[Java] XSS 방지

출처 : http://www.javacodegeeks.com/2012/07/anti-cross-site-scripting-xss-filter.html

XSSFilter.java

XSSInterceptor.java

XSSRequestWrapper.java

1. Filter 적용

<filter>         <filter-name>xss</filter-name>         <filter-class>com.jejubank.admin.util.xss.XSSFilter</filter-class>     </filter>         <filter-mapping>         <filter-name>xss</filter-name>         <url-pattern>*.do</url-pattern>     </filter-mapping>

2. Interceptor 적용

<mvc:interceptors>         <mvc:interceptor>             <mvc:mapping path="/**" />             <bean class="com.jejubank.admin.util.xss.XSSInterceptor" />         </mvc:interceptor>     </mvc:interceptors>

=======================================================================================================
=======================================================================================================

첨부파일 있는 경우 XSS Filter
 
참고 : http://www.javapractices.com/topic/TopicAction.do?Id=221

XSSFilter.java 

XSSMultipartRequestWrapper.java 

XSSRequestWrapper.java