laravel防止XSS攻击(中间件使用)
作者:互联网
1.首先,创建中间件:
php artisan make:middleware XSS
2.其次,修改app/Http/Middleware/XSS.php文件
XSS.php namespace App\Http\Middleware; use Closure; use Illuminate\Http\Request; class XSS { public function handle(Request $request, Closure$next) { $input = $request->all(); array_walk_recursive($input,function(&$input) { $input = strip_tags($input); }); $request->merge($input); return $next($request); } }
3.然后,必须在app/Http/Kernel.php文件中注册中间件:
Kernel.php class Kernel extends HttpKernel { .... protected $routeMiddleware = [ 'auth' => \App\Http\Middleware\Authenticate::class, .... 'XSS' => \App\Http\Middleware\XSS::class, ]; }
4.最后,在路由中增加**‘middleware’ => [‘XSS’]**:
Route::group(['namespace'=>'Home','middleware' => ['XSS']],function(){ Route::post('customValiPost','CustomValDemoController@customValiPost'); });
lhttps://blog.csdn.net/huangfenhu/article/details/88550751
laravel8 防止XSS攻击 预防处理方案从及防sql注入 | Laravel China 社区 (learnku.com)
标签:laravel,XSS,Http,Middleware,中间件,input,php,class 来源: https://www.cnblogs.com/xiaoyantongxue/p/16120223.html