admin/ko-time
1
0
Fork 0
mirror of https://gitee.com/huoyo/ko-time.git synced 2025-12-06 16:58:26 +08:00
Code Issues Packages Projects Releases Wiki Activity

optimize jackson's threats

Browse Source
This commit is contained in:
huoyo 2022-05-30 12:54:01 +08:00
parent e20812f17a
commit b4957441a8
12 changed files with 75 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pom.xml
View File

@ -26,7 +26,7 @@
<dependency> <dependency>
<groupId>com.auth0</groupId> <groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId> <artifactId>java-jwt</artifactId>
<version>3.16.0</version> <version>4.0.0-beta.0</version>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.springframework</groupId> <groupId>org.springframework</groupId>

2
src/main/java/cn/langpy/kotime/config/LoadConfig.java
View File

@ -28,7 +28,7 @@ import java.util.logging.Logger;
@ComponentScan("cn.langpy.kotime") @ComponentScan("cn.langpy.kotime")
@Configuration @Configuration
public class LoadConfig { public class LoadConfig {
public static Logger log = Logger.getLogger(LoadConfig.class.toString()); private static Logger log = Logger.getLogger(LoadConfig.class.toString());
@Value("${koTime.enable:true}") @Value("${koTime.enable:true}")
private Boolean kotimeEnable; private Boolean kotimeEnable;

65
src/main/java/cn/langpy/kotime/controller/KoTimeController.java
View File

@ -34,7 +34,7 @@ public class KoTimeController {
@Value("${ko-time.password:}") @Value("${ko-time.password:}")
private String password; private String password;
public static Logger log = Logger.getLogger(KoTimeController.class.toString()); private static Logger log = Logger.getLogger(KoTimeController.class.toString());
@PostMapping("/login") @PostMapping("/login")
@ResponseBody @ResponseBody
@ -65,41 +65,48 @@ public class KoTimeController {
@GetMapping @GetMapping
public void index(String test, HttpServletResponse response, HttpServletRequest request) throws Exception { public void index(String test, HttpServletResponse response, HttpServletRequest request) {
if (null != test) { if (null != test) {
return; return;
} }
response.setContentType("text/html;charset=utf-8"); response.setContentType("text/html;charset=utf-8");
ClassPathResource classPathResource = new ClassPathResource(KoConstant.kotimeViewer); ClassPathResource classPathResource = new ClassPathResource(KoConstant.kotimeViewer);
BufferedReader reader = new BufferedReader(new InputStreamReader(classPathResource.getInputStream(), "utf-8")); try (
PrintWriter out = response.getWriter(); InputStream inputStream = classPathResource.getInputStream();
String context = request.getContextPath(); InputStreamReader streamReader = new InputStreamReader(inputStream, "utf-8");
if (StringUtils.hasText(Context.getConfig().getContextPath())) { BufferedReader reader = new BufferedReader(streamReader);
context = Context.getConfig().getContextPath(); PrintWriter out = response.getWriter()) {
}
StringBuilder stringBuilder = new StringBuilder(); String context = request.getContextPath();
String line = ""; if (StringUtils.hasText(Context.getConfig().getContextPath())) {
int n = 0; context = Context.getConfig().getContextPath();
while ((line = reader.readLine()) != null) {
if (n > 14) {
if (line.indexOf(KoConstant.globalThreshold) > -1) {
line = line.replace(KoConstant.globalThreshold, Context.getConfig().getThreshold() + "");
} else if (line.indexOf(KoConstant.globalNeedLogin) > -1) {
line = line.replace(KoConstant.globalNeedLogin, Context.getConfig().getAuthEnable() + "");
} else if (line.indexOf(KoConstant.contextPath) > -1) {
line = line.replace(KoConstant.contextPath, context);
} else if (line.indexOf(KoConstant.exceptionTitleStyle) > -1) {
line = line.replace(KoConstant.exceptionTitleStyle, Context.getConfig().getExceptionEnable() == true ? "" : "display:none;");
}
stringBuilder.append(line + "\n");
} else {
stringBuilder.append(line + "\n");
} }
n++; StringBuilder stringBuilder = new StringBuilder();
String line = "";
int n = 0;
while ((line = reader.readLine()) != null) {
if (n > 14) {
if (line.indexOf(KoConstant.globalThreshold) > -1) {
line = line.replace(KoConstant.globalThreshold, Context.getConfig().getThreshold() + "");
} else if (line.indexOf(KoConstant.globalNeedLogin) > -1) {
line = line.replace(KoConstant.globalNeedLogin, Context.getConfig().getAuthEnable() + "");
} else if (line.indexOf(KoConstant.contextPath) > -1) {
line = line.replace(KoConstant.contextPath, context);
} else if (line.indexOf(KoConstant.exceptionTitleStyle) > -1) {
line = line.replace(KoConstant.exceptionTitleStyle, Context.getConfig().getExceptionEnable() == true ? "" : "display:none;");
}
stringBuilder.append(line + "\n");
} else {
stringBuilder.append(line + "\n");
}
n++;
}
line = stringBuilder.toString();
out.write(line);
out.flush();
} catch (Exception e) {
e.printStackTrace();
} }
line = stringBuilder.toString();
out.write(line);
out.close();
} }

3
src/main/java/cn/langpy/kotime/data/DataBase.java
View File

@ -15,7 +15,6 @@ import java.sql.Connection;
import java.sql.SQLException; import java.sql.SQLException;
import java.util.*; import java.util.*;
import java.util.logging.Logger; import java.util.logging.Logger;
import java.util.stream.Collectors;
import static java.util.stream.Collectors.toList; import static java.util.stream.Collectors.toList;
@ -25,7 +24,7 @@ import static java.util.stream.Collectors.toList;
@Component("database") @Component("database")
@Lazy @Lazy
public class DataBase implements GraphService { public class DataBase implements GraphService {
public static Logger log = Logger.getLogger(DataBase.class.toString()); private static Logger log = Logger.getLogger(DataBase.class.toString());
private Connection readConnection; private Connection readConnection;
private Connection writeConnection; private Connection writeConnection;

2
src/main/java/cn/langpy/kotime/handler/AuthHandler.java
View File

@ -25,7 +25,7 @@ import java.util.logging.Logger;
@Aspect @Aspect
@Component @Component
public class AuthHandler { public class AuthHandler {
public static Logger log = Logger.getLogger(AuthHandler.class.toString()); private static Logger log = Logger.getLogger(AuthHandler.class.toString());
@Pointcut(KoConstant.authRange) @Pointcut(KoConstant.authRange)
public void preProcess() { public void preProcess() {

2
src/main/java/cn/langpy/kotime/handler/ComputeTimeHandler.java
View File

@ -16,7 +16,7 @@ import java.util.logging.Logger;
@Aspect @Aspect
@Component @Component
public class ComputeTimeHandler { public class ComputeTimeHandler {
public static Logger log = Logger.getLogger(ComputeTimeHandler.class.toString()); private static Logger log = Logger.getLogger(ComputeTimeHandler.class.toString());
@Pointcut(KoConstant.comMethodRange) @Pointcut(KoConstant.comMethodRange)
public void preProcess() { public void preProcess() {

2
src/main/java/cn/langpy/kotime/service/InvokedQueue.java
View File

@ -8,7 +8,7 @@ import java.util.concurrent.ConcurrentLinkedQueue;
import java.util.logging.Logger; import java.util.logging.Logger;
public class InvokedQueue { public class InvokedQueue {
public static Logger log = Logger.getLogger(InvokedQueue.class.toString()); private static Logger log = Logger.getLogger(InvokedQueue.class.toString());
private volatile static ConcurrentLinkedQueue<InvokedInfo> queue = new ConcurrentLinkedQueue(); private volatile static ConcurrentLinkedQueue<InvokedInfo> queue = new ConcurrentLinkedQueue();

2
src/main/java/cn/langpy/kotime/service/KoInvokedHandler.java
View File

@ -12,7 +12,7 @@ import java.util.logging.Logger;
@KoListener @KoListener
public final class KoInvokedHandler implements InvokedHandler { public final class KoInvokedHandler implements InvokedHandler {
public static Logger log = Logger.getLogger(KoInvokedHandler.class.toString()); private static Logger log = Logger.getLogger(KoInvokedHandler.class.toString());
@Override @Override

2
src/main/java/cn/langpy/kotime/service/MethodNodeService.java
View File

@ -14,7 +14,7 @@ import java.util.logging.Logger;
* zhangchang * zhangchang
*/ */
public class MethodNodeService { public class MethodNodeService {
public static Logger log = Logger.getLogger(MethodNodeService.class.toString()); private static Logger log = Logger.getLogger(MethodNodeService.class.toString());
public static MethodNode getParentMethodNode() { public static MethodNode getParentMethodNode() {
Stack<String> stack = MethodStack.get(); Stack<String> stack = MethodStack.get();

2
src/main/java/cn/langpy/kotime/util/Common.java
View File

@ -24,7 +24,7 @@ import java.util.logging.Logger;
* zhangchang * zhangchang
*/ */
public class Common { public class Common {
public static Logger log = Logger.getLogger(Common.class.toString()); private static Logger log = Logger.getLogger(Common.class.toString());
final static List<Class<?>> baseTypes = Arrays.asList(Integer.class, Double.class, Float.class, String.class, Boolean.class, MultipartFile.class); final static List<Class<?>> baseTypes = Arrays.asList(Integer.class, Double.class, Float.class, String.class, Boolean.class, MultipartFile.class);

1
src/main/java/cn/langpy/kotime/util/Context.java
View File

@ -7,7 +7,6 @@ import cn.langpy.kotime.service.GraphService;
import javax.sql.DataSource; import javax.sql.DataSource;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
import java.util.concurrent.ThreadPoolExecutor;
/** /**
* zhangchang * zhangchang

34
src/main/java/cn/langpy/kotime/util/DataBaseUtil.java
View File

@ -14,7 +14,7 @@ import java.util.concurrent.ConcurrentHashMap;
import java.util.logging.Logger; import java.util.logging.Logger;
public class DataBaseUtil { public class DataBaseUtil {
public static Logger log = Logger.getLogger(DataBaseUtil.class.toString()); private static Logger log = Logger.getLogger(DataBaseUtil.class.toString());
static Map<String, ColumnInfo> tableInfoMap = new ConcurrentHashMap<>(); static Map<String, ColumnInfo> tableInfoMap = new ConcurrentHashMap<>();
@ -82,13 +82,14 @@ public class DataBaseUtil {
public static List<Map<String, Object>> query(Connection connection, String sql, Object[] values) { public static List<Map<String, Object>> query(Connection connection, String sql, Object[] values) {
List<Map<String, Object>> list = new ArrayList<>(); List<Map<String, Object>> list = new ArrayList<>();
PreparedStatement statement = null; PreparedStatement statement = null;
ResultSet resultSet = null;
try { try {
statement = connection.prepareStatement(sql); statement = connection.prepareStatement(sql);
if (null != values) { if (null != values) {
statement = setParams(statement, values); statement = setParams(statement, values);
} }
final ResultSetMetaData metaData = statement.getMetaData(); final ResultSetMetaData metaData = statement.getMetaData();
ResultSet resultSet = statement.executeQuery(); resultSet = statement.executeQuery();
List<ColumnInfo> columns = getColumns(metaData); List<ColumnInfo> columns = getColumns(metaData);
while (resultSet.next()) { while (resultSet.next()) {
Map<String, Object> map = new HashMap<>(); Map<String, Object> map = new HashMap<>();
@ -107,16 +108,24 @@ public class DataBaseUtil {
throwables.printStackTrace(); throwables.printStackTrace();
} }
} }
if (null != resultSet) {
try {
resultSet.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
} }
return list; return list;
} }
public static boolean existsById(Connection connection, String sql, Object id) { public static boolean existsById(Connection connection, String sql, Object id) {
PreparedStatement statement = null; PreparedStatement statement = null;
ResultSet resultSet = null;
try { try {
statement = connection.prepareStatement(sql); statement = connection.prepareStatement(sql);
statement = setParams(statement, id); statement = setParams(statement, id);
ResultSet resultSet = statement.executeQuery(); resultSet = statement.executeQuery();
if (resultSet.next()) { if (resultSet.next()) {
return true; return true;
} }
@ -130,6 +139,13 @@ public class DataBaseUtil {
throwables.printStackTrace(); throwables.printStackTrace();
} }
} }
if (null != resultSet) {
try {
resultSet.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
} }
return false; return false;
} }
@ -137,13 +153,14 @@ public class DataBaseUtil {
public static <T> List<T> query(Connection connection, String sql, Object[] values, Class<T> c) { public static <T> List<T> query(Connection connection, String sql, Object[] values, Class<T> c) {
List<T> list = new ArrayList<>(); List<T> list = new ArrayList<>();
PreparedStatement statement = null; PreparedStatement statement = null;
ResultSet resultSet = null;
try { try {
statement = connection.prepareStatement(sql); statement = connection.prepareStatement(sql);
if (null != values) { if (null != values) {
statement = setParams(statement, values); statement = setParams(statement, values);
} }
final ResultSetMetaData metaData = statement.getMetaData(); final ResultSetMetaData metaData = statement.getMetaData();
ResultSet resultSet = statement.executeQuery(); resultSet = statement.executeQuery();
List<ColumnInfo> columns = getColumns(metaData); List<ColumnInfo> columns = getColumns(metaData);
Field[] fields = null; Field[] fields = null;
while (resultSet.next()) { while (resultSet.next()) {
@ -173,6 +190,7 @@ public class DataBaseUtil {
} else { } else {
field.set(object, columnValue); field.set(object, columnValue);
} }
field.setAccessible(false);
} }
list.add(object); list.add(object);
} }
@ -190,6 +208,14 @@ public class DataBaseUtil {
throwables.printStackTrace(); throwables.printStackTrace();
} }
} }
if (null != resultSet) {
try {
resultSet.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
} }
return list; return list;
} }