Skip to content

F
finance-manage
Commit 578d65df authored by RuoYi's avatar RuoYi
Browse files
Options

定时任务目标字符串过滤特殊字符

parent db4c2d3d
Hide whitespace changes
Inline Side-by-side
Showing with 7 additions and 7 deletions
ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java
View file @ 578d65df
...@@ -142,16 +142,16 @@ public class Constants ...@@ -142,16 +142,16 @@ public class Constants
/** /**
* RMI 远程方法调用 * RMI 远程方法调用
*/ */
public static final String LOOKUP_RMI = "rmi://"; public static final String LOOKUP_RMI = "rmi:";
/** /**
* LDAP 远程方法调用 * LDAP 远程方法调用
*/ */
public static final String LOOKUP_LDAP = "ldap://"; public static final String LOOKUP_LDAP = "ldap:";
/** /**
* 定时任务违规的字符 * 定时任务违规的字符
*/ */
public static final String[] JOB_ERROR_STR = { "java.net.URL", "javax.naming.InitialContext", "org.yaml.snakeyaml", public static final String[] JOB_ERROR_STR = { "java.net.URL", "javax.naming.InitialContext", "org.yaml.snakeyaml",
"org.springframework.jndi" }; "org.springframework" };
} }
\ No newline at end of file
ruoyi-quartz/src/main/java/com/ruoyi/quartz/controller/SysJobController.java
View file @ 578d65df
...@@ -87,11 +87,11 @@ public class SysJobController extends BaseController ...@@ -87,11 +87,11 @@ public class SysJobController extends BaseController
} }
else if (StringUtils.containsIgnoreCase(job.getInvokeTarget(), Constants.LOOKUP_RMI)) else if (StringUtils.containsIgnoreCase(job.getInvokeTarget(), Constants.LOOKUP_RMI))
{ {
return error("新增任务'" + job.getJobName() + "'失败,目标字符串不允许'rmi://'调用"); return error("新增任务'" + job.getJobName() + "'失败,目标字符串不允许'rmi'调用");
} }
else if (StringUtils.containsIgnoreCase(job.getInvokeTarget(), Constants.LOOKUP_LDAP)) else if (StringUtils.containsIgnoreCase(job.getInvokeTarget(), Constants.LOOKUP_LDAP))
{ {
return error("新增任务'" + job.getJobName() + "'失败,目标字符串不允许'ldap://'调用"); return error("新增任务'" + job.getJobName() + "'失败,目标字符串不允许'ldap'调用");
} }
else if (StringUtils.containsAnyIgnoreCase(job.getInvokeTarget(), new String[] { Constants.HTTP, Constants.HTTPS })) else if (StringUtils.containsAnyIgnoreCase(job.getInvokeTarget(), new String[] { Constants.HTTP, Constants.HTTPS }))
{ {
...@@ -119,11 +119,11 @@ public class SysJobController extends BaseController ...@@ -119,11 +119,11 @@ public class SysJobController extends BaseController
} }
else if (StringUtils.containsIgnoreCase(job.getInvokeTarget(), Constants.LOOKUP_RMI)) else if (StringUtils.containsIgnoreCase(job.getInvokeTarget(), Constants.LOOKUP_RMI))
{ {
return error("修改任务'" + job.getJobName() + "'失败,目标字符串不允许'rmi://'调用"); return error("修改任务'" + job.getJobName() + "'失败,目标字符串不允许'rmi'调用");
} }
else if (StringUtils.containsIgnoreCase(job.getInvokeTarget(), Constants.LOOKUP_LDAP)) else if (StringUtils.containsIgnoreCase(job.getInvokeTarget(), Constants.LOOKUP_LDAP))
{ {
return error("修改任务'" + job.getJobName() + "'失败,目标字符串不允许'ldap://'调用"); return error("修改任务'" + job.getJobName() + "'失败,目标字符串不允许'ldap'调用");
} }
else if (StringUtils.containsAnyIgnoreCase(job.getInvokeTarget(), new String[] { Constants.HTTP, Constants.HTTPS })) else if (StringUtils.containsAnyIgnoreCase(job.getInvokeTarget(), new String[] { Constants.HTTP, Constants.HTTPS }))
{ {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment