hyperf 防止xss攻击自定义中间件封装
<?php declare ( strict_types= 1 ) ; namespace App\ Middleware ; use Psr\ Container\ ContainerInterface ;
use Psr\ Http\ Message\ ResponseInterface ;
use Psr\ Http\ Server\ MiddlewareInterface ;
use Psr\ Http\ Message\ ServerRequestInterface ;
use Psr\ Http\ Server\ RequestHandlerInterface ; class XSSProtectionMiddleware implements MiddlewareInterface
{ protected $container ; public function __construct ( ContainerInterface $container ) { $this -> container = $container ; } public function process ( ServerRequestInterface $request , RequestHandlerInterface $handler ) : ResponseInterface { $input = $request -> all ( ) ; array_walk_recursive ( $input , function ( & $input ) { $input = ( strip_tags ( htmlspecialchars ( htmlentities ( $input , ENT_QUOTES , 'UTF-8' ) ) ) ) ; } ) ; $request = $request -> withQueryParams ( $input ) ; return $handler -> handle ( $request ) ; }
}
laravel、lumen防止xss攻击自定义中间件封装
<?php namespace App\ Http\ Middleware ; use Closure ;
use Illuminate\ Http\ Request ; class XSSProtectionMiddleware
{ public function handle ( Request $request , Closure $next ) { $input = $request -> all ( ) ; array_walk_recursive ( $input , function ( & $input ) { $input = ( strip_tags ( htmlspecialchars ( htmlentities ( $input , ENT_QUOTES , 'UTF-8' ) ) ) ) ; } ) ; $request -> merge ( $input ) ; return $next ( $request ) ; }
}