Skip to content

Commit 3cd29c1

Browse files
JoyChou93JoyChou93
committed
fix bug
1 parent 4c21c97 commit 3cd29c1

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

src/main/java/org/joychou/controller/URLWhiteList.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -91,9 +91,9 @@ public String indexOf(HttpServletRequest request) throws Exception{
9191
}
9292

9393
// URL类getHost方法被绕过造成的安全问题
94-
// 绕过姿势:http://localhost:8080/url/seccode?url=http://www.taobao.com%23@joychou.com/, URL类getHost为joychou.com
94+
// 绕过姿势:http://localhost:8080/url/urlVul?url=http://www.taobao.com%23@joychou.com/, URL类getHost为joychou.com
9595
// 直接访问http://www.taobao.com#@joychou.com/,浏览器请求的是www.taobao.com
96-
@RequestMapping("/url")
96+
@RequestMapping("/urlVul")
9797
@ResponseBody
9898
public String urlVul(HttpServletRequest request) throws Exception{
9999
String url = request.getParameter("url");

0 commit comments

Comments
 (0)