bjquanjiang
/
DigitalScholl
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

webapi sql注入测试

master
liangkun 3 years ago
parent
dd9d273002
commit
2e35fcb505
2 changed files with 14 additions and 0 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +12
    -0
      Learun.Framework.Ultimate V7/Learun.Application.WebApi/Modules/BaseApi.cs
  2. +2
    -0
      Learun.Framework.Ultimate V7/Learun.Framework.Module/Learun.Util/Learun.Util/Web/WebHelper.cs

+ 12
- 0
Learun.Framework.Ultimate V7/Learun.Application.WebApi/Modules/BaseApi.cs View File

@@ -175,11 +175,23 @@ namespace Learun.Application.WebApi
/// <returns></returns> /// <returns></returns>
private Response BeforeRequest(NancyContext ctx) private Response BeforeRequest(NancyContext ctx)
{ {
ctx.Request.Url.Query =Learun.Util.WebHelper.Formatstr(ctx.Request.Url.Query);
foreach (var p in ctx.Parameters)
{
if (p.ParameterType == typeof(string))
{
if (ctx.Parameters[p.ParameterName] != null)
{
ctx.Parameters[p.ParameterName] = Learun.Util.WebHelper.Formatstr(ctx.Parameters[p.ParameterName].ToString());
}
}
}
string path = ctx.ResolvedRoute.Description.Path; string path = ctx.ResolvedRoute.Description.Path;
//验证登录状态 //验证登录状态
ReqParameter req = this.Bind<ReqParameter>(); ReqParameter req = this.Bind<ReqParameter>();
loginMark = req.loginMark; loginMark = req.loginMark;
token = req.token; token = req.token;
if (path == "/learun/adms/user/login" || path == "/" || path == "/bgimg" || path == "/learun/adms/user/img" || path == "/learun/adms/desktop/img"||path== "/learun/adms/user/imgfordc") if (path == "/learun/adms/user/login" || path == "/" || path == "/bgimg" || path == "/learun/adms/user/img" || path == "/learun/adms/desktop/img"||path== "/learun/adms/user/imgfordc")
{// 登录接口,默认页面接口不做权限验证处理 {// 登录接口,默认页面接口不做权限验证处理
return null; return null;


+ 2
- 0
Learun.Framework.Ultimate V7/Learun.Framework.Module/Learun.Util/Learun.Util/Web/WebHelper.cs View File

@@ -345,6 +345,7 @@ namespace Learun.Util
System.Text.RegularExpressions.Regex regex10 = new System.Text.RegularExpressions.Regex(@"select", System.Text.RegularExpressions.RegexOptions.IgnoreCase); System.Text.RegularExpressions.Regex regex10 = new System.Text.RegularExpressions.Regex(@"select", System.Text.RegularExpressions.RegexOptions.IgnoreCase);
System.Text.RegularExpressions.Regex regex11 = new System.Text.RegularExpressions.Regex(@"update", System.Text.RegularExpressions.RegexOptions.IgnoreCase); System.Text.RegularExpressions.Regex regex11 = new System.Text.RegularExpressions.Regex(@"update", System.Text.RegularExpressions.RegexOptions.IgnoreCase);
System.Text.RegularExpressions.Regex regex12 = new System.Text.RegularExpressions.Regex(@"delete", System.Text.RegularExpressions.RegexOptions.IgnoreCase); System.Text.RegularExpressions.Regex regex12 = new System.Text.RegularExpressions.Regex(@"delete", System.Text.RegularExpressions.RegexOptions.IgnoreCase);
System.Text.RegularExpressions.Regex regex13 = new System.Text.RegularExpressions.Regex(@"exec", System.Text.RegularExpressions.RegexOptions.IgnoreCase);
html = regex1.Replace(html, ""); //过滤<script></script>标记 html = regex1.Replace(html, ""); //过滤<script></script>标记
html = regex2.Replace(html, ""); //过滤href=javascript: (<A>) 属性 html = regex2.Replace(html, ""); //过滤href=javascript: (<A>) 属性
html = regex3.Replace(html, " _disibledevent="); //过滤其它控件的on...事件 html = regex3.Replace(html, " _disibledevent="); //过滤其它控件的on...事件
@@ -352,6 +353,7 @@ namespace Learun.Util
html = regex10.Replace(html, "s_elect"); html = regex10.Replace(html, "s_elect");
html = regex11.Replace(html, "u_pudate"); html = regex11.Replace(html, "u_pudate");
html = regex12.Replace(html, "d_elete"); html = regex12.Replace(html, "d_elete");
html = regex13.Replace(html, "e_xec");
html = html.Replace("'", "’"); html = html.Replace("'", "’");
html = html.Replace("&nbsp;", " "); html = html.Replace("&nbsp;", " ");
return html; return html;


Write Preview
Loading…
Cancel
Save