aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/main/java/com/juick/www/BinderHandler.java17
1 files changed, 17 insertions, 0 deletions
diff --git a/src/main/java/com/juick/www/BinderHandler.java b/src/main/java/com/juick/www/BinderHandler.java
new file mode 100644
index 00000000..c89fc37c
--- /dev/null
+++ b/src/main/java/com/juick/www/BinderHandler.java
@@ -0,0 +1,17 @@
+package com.juick.www;
+
+import org.springframework.core.annotation.Order;
+import org.springframework.web.bind.WebDataBinder;
+import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.bind.annotation.InitBinder;
+
+@ControllerAdvice
+@Order(10000)
+public class BinderHandler {
+
+ @InitBinder
+ public void setAllowedFields(WebDataBinder dataBinder) {
+ String[] denylist = new String[] { "class.*", "Class.*", "*.class.*", "*.Class.*" };
+ dataBinder.setDisallowedFields(denylist);
+ }
+}