SpringBoot如何避免SQL注入漏洞呢?

转自:

SpringBoot如何避免SQL注入漏洞呢?

下文笔者讲述SpringBoot避免SQL注入漏洞的方法分享,如下所示

SQL盲注,SQL注入简介

 SQL注入的风险:
     数据库中的数据被任意查看,修改,删除
 SQL注入的原因:
     未对用户输入进行正确的验证
 SQL注入如何避免
     对危险字符进行过滤或sql参数化

SQL注入避免示例

 添加SQL注入包装类 
import java.util.regex.Matcher;
import java.util.regex.Pattern;
 
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
 
/**
 * SQL注入包装类
 * 
 * @author java265
 *
 */
 
public class SqlInjectHttpServletRequestWrapper extends HttpServletRequestWrapper {
    public static final Logger log = LoggerFactory.getLogger(SqlInjectHttpServletRequestWrapper .class);
	/**
	 * 构造请求对象
	 * 
	 * @param request
	 */
	public SqlInjectHttpServletRequestWrapper(HttpServletRequest request) {
		super(request);
	}
 
	/**
	 * 获取头部参数
	 * 
	 * @param v 参数值
	 */
	@Override
	public String getHeader(String v) {
		String header = super.getHeader(v);
		if (header == null || "".equals(header)) {
			return header;
		}
		return sqlFilter(header);
	}
 
	/**
	 * 获取参数
	 * 
	 * @param v 参数值
	 */
	@Override
	public String getParameter(String v) {
		String param = super.getParameter(v);
		if (param == null || "".equals(param)) {
			return param;
		}
		return sqlFilter(param);
	}
 
	/**
	 * 获取参数值
	 * 
	 * @param v 参数值
	 */
	@Override
	public String[] getParameterValues(String v) {
		String[] values = super.getParameterValues(v);
		if (values == null) {
			return values;
		}
 
		int length = values.length;
		String[] resultValues = new String[length];
		for (int i = 0; i < length; i++) {
			// 过滤特殊字符
			resultValues[i] = sqlFilter(values[i]);
			if (!(resultValues[i]).equals(values[i])) {
				log.debug("SQL注入过滤器 => 过滤前:{} => 过滤后:{}", values[i], resultValues[i]);
			}
		}
		return resultValues;
	}
 
	/**
	 * 预编译SQL过滤正则表达式
	 */
	private Pattern sqlPattern = Pattern.compile(
			"(?:')|(?:--)|(/\\*(?:.|[\\n\\r])*?\\*/)|(\\b(select|update|and|or|delete|insert|trancate|char|into|substr|ascii|declare|exec|count|master|into|drop|execute)\\b)",
			Pattern.CASE_INSENSITIVE);
 
	/**
	 * SQL过滤
	 * 
	 * @param v 参数值
	 * @return
	 */
	private String sqlFilter(String v) {
		if (v != null) {
			String resultVal = v;
			Matcher matcher = sqlPattern.matcher(resultVal);
			if (matcher.find()) {
				resultVal = matcher.replaceAll("");
			}
			if (!resultVal.equals(v)) {
				return "";
			}
			return resultVal;
		}
		return null;
	}
}

3、配置文件添加配置
# sql 注入过滤url地址
security.sql.excludes=/images/*, /jquery/*, /layui/*

4、添加SQL注入过滤器
import java.io.IOException;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
 
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import org.springframework.stereotype.Component;
import org.springframework.beans.factory.annotation.Value;
 
/**
 * SQL注入过滤器
 * 
 * @author java265
 *
 */
@Component
@WebFilter(filterName = "SqlInjectFilter", urlPatterns = "/*")
public class SqlInjectFilter implements Filter {
 
	/**
	 * 过滤器配置对象
	 */
	FilterConfig filterConfig = null;
 
	/**
	 * 是否启用(默认启用)
	 */
	private boolean enable = true;
 
 
	/**
	 * 忽略的URL
	 */
    @Value("${security.sql.excludes}")
	private String excludes;
 
 
	/**
	 * 初始化
	 */
	@Override
	public void init(FilterConfig filterConfig) throws ServletException {
		this.filterConfig = filterConfig;
	}
 
	/**
	 * 拦截
	 */
	@Override
	public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
			throws IOException, ServletException {
		HttpServletRequest request = (HttpServletRequest) servletRequest;
 
		// 不启用或者已忽略的URL不拦截
		if (!enable || isExcludeUrl(request.getServletPath())) {
			filterChain.doFilter(servletRequest, servletResponse);
			return;
		}
		SqlInjectHttpServletRequestWrapper sqlInjectHttpServletRequestWrapper = new SqlInjectHttpServletRequestWrapper(
				request);
		filterChain.doFilter(sqlInjectHttpServletRequestWrapper, servletResponse);
	}
 
	/**
	 * 销毁
	 */
	@Override
	public void destroy() {
		this.filterConfig = null;
	}
 
	/**
	 * 判断是否为忽略的URL
	 * 
	 * @param urlPath URL路径
	 * @return true-忽略,false-过滤
	 */
	private boolean isExcludeUrl(String url) {
		if (excludes == null || excludes.isEmpty()) {
			return false;
		}
        List urls = Arrays.asList(excludes.split(","));
		return urls .stream().map(pattern -> Pattern.compile("^" + pattern)).map(p -> p.matcher(url))
				.anyMatch(Matcher::find);
	}
}

你可能感兴趣的:(Spring,boot,spring,boot)