diff options
-rw-r--r-- | src/main/java/com/juick/www/BinderHandler.java | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/src/main/java/com/juick/www/BinderHandler.java b/src/main/java/com/juick/www/BinderHandler.java new file mode 100644 index 00000000..c89fc37c --- /dev/null +++ b/src/main/java/com/juick/www/BinderHandler.java @@ -0,0 +1,17 @@ +package com.juick.www; + +import org.springframework.core.annotation.Order; +import org.springframework.web.bind.WebDataBinder; +import org.springframework.web.bind.annotation.ControllerAdvice; +import org.springframework.web.bind.annotation.InitBinder; + +@ControllerAdvice +@Order(10000) +public class BinderHandler { + + @InitBinder + public void setAllowedFields(WebDataBinder dataBinder) { + String[] denylist = new String[] { "class.*", "Class.*", "*.class.*", "*.Class.*" }; + dataBinder.setDisallowedFields(denylist); + } +} |