我的接收接口收不到,然后查发现是 SQL XSS拦截 就是这个类XssSqlFilterProcessor ,然后在XssSqlFilterProcessor 做了临时处理如下,这样又能进入我的类了,我想知道,是不是有其他注解解决这样的问题, 人不在公司日志是没有了。 关键是我用Postman的post x-www-form-urlencoded 参数在Body提交就没有问题。按照移动端的提交是把刚刚那个提交串做直接放在 post url直接提交,我们到后端就被过滤掉。DecodeURIComponent 那提交串 又能成功访问接口。我说得有点乱,求解脱,这么简单的post提交,我都被移动端搞懵逼了


protected boolean checkParams(ActionContext ac) { HttpServletRequest req = ac.getRequest(); req.getParameterMap(); //FIXME if(req.getRequestURL().toString().indexOf("/cmsapi/draft")>-1) { System.out.println("req.getRequestURI():"+req.getRequestURI()); return false; } Iterator<String[]> values = req.getParameterMap().values().iterator();// 获取所有的表单参数 Iterator<String[]> values2 = req.getParameterMap().values().iterator();// 因为是游标所以要重新获取
12 回复

请求是这串,上面搞错

http://192.168.1.6:8808/cmsapi/draft/do?companyNum=123456&content=%20GREEN%E7%BB%BF%E8%81%94%208%20usb-c%20to%2010/100%20EtherneUSB-C%E8%BD%AC%E7%99%BE%E5%85%86%E7%BD%91%E5%8D%A1%E4%BB%8B%E7%BB%8DPID%3A40381%E6%98%AF%E4%B8%80%E6%AC%BEUSB-C%E7%99%BE%E5%85%86%E5%90%8C%E5%8D%A1%E3%80%82%E6%9C%AC%E4%BA%A7%E5%93%81%E9%80%9A%E8%BF%87%20UGREEN%20PID%3A40381C%E6%8E%A5%E5%8F%A3%E8%AE%A9%E6%82%A8%E7%9A%84%20Macbook%20Macbook%20Pro%E8%AE%BE%E5%A4%87%E8%BF%9E%E6%8E%A5%E5%88%B0%E6%9C%89%20Adapter%20you%20to%20co%E7%BB%9C%2C%E5%BD%93%E6%82%A8%E7%9A%84%E8%AE%BE%E5%A4%87%E7%94%B1%E4%BA%8E%E6%9C%AC%E8%BA%AB%E4%B8%8D%E5%B8%A6%E7%BD%91%E7%BB%9C%E6%8E%A5%E5%8F%A3%E6%97%B6%2C%E6%AD%A4%E9%80%82%E9%85%8D%E5%99%A8%20latest%20Macbook%26%20Chrom%E6%9D%BE%E7%9A%84%E8%A7%A3%E5%86%B3%E8%BF%99%E4%B8%AA%E9%97%AE%E9%A2%98%2C%E4%BA%A7%E5%93%81%E8%AE%BE%E8%AE%A1%E5%B0%8F%E5%B7%A7%2C%E6%93%8D%E4%BD%9C%E7%AE%80%E5%8D%95%2C%E6%80%A7%E8%83%BD%20port%20througn%20a%20USB%E5%8F%97%E5%88%B0%E5%B9%BF%E5%A4%A7%20Macbook%E3%80%81%20Macbook%20Pro%E7%94%A8%E6%88%B7%E7%9A%84%E9%9D%92%E7%9D%90%E8%A7%84%E6%A0%BC%E5%85%A5%E7%AB%AF%3AUSB2.%20type-c%E5%85%AC%2C%E4%BC%A0%E8%BE%93%E9%80%9F%E7%8E%87%E9%AB%98%E8%BE%BE480Ms%20Specification%E5%87%BA%E7%AB%AF%3A1xRJ45%28%E7%99%BE%E5%85%86%29%20input%3A%20Complant%20802.3%2010base-t/100base-tx%20data%20tans%E6%8C%81%E5%85%A8%E5%8F%8C%E5%B7%A5%E5%8F%8A%E5%8D%8A%E5%8F%8C%E5%B7%A5%3A%20RJ45%20Port%20FEE%2080%E6%8C%81%E7%BD%91%E7%BB%9C%E8%BF%9C%E7%A8%8B%E5%94%A4%E9%86%92%E5%8A%9F%E8%83%BD%20Supports%3A%20Ful%20and%20dn%E6%8C%81%20Mac%20OS/indows%E7%AD%89%E7%B3%BB%E7%BB%9F%20wake-on-lan%20M%E4%BD%93%E5%B0%BA%E5%AF%B8%3AL61XW26XH17.4%28mm%29%2C%E4%BA%A7%E5%93%81%E6%80%BB%E9%95%BF%3A16cm%20Supports%3A%20Mac%20OS/ndows%20Dmensions%20L61W26x174%E5%B8%82%E7%BB%BF%E8%81%94%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8%E6%AD%A2%3A%E6%B7%B1%E5%9C%B3%E5%B8%82%E9%BE%99%E5%8D%8E%E5%8C%BA%E9%BE%99%E8%A7%82%E8%A5%BF%E8%B7%AF%E9%BE%99%E5%9F%8E%E5%B7%A5%E4%B8%9A%E5%8C%BA%E7%BB%BF%E8%81%94%E5%8A%9E%E5%85%AC%E5%A4%A7%E6%A5%BC403%E5%9B%BD%E6%9C%8D%E5%8A%A1%E7%83%AD%E7%BA%BF%3A400-0668-398%E7%94%B5%E8%AF%9D%3A%2B86-755-28066995%20US236/u58-c1010%3A%20w.ugreencon%E8%A1%8C%E6%A0%87%E5%87%86%3AQ/LLKJ004-2015%20reen%20Group.%20Green%2C%20Longcheng%20Park.69573038%20Road%2C%20Longhua%2C%2C%20ChinaUSB-C%E8%BD%AC%E7%99%BEtne%3A400-0668-398TEL%3A%2B86-755-28066995%20eb%3A%E5%9B%BD%E5%88%B6%E9%80%A0%20Made%20in%20China%20UGPEE%E7%BB%BF%E8%81%94%20CE%20FC%20ROHS%E9%87%8D%E6%89%9340%E6%88%96%E7%99%BB%E5%BD%95%20GREEN%20is%20a%20trademark%20of%20Green%20Group%20ghts%20reserved.%E5%89%B2%E5%BC%80%E6%B6%82%E5%B1%82%E6%9F%A5%E8%AF%A2%E7%9C%9F%E4%BC%AA&type=2

是不是没设置contentType header?

哦? 在哪设置呢,周一去试一试才行,这样真搞XssSqlFilterProcessor 可不行

客户端发请求的时候没加header,目测是

@admin 我又来了,请求是下面一串hand是有的,但是日志报是sql关键关键字过滤?

POST /cmsapi/draft/do?companyNum=123456&amp;content=%20GREEN%E7%BB%BF%E8%81%94%208%20usb-c%20to%2010/100%20EtherneUSB-C%E8%BD%AC%E7%99%BE%E5%85%86%E7%BD%91%E5%8D%A1%E4%BB%8B%E7%BB%8DPID%3A40381%E6%98%AF%E4%B8%80%E6%AC%BEUSB-C%E7%99%BE%E5%85%86%E5%90%8C%E5%8D%A1%E3%80%82%E6%9C%AC%E4%BA%A7%E5%93%81%E9%80%9A%E8%BF%87%20UGREEN%20PID%3A40381C%E6%8E%A5%E5%8F%A3%E8%AE%A9%E6%82%A8%E7%9A%84%20Macbook%20Macbook%20Pro%E8%AE%BE%E5%A4%87%E8%BF%9E%E6%8E%A5%E5%88%B0%E6%9C%89%20Adapter%20you%20to%20co%E7%BB%9C%2C%E5%BD%93%E6%82%A8%E7%9A%84%E8%AE%BE%E5%A4%87%E7%94%B1%E4%BA%8E%E6%9C%AC%E8%BA%AB%E4%B8%8D%E5%B8%A6%E7%BD%91%E7%BB%9C%E6%8E%A5%E5%8F%A3%E6%97%B6%2C%E6%AD%A4%E9%80%82%E9%85%8D%E5%99%A8%20latest%20Macbook%26%20Chrom%E6%9D%BE%E7%9A%84%E8%A7%A3%E5%86%B3%E8%BF%99%E4%B8%AA%E9%97%AE%E9%A2%98%2C%E4%BA%A7%E5%93%81%E8%AE%BE%E8%AE%A1%E5%B0%8F%E5%B7%A7%2C%E6%93%8D%E4%BD%9C%E7%AE%80%E5%8D%95%2C%E6%80%A7%E8%83%BD%20port%20througn%20a%20USB%E5%8F%97%E5%88%B0%E5%B9%BF%E5%A4%A7%20Macbook%E3%80%81%20Macbook%20Pro%E7%94%A8%E6%88%B7%E7%9A%84%E9%9D%92%E7%9D%90%E8%A7%84%E6%A0%BC%E5%85%A5%E7%AB%AF%3AUSB2.%20type-c%E5%85%AC%2C%E4%BC%A0%E8%BE%93%E9%80%9F%E7%8E%87%E9%AB%98%E8%BE%BE480Ms%20Specification%E5%87%BA%E7%AB%AF%3A1xRJ45%28%E7%99%BE%E5%85%86%29%20input%3A%20Complant%20802.3%2010base-t/100base-tx%20data%20tans%E6%8C%81%E5%85%A8%E5%8F%8C%E5%B7%A5%E5%8F%8A%E5%8D%8A%E5%8F%8C%E5%B7%A5%3A%20RJ45%20Port%20FEE%2080%E6%8C%81%E7%BD%91%E7%BB%9C%E8%BF%9C%E7%A8%8B%E5%94%A4%E9%86%92%E5%8A%9F%E8%83%BD%20Supports%3A%20Ful%20and%20dn%E6%8C%81%20Mac%20OS/indows%E7%AD%89%E7%B3%BB%E7%BB%9F%20wake-on-lan%20M%E4%BD%93%E5%B0%BA%E5%AF%B8%3AL61XW26XH17.4%28mm%29%2C%E4%BA%A7%E5%93%81%E6%80%BB%E9%95%BF%3A16cm%20Supports%3A%20Mac%20OS/ndows%20Dmensions%20L61W26x174%E5%B8%82%E7%BB%BF%E8%81%94%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8%E6%AD%A2%3A%E6%B7%B1%E5%9C%B3%E5%B8%82%E9%BE%99%E5%8D%8E%E5%8C%BA%E9%BE%99%E8%A7%82%E8%A5%BF%E8%B7%AF%E9%BE%99%E5%9F%8E%E5%B7%A5%E4%B8%9A%E5%8C%BA%E7%BB%BF%E8%81%94%E5%8A%9E%E5%85%AC%E5%A4%A7%E6%A5%BC403%E5%9B%BD%E6%9C%8D%E5%8A%A1%E7%83%AD%E7%BA%BF%3A400-0668-398%E7%94%B5%E8%AF%9D%3A%2B86-755-28066995%20US236/u58-c1010%3A%20w.ugreencon%E8%A1%8C%E6%A0%87%E5%87%86%3AQ/LLKJ004-2015%20reen%20Group.%20Green%2C%20Longcheng%20Park.69573038%20Road%2C%20Longhua%2C%2C%20ChinaUSB-C%E8%BD%AC%E7%99%BEtne%3A400-0668-398TEL%3A%2B86-755-28066995%20eb%3A%E5%9B%BD%E5%88%B6%E9%80%A0%20Made%20in%20China%20UGPEE%E7%BB%BF%E8%81%94%20CE%20FC%20ROHS%E9%87%8D%E6%89%9340%E6%88%96%E7%99%BB%E5%BD%95%20GREEN%20is%20a%20trademark%20of%20Green%20Group%20ghts%20reserved.%E5%89%B2%E5%BC%80%E6%B6%82%E5%B1%82%E6%9F%A5%E8%AF%A2%E7%9C%9F%E4%BC%AA&amp;type=2 HTTP/1.1
Host: 192.168.1.148:8080
Cache-Control: no-cache
Postman-Token: c5ec07bc-da6c-ad4a-8ca9-f002f12d973d
Content-Type: application/x-www-form-urlencoded

以下是日志

2018-01-08 09:33:43,138 org.nutz.mvc.impl.UrlMappingImpl.get(UrlMappingImpl.java:101) DEBUG - Found mapping for [POST] path=/cmsapi/draft/do : RoughDraftByPhone.saveDraft(RoughDraftByPhone.java:55)
2018-01-08 09:33:43,138 org.nutz.ioc.impl.NutIoc.get(NutIoc.java:151) DEBUG - Get 'shiroUtil'<class cn.wizzer.framework.util.ShiroUtil>
2018-01-08 09:33:43,139 org.nutz.ioc.impl.NutIoc.get(NutIoc.java:177) DEBUG - 	 >> Load definition name=shiroUtil
2018-01-08 09:33:43,139 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(shiroUtil) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,139 org.nutz.ioc.impl.NutIoc.get(NutIoc.java:209) DEBUG - 	 >> Make...'shiroUtil'<class cn.wizzer.framework.util.ShiroUtil>
2018-01-08 09:33:43,139 cn.wizzer.app.web.commons.plugin.PluginAopConfigure.getInterceptorPairList(PluginAopConfigure.java:33) DEBUG - skip -- cn.wizzer.framework.util.ShiroUtil
2018-01-08 09:33:43,139 org.nutz.ioc.aop.impl.DefaultMirrorFactory.getMirror(DefaultMirrorFactory.java:70) DEBUG - Load class cn.wizzer.framework.util.ShiroUtil without AOP
2018-01-08 09:33:43,140 org.nutz.ioc.impl.ScopeContext.save(ScopeContext.java:64) DEBUG - Save object 'shiroUtil' to [app] 
2018-01-08 09:33:43,140 org.nutz.ioc.impl.NutIoc.get(NutIoc.java:151) DEBUG - Get 'dateUtil'<class cn.wizzer.framework.util.DateUtil>
2018-01-08 09:33:43,140 org.nutz.ioc.impl.NutIoc.get(NutIoc.java:177) DEBUG - 	 >> Load definition name=dateUtil
2018-01-08 09:33:43,140 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(dateUtil) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,141 org.nutz.ioc.impl.NutIoc.get(NutIoc.java:209) DEBUG - 	 >> Make...'dateUtil'<class cn.wizzer.framework.util.DateUtil>
2018-01-08 09:33:43,141 cn.wizzer.app.web.commons.plugin.PluginAopConfigure.getInterceptorPairList(PluginAopConfigure.java:33) DEBUG - skip -- cn.wizzer.framework.util.DateUtil
2018-01-08 09:33:43,141 org.nutz.ioc.aop.impl.DefaultMirrorFactory.getMirror(DefaultMirrorFactory.java:70) DEBUG - Load class cn.wizzer.framework.util.DateUtil without AOP
2018-01-08 09:33:43,141 org.nutz.ioc.impl.ScopeContext.save(ScopeContext.java:64) DEBUG - Save object 'dateUtil' to [app] 
2018-01-08 09:33:43,141 org.nutz.ioc.impl.NutIoc.get(NutIoc.java:151) DEBUG - Get 'stringUtil'<class cn.wizzer.framework.util.StringUtil>
2018-01-08 09:33:43,141 org.nutz.ioc.impl.NutIoc.get(NutIoc.java:177) DEBUG - 	 >> Load definition name=stringUtil
2018-01-08 09:33:43,141 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(stringUtil) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,141 org.nutz.ioc.impl.NutIoc.get(NutIoc.java:209) DEBUG - 	 >> Make...'stringUtil'<class cn.wizzer.framework.util.StringUtil>
2018-01-08 09:33:43,141 cn.wizzer.app.web.commons.plugin.PluginAopConfigure.getInterceptorPairList(PluginAopConfigure.java:33) DEBUG - skip -- cn.wizzer.framework.util.StringUtil
2018-01-08 09:33:43,142 org.nutz.ioc.aop.impl.DefaultMirrorFactory.getMirror(DefaultMirrorFactory.java:70) DEBUG - Load class cn.wizzer.framework.util.StringUtil without AOP
2018-01-08 09:33:43,142 org.nutz.ioc.impl.ScopeContext.save(ScopeContext.java:64) DEBUG - Save object 'stringUtil' to [app] 
2018-01-08 09:33:43,143 org.nutz.ioc.impl.NutIoc.get(NutIoc.java:151) DEBUG - Get 'roughDraftByPhone'<class cn.lvche.smartC.CmsApi.plugins.RoughDraftByPhone>
2018-01-08 09:33:43,143 org.nutz.ioc.impl.NutIoc.get(NutIoc.java:177) DEBUG - 	 >> Load definition name=roughDraftByPhone
2018-01-08 09:33:43,143 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(roughDraftByPhone) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,143 org.nutz.ioc.impl.NutIoc.get(NutIoc.java:209) DEBUG - 	 >> Make...'roughDraftByPhone'<class cn.lvche.smartC.CmsApi.plugins.RoughDraftByPhone>
2018-01-08 09:33:43,143 cn.wizzer.app.web.commons.plugin.PluginAopConfigure.getInterceptorPairList(PluginAopConfigure.java:33) DEBUG - skip -- cn.lvche.smartC.CmsApi.plugins.RoughDraftByPhone
2018-01-08 09:33:43,144 org.nutz.ioc.aop.impl.DefaultMirrorFactory.getMirror(DefaultMirrorFactory.java:70) DEBUG - Load class cn.lvche.smartC.CmsApi.plugins.RoughDraftByPhone without AOP
2018-01-08 09:33:43,144 org.nutz.ioc.impl.ScopeContext.save(ScopeContext.java:64) DEBUG - Save object 'roughDraftByPhone' to [app] 
2018-01-08 09:33:43,145 org.nutz.ioc.impl.NutIoc.get(NutIoc.java:151) DEBUG - Get 'dao'<interface org.nutz.dao.Dao>
2018-01-08 09:33:43,145 org.nutz.ioc.val.ReferTypeValue.get(ReferTypeValue.java:64) DEBUG - name=faArticleService not found, search for type=cn.lvche.smartC.services.FaArticleService
2018-01-08 09:33:43,145 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=redisService
2018-01-08 09:33:43,149 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(redisService) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,149 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=videoUpload
2018-01-08 09:33:43,149 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(videoUpload) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,149 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=conf
2018-01-08 09:33:43,149 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(conf) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,149 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=uploadVideoContext
2018-01-08 09:33:43,150 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(uploadVideoContext) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,150 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=fileUpload
2018-01-08 09:33:43,150 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(fileUpload) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,150 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=redis
2018-01-08 09:33:43,151 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(redis) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,151 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=dao
2018-01-08 09:33:43,151 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(dao) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,151 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=cacheProvider
2018-01-08 09:33:43,152 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(cacheProvider) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,152 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=uploadFileContext
2018-01-08 09:33:43,152 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(uploadFileContext) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,152 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=htmlEmail
2018-01-08 09:33:43,155 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(htmlEmail) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,156 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=cacheExecutor
2018-01-08 09:33:43,156 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(cacheExecutor) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,156 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=jedisAgent
2018-01-08 09:33:43,156 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(jedisAgent) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,156 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=dataSourcePlugin
2018-01-08 09:33:43,156 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(dataSourcePlugin) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,156 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=jedisCluster
2018-01-08 09:33:43,156 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(jedisCluster) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,157 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=pubSubService
2018-01-08 09:33:43,157 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(pubSubService) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,158 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=daoPlugin
2018-01-08 09:33:43,158 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(daoPlugin) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,158 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=imageUpload
2018-01-08 09:33:43,158 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(imageUpload) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,158 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=jedisPool
2018-01-08 09:33:43,158 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(jedisPool) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,158 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=cacheManager
2018-01-08 09:33:43,158 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(cacheManager) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,158 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=emailAuthenticator
2018-01-08 09:33:43,160 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(emailAuthenticator) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,160 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=jedisClusterNodes
2018-01-08 09:33:43,161 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(jedisClusterNodes) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,161 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=jedisClusterWrapper
2018-01-08 09:33:43,163 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(jedisClusterWrapper) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,164 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=tmpFilePool
2018-01-08 09:33:43,164 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(tmpFilePool) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,164 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=jedisPoolConfig
2018-01-08 09:33:43,164 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(jedisPoolConfig) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,164 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=uploadImageContext
2018-01-08 09:33:43,164 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(uploadImageContext) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,165 org.nutz.ioc.loader.map.MapLoader.load(MapLoader.java:67) DEBUG - Loading define for name=dataSource
2018-01-08 09:33:43,165 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(dataSource) in JsonLoader(paths=[config/ioc/])
2018-01-08 09:33:43,165 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(uploadController) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,165 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(sysDictController) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,165 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(logoutApi) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,165 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(commentArticle) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,165 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(sysLoginController) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,165 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(dateUtil) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,165 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(sysUserServiceImpl) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,166 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(operatorLogSearch) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,166 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(pageUtil) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,166 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(apiBaseApi) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,166 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(stringUtil) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,166 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(sysRoleServiceImpl) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,166 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(qrcodeService) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,166 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(sysRouteController) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,166 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(bizpluginSearch) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,166 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(faCommentServiceImpl) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,167 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject($aop_ApiAuth) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,167 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(sysPluginServiceImpl) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,167 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(iaSourceServiceImpl) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,167 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(cmsChannelServiceImpl) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,167 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(lexicalCheck) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,167 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(nutShiroMethodInterceptor) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,167 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(dynamicInterceptor) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,167 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(nutzCompany2PluginServiceImpl) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,168 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(memberUtil) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,168 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(sysLogController) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,168 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(commentSearch) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,168 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(emailService) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,168 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(lCacheManager) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,168 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(faLogController) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,168 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(nutzCompanyServiceImpl) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,168 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(cmsLinkClassServiceImpl) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,168 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(sysRouteServiceImpl) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,168 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(userInfoModifyApi) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,168 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(sysHomeController) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,169 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(nutzComPluginServiceImpl) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,169 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(cmsArticleServiceImpl) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,169 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(sysMenuServiceImpl) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,169 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(aLiWenZi) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,169 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(operatorLogDetail) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,169 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(iaCommentServiceImpl) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,170 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(commentVerify) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,170 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(sysConfigServiceImpl) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,170 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(sysTaskServiceImpl) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,170 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(companyInfoApi) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,170 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(sysLogServiceImpl) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,170 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(bdController) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,170 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(commentDelete) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,170 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(faArticleServiceImpl) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,170 org.nutz.ioc.impl.NutIoc.get(NutIoc.java:151) DEBUG - Get 'faArticleServiceImpl'<interface cn.lvche.smartC.services.FaArticleService>
2018-01-08 09:33:43,170 org.nutz.ioc.impl.NutIoc.get(NutIoc.java:177) DEBUG - 	 >> Load definition name=faArticleServiceImpl
2018-01-08 09:33:43,171 org.nutz.ioc.loader.combo.ComboIocLoader.load(ComboIocLoader.java:169) DEBUG - Found IocObject(faArticleServiceImpl) in AnnotationIocLoader(packages=[cn.wizzer, cn.lvche])
2018-01-08 09:33:43,171 org.nutz.ioc.impl.NutIoc.get(NutIoc.java:209) DEBUG - 	 >> Make...'faArticleServiceImpl'<interface cn.lvche.smartC.services.FaArticleService>
2018-01-08 09:33:43,171 cn.wizzer.app.web.commons.plugin.PluginAopConfigure.getInterceptorPairList(PluginAopConfigure.java:33) DEBUG - skip -- cn.lvche.smartC.services.impl.FaArticleServiceImpl
2018-01-08 09:33:43,171 org.nutz.ioc.aop.impl.DefaultMirrorFactory.getMirror(DefaultMirrorFactory.java:70) DEBUG - Load class cn.lvche.smartC.services.impl.FaArticleServiceImpl without AOP
2018-01-08 09:33:43,171 org.nutz.ioc.impl.ScopeContext.save(ScopeContext.java:64) DEBUG - Save object 'faArticleServiceImpl' to [app] 
2018-01-08 09:33:43,171 org.nutz.ioc.impl.NutIoc.get(NutIoc.java:151) DEBUG - Get 'dao'<>
2018-01-08 09:33:43,171 org.nutz.ioc.impl.NutIoc.get(NutIoc.java:151) DEBUG - Get 'dao'<>
2018-01-08 09:33:43,171 org.nutz.service.EntityService.<init>(EntityService.java:41) DEBUG - Get TypeParams for self : cn.lvche.smartC.models.Fa_article
2018-01-08 09:33:43,175 cn.wizzer.app.web.commons.processor.XssSqlFilterProcessor.checkParams(XssSqlFilterProcessor.java:64) DEBUG - [POST]URI=/cmsapi/draft/do SQL关键字过滤: green绿联 8 usb-c to 10/100 etherneusb-c转百兆网卡介绍pid:40381是一款usb-c百兆同卡。本产品通过 ugreen pid:40381c接口让您的 macbook macbook pro设备连接到有 adapter you to co络,当您的设备由于本身不带网络接口时,此适配器 latest macbook& chrom松的解决这个问题,产品设计小巧,操作简单,性能 port througn a usb受到广大 macbook、 macbook pro用户的青睐规格入端:usb2. type-c公,传输速率高达480ms specification出端:1xrj45(百兆) input: complant 802.3 10base-t/100base-tx data tans持全双工及半双工: rj45 port fee 80持网络远程唤醒功能 supports: ful and dn持 mac os/indows等系统 wake-on-lan m体尺寸:l61xw26xh17.4(mm),产品总长:16cm supports: mac os/ndows dmensions l61w26x174市绿联科技有限公司止:深圳市龙华区龙观西路龙城工业区绿联办公大楼403国服务热线:400-0668-398电话:+86-755-28066995 us236/u58-c1010: w.ugreencon行标准:q/llkj004-2015 reen group. green, longcheng park.69573038 road, longhua,, chinausb-c转百tne:400-0668-398tel:+86-755-28066995 eb:国制造 made in china ugpee绿联 ce fc rohs重打40或登录 green is a trademark of green group ghts reserved.割开涂层查询真伪
2018-01-08 09:33:43,220 cn.wizzer.app.web.commons.processor.LogTimeProcessor.process(LogTimeProcessor.java:26) DEBUG - [POST]URI=/cmsapi/draft/do 82ms

上面是用postman模拟的,我又用postman模拟一个最最正常的,当然,这个是不修改XssSqlFilterProcessor 也能访问的

POST /cmsapi/draft/do HTTP/1.1
Host: 192.168.1.148:8080
Cache-Control: no-cache
Postman-Token: f0845adf-df65-3720-62c4-c754eaeff2ae
Content-Type: application/x-www-form-urlencoded

content=%E6%88%91%E7%82%B9%E5%87%BB%E6%81%A9%E5%BE%B7IE%E8%A6%85%E8%AF%B6%E8%83%BD%E5%90%A6IE%E4%BD%A0%E5%8F%91%E8%81%82%E9%A3%8E%E4%BD%A0%E5%97%AF%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E4%BD%A0%E8%A6%85%E6%81%A9finein%E8%A6%85%E6%81%A9%E5%8F%91%E5%87%BB%E6%81%A9%E5%BE%B7IE%E8%A6%85%E8%AF%B6%E8%83%BD%E5%90%A6IE%E4%BD%A0%E5%8F%91%E8%81%82%E9%A3%8E%E4%BD%A0%E5%97%AF%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E4%BD%A0%E8%A6%85%E6%81%A9finein%E8%A6%85%E6%81%A9%E5%8F%91%E5%87%BB%E6%81%A9%E5%BE%B7IE%E8%A6%85%E8%AF%B6%E8%83%BD%E5%90%A6IE%E4%BD%A0%E5%8F%91%E8%81%82%E9%A3%8E%E4%BD%A0%E5%97%AF%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E4%BD%A0%E8%A6%85%E6%81%A9finein%E8%A6%85%E6%81%A9%E5%8F%91%E5%87%BB%E6%81%A9%E5%BE%B7IE%E8%A6%85%E8%AF%B6%E8%83%BD%E5%90%A6IE%E4%BD%A0%E5%8F%91%E8%81%82%E9%A3%8E%E4%BD%A0%E5%97%AF%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E4%BD%A0%E8%A6%85%E6%81%A9finein%E8%A6%85%E6%81%A9%E5%8F%91%E5%87%BB%E6%81%A9%E5%BE%B7IE%E8%A6%85%E8%AF%B6%E8%83%BD%E5%90%A6IE%E4%BD%A0%E5%8F%91%E8%81%82%E9%A3%8E%E4%BD%A0%E5%97%AF%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E4%BD%A0%E8%A6%85%E6%81%A9finein%E8%A6%85%E6%81%A9%E5%8F%91%E5%87%BB%E6%81%A9%E5%BE%B7IE%E8%A6%85%E8%AF%B6%E8%83%BD%E5%90%A6IE%E4%BD%A0%E5%8F%91%E8%81%82%E9%A3%8E%E4%BD%A0%E5%97%AF%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E4%BD%A0%E8%A6%85%E6%81%A9finein%E8%A6%85%E6%81%A9%E5%8F%91%E5%87%BB%E6%81%A9%E5%BE%B7IE%E8%A6%85%E8%AF%B6%E8%83%BD%E5%90%A6IE%E4%BD%A0%E5%8F%91%E8%81%82%E9%A3%8E%E4%BD%A0%E5%97%AF%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E4%BD%A0%E8%A6%85%E6%81%A9finein%E8%A6%85%E6%81%A9%E5%8F%91%E5%87%BB%E6%81%A9%E5%BE%B7IE%E8%A6%85%E8%AF%B6%E8%83%BD%E5%90%A6IE%E4%BD%A0%E5%8F%91%E8%81%82%E9%A3%8E%E4%BD%A0%E5%97%AF%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E4%BD%A0%E8%A6%85%E6%81%A9finein%E8%A6%85%E6%81%A9%E5%8F%91%E5%87%BB%E6%81%A9%E5%BE%B7IE%E8%A6%85%E8%AF%B6%E8%83%BD%E5%90%A6IE%E4%BD%A0%E5%8F%91%E8%81%82%E9%A3%8E%E4%BD%A0%E5%97%AF%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E4%BD%A0%E8%A6%85%E6%81%A9finein%E8%A6%85%E6%81%A9%E5%8F%91%E5%87%BB%E6%81%A9%E5%BE%B7IE%E8%A6%85%E8%AF%B6%E8%83%BD%E5%90%A6IE%E4%BD%A0%E5%8F%91%E8%81%82%E9%A3%8E%E4%BD%A0%E5%97%AF%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E4%BD%A0%E8%A6%85%E6%81%A9finein%E8%A6%85%E6%81%A9%E5%8F%91%E5%87%BB%E6%81%A9%E5%BE%B7IE%E8%A6%85%E8%AF%B6%E8%83%BD%E5%90%A6IE%E4%BD%A0%E5%8F%91%E8%81%82%E9%A3%8E%E4%BD%A0%E5%97%AF%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E4%BD%A0%E8%A6%85%E6%81%A9finein%E8%A6%85%E6%81%A9%E5%8F%91&type=2&companyNum=123456

没有人么 ,T,T ,大佬@wendal 有赏,这回有赏的

要是怀疑是关键词被拦截,在动作链里把 XssSqlFilterProcessor 删掉再测就是了。

XssSqlFilterProcessor 直接放过这个是没有问题的

 if(req.getRequestURL().toString().indexOf("/cmsapi/draft")>-1)
        {
        	 System.out.println("req.getRequestURI():"+req.getRequestURI());
        	return false;
        }

其实我们可以看到 移动端传过来的,用postman模拟是这样的

POST /cmsapi/draft/do?companyNum=123456&amp;content=%20GREEN%E7%BB%BF%E8%81%94%208%20usb-c%20to%2010/100%20EtherneUSB-C%E8%BD%AC%E7%99%BE%E5%85%86%E7%BD%91%E5%8D%A1%E4%BB%8B%E7%BB%8DPID%3A40381%E6%98%AF%E4%B8%80%E6%AC%BEUSB-C%E7%99%BE%E5%85%86%E5%90%8C%E5%8D%A1%E3%80%82%E6%9C%AC%E4%BA%A7%E5%93%81%E9%80%9A%E8%BF%87%20UGREEN%20PID%3A40381C%E6%8E%A5%E5%8F%A3%E8%AE%A9%E6%82%A8%E7%9A%84%20Macbook%20Macbook%20Pro%E8%AE%BE%E5%A4%87%E8%BF%9E%E6%8E%A5%E5%88%B0%E6%9C%89%20Adapter%20you%20to%20co%E7%BB%9C%2C%E5%BD%93%E6%82%A8%E7%9A%84%E8%AE%BE%E5%A4%87%E7%94%B1%E4%BA%8E%E6%9C%AC%E8%BA%AB%E4%B8%8D%E5%B8%A6%E7%BD%91%E7%BB%9C%E6%8E%A5%E5%8F%A3%E6%97%B6%2C%E6%AD%A4%E9%80%82%E9%85%8D%E5%99%A8%20latest%20Macbook%26%20Chrom%E6%9D%BE%E7%9A%84%E8%A7%A3%E5%86%B3%E8%BF%99%E4%B8%AA%E9%97%AE%E9%A2%98%2C%E4%BA%A7%E5%93%81%E8%AE%BE%E8%AE%A1%E5%B0%8F%E5%B7%A7%2C%E6%93%8D%E4%BD%9C%E7%AE%80%E5%8D%95%2C%E6%80%A7%E8%83%BD%20port%20througn%20a%20USB%E5%8F%97%E5%88%B0%E5%B9%BF%E5%A4%A7%20Macbook%E3%80%81%20Macbook%20Pro%E7%94%A8%E6%88%B7%E7%9A%84%E9%9D%92%E7%9D%90%E8%A7%84%E6%A0%BC%E5%85%A5%E7%AB%AF%3AUSB2.%20type-c%E5%85%AC%2C%E4%BC%A0%E8%BE%93%E9%80%9F%E7%8E%87%E9%AB%98%E8%BE%BE480Ms%20Specification%E5%87%BA%E7%AB%AF%3A1xRJ45%28%E7%99%BE%E5%85%86%29%20input%3A%20Complant%20802.3%2010base-t/100base-tx%20data%20tans%E6%8C%81%E5%85%A8%E5%8F%8C%E5%B7%A5%E5%8F%8A%E5%8D%8A%E5%8F%8C%E5%B7%A5%3A%20RJ45%20Port%20FEE%2080%E6%8C%81%E7%BD%91%E7%BB%9C%E8%BF%9C%E7%A8%8B%E5%94%A4%E9%86%92%E5%8A%9F%E8%83%BD%20Supports%3A%20Ful%20and%20dn%E6%8C%81%20Mac%20OS/indows%E7%AD%89%E7%B3%BB%E7%BB%9F%20wake-on-lan%20M%E4%BD%93%E5%B0%BA%E5%AF%B8%3AL61XW26XH17.4%28mm%29%2C%E4%BA%A7%E5%93%81%E6%80%BB%E9%95%BF%3A16cm%20Supports%3A%20Mac%20OS/ndows%20Dmensions%20L61W26x174%E5%B8%82%E7%BB%BF%E8%81%94%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8%E6%AD%A2%3A%E6%B7%B1%E5%9C%B3%E5%B8%82%E9%BE%99%E5%8D%8E%E5%8C%BA%E9%BE%99%E8%A7%82%E8%A5%BF%E8%B7%AF%E9%BE%99%E5%9F%8E%E5%B7%A5%E4%B8%9A%E5%8C%BA%E7%BB%BF%E8%81%94%E5%8A%9E%E5%85%AC%E5%A4%A7%E6%A5%BC403%E5%9B%BD%E6%9C%8D%E5%8A%A1%E7%83%AD%E7%BA%BF%3A400-0668-398%E7%94%B5%E8%AF%9D%3A%2B86-755-28066995%20US236/u58-c1010%3A%20w.ugreencon%E8%A1%8C%E6%A0%87%E5%87%86%3AQ/LLKJ004-2015%20reen%20Group.%20Green%2C%20Longcheng%20Park.69573038%20Road%2C%20Longhua%2C%2C%20ChinaUSB-C%E8%BD%AC%E7%99%BEtne%3A400-0668-398TEL%3A%2B86-755-28066995%20eb%3A%E5%9B%BD%E5%88%B6%E9%80%A0%20Made%20in%20China%20UGPEE%E7%BB%BF%E8%81%94%20CE%20FC%20ROHS%E9%87%8D%E6%89%9340%E6%88%96%E7%99%BB%E5%BD%95%20GREEN%20is%20a%20trademark%20of%20Green%20Group%20ghts%20reserved.%E5%89%B2%E5%BC%80%E6%B6%82%E5%B1%82%E6%9F%A5%E8%AF%A2%E7%9C%9F%E4%BC%AA&amp;type=2 HTTP/1.1
Host: 192.168.1.148:8080
Cache-Control: no-cache
Postman-Token: 117f6837-0ae2-8a3b-05e0-f0a31cb2c05f
Content-Type: application/x-www-form-urlencoded

我们用正常postman操作是这样的

POST /cmsapi/draft/do HTTP/1.1
Host: 192.168.1.148:8080
Cache-Control: no-cache
Postman-Token: d257818f-cad7-1046-5496-528cfcb60b16
Content-Type: application/x-www-form-urlencoded

content=%E6%88%91%E7%82%B9%E5%87%BB%E6%81%A9%E5%BE%B7IE%E8%A6%85%E8%AF%B6%E8%83%BD%E5%90%A6+IE%E4%BD%A0%E5%8F%91%E8%81%82%E9%A3%8E+%E4%BD%A0%E5%97%AF%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E4%BD%A0%E8%A6%85%E6%81%A9finein%E8%A6%85%E6%81%A9%E5%8F%91%E5%87%BB%E6%81%A9%E5%BE%B7IE%E8%A6%85%E8%AF%B6%E8%83%BD%E5%90%A6IE%E4%BD%A0%E5%8F%91%E8%81%82%E9%A3%8E%E4%BD%A0%E5%97%AF%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E4%BD%A0%E8%A6%85%E6%81%A9finein%E8%A6%85%E6%81%A9%E5%8F%91%E5%87%BB%E6%81%A9%E5%BE%B7IE%E8%A6%85%E8%AF%B6%E8%83%BD%E5%90%A6IE%E4%BD%A0%E5%8F%91%E8%81%82%E9%A3%8E%E4%BD%A0%E5%97%AF%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E4%BD%A0%E8%A6%85%E6%81%A9finein%E8%A6%85%E6%81%A9%E5%8F%91%E5%87%BB%E6%81%A9%E5%BE%B7IE%E8%A6%85%E8%AF%B6%E8%83%BD%E5%90%A6IE%E4%BD%A0%E5%8F%91%E8%81%82%E9%A3%8E%E4%BD%A0%E5%97%AF%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E4%BD%A0%E8%A6%85%E6%81%A9finein%E8%A6%85%E6%81%A9%E5%8F%91%E5%87%BB%E6%81%A9%E5%BE%B7IE%E8%A6%85%E8%AF%B6%E8%83%BD%E5%90%A6IE%E4%BD%A0%E5%8F%91%E8%81%82%E9%A3%8E%E4%BD%A0%E5%97%AF%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E4%BD%A0%E8%A6%85%E6%81%A9finein%E8%A6%85%E6%81%A9%E5%8F%91%E5%87%BB%E6%81%A9%E5%BE%B7IE%E8%A6%85%E8%AF%B6%E8%83%BD%E5%90%A6IE%E4%BD%A0%E5%8F%91%E8%81%82%E9%A3%8E%E4%BD%A0%E5%97%AF%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E4%BD%A0%E8%A6%85%E6%81%A9finein%E8%A6%85%E6%81%A9%E5%8F%91%E5%87%BB%E6%81%A9%E5%BE%B7IE%E8%A6%85%E8%AF%B6%E8%83%BD%E5%90%A6IE%E4%BD%A0%E5%8F%91%E8%81%82%E9%A3%8E%E4%BD%A0%E5%97%AF%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E4%BD%A0%E8%A6%85%E6%81%A9finein%E8%A6%85%E6%81%A9%E5%8F%91%E5%87%BB%E6%81%A9%E5%BE%B7IE%E8%A6%85%E8%AF%B6%E8%83%BD%E5%90%A6IE%E4%BD%A0%E5%8F%91%E8%81%82%E9%A3%8E%E4%BD%A0%E5%97%AF%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E4%BD%A0%E8%A6%85%E6%81%A9finein%E8%A6%85%E6%81%A9%E5%8F%91%E5%87%BB%E6%81%A9%E5%BE%B7IE%E8%A6%85%E8%AF%B6%E8%83%BD%E5%90%A6IE%E4%BD%A0%E5%8F%91%E8%81%82%E9%A3%8E%E4%BD%A0%E5%97%AF%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E4%BD%A0%E8%A6%85%E6%81%A9finein%E8%A6%85%E6%81%A9%E5%8F%91%E5%87%BB%E6%81%A9%E5%BE%B7IE%E8%A6%85%E8%AF%B6%E8%83%BD%E5%90%A6IE%E4%BD%A0%E5%8F%91%E8%81%82%E9%A3%8E%E4%BD%A0%E5%97%AF%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E4%BD%A0%E8%A6%85%E6%81%A9finein%E8%A6%85%E6%81%A9%E5%8F%91%E5%87%BB%E6%81%A9%E5%BE%B7IE%E8%A6%85%E8%AF%B6%E8%83%BD%E5%90%A6IE%E4%BD%A0%E5%8F%91%E8%81%82%E9%A3%8E%E4%BD%A0%E5%97%AF%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E8%A6%85%E9%A2%9D%E8%A6%85%E8%AF%B6%E4%BD%A0%E8%A6%85%E6%81%A9finein%E8%A6%85%E6%81%A9%E5%8F%91&type=2&companyNum=123456

这两种情况都能拿到 参数 拿到header或者其他的,但是就是第一种情况报sql关键关键字过滤 ,第二种就没问题 。

@Wizzercn 如果说移动端只能用第一种方式请求,那就真的XssSqlFilterProcessor ,我这边该删除或者请求全放过了。或者说还能有其他办法? 第一种方法DecodeURIComponent 一下也是不会报错的哦,难道苹果爸爸真的那么为所欲为么

DecodeURIComponent 是在请求之前。 主要还是我们接收不到请求想decode都不行

还是不搞事了,直接在XssSqlFilterProcessor 放过这个接口不检测了

 if(req.getRequestURL().toString().indexOf("/cmsapi/draft")>-1)
        {
        	 System.out.println("req.getRequestURI():"+req.getRequestURI());
        	return false;
        }
添加回复
请先登陆
回到顶部