任务屏蔽违规字符
This commit is contained in:
parent
bd09e5b11c
commit
cc4c52c998
|
@ -148,4 +148,10 @@ public class Constants
|
||||||
* LDAP 远程方法调用
|
* LDAP 远程方法调用
|
||||||
*/
|
*/
|
||||||
public static final String LOOKUP_LDAP = "ldap://";
|
public static final String LOOKUP_LDAP = "ldap://";
|
||||||
}
|
|
||||||
|
/**
|
||||||
|
* 定时任务违规的字符
|
||||||
|
*/
|
||||||
|
public static final String[] JOB_ERROR_STR = { "java.net.URL", "javax.naming.InitialContext", "org.yaml.snakeyaml",
|
||||||
|
"org.springframework.jndi" };
|
||||||
|
}
|
|
@ -96,6 +96,10 @@ public class SysJobController extends BaseController
|
||||||
{
|
{
|
||||||
return error("新增任务'" + job.getJobName() + "'失败,目标字符串不允许'http(s)//'调用");
|
return error("新增任务'" + job.getJobName() + "'失败,目标字符串不允许'http(s)//'调用");
|
||||||
}
|
}
|
||||||
|
else if (StringUtils.containsAnyIgnoreCase(job.getInvokeTarget(), Constants.JOB_ERROR_STR))
|
||||||
|
{
|
||||||
|
return error("新增任务'" + job.getJobName() + "'失败,目标字符串存在违规");
|
||||||
|
}
|
||||||
job.setCreateBy(getUsername());
|
job.setCreateBy(getUsername());
|
||||||
return toAjax(jobService.insertJob(job));
|
return toAjax(jobService.insertJob(job));
|
||||||
}
|
}
|
||||||
|
@ -124,6 +128,10 @@ public class SysJobController extends BaseController
|
||||||
{
|
{
|
||||||
return error("修改任务'" + job.getJobName() + "'失败,目标字符串不允许'http(s)//'调用");
|
return error("修改任务'" + job.getJobName() + "'失败,目标字符串不允许'http(s)//'调用");
|
||||||
}
|
}
|
||||||
|
else if (StringUtils.containsAnyIgnoreCase(job.getInvokeTarget(), Constants.JOB_ERROR_STR))
|
||||||
|
{
|
||||||
|
return error("修改任务'" + job.getJobName() + "'失败,目标字符串存在违规");
|
||||||
|
}
|
||||||
job.setUpdateBy(getUsername());
|
job.setUpdateBy(getUsername());
|
||||||
return toAjax(jobService.updateJob(job));
|
return toAjax(jobService.updateJob(job));
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue