laravel防止XSS攻击(中间件使用)
作者:互联网
1.首先,创建中间件:
php artisan make:middleware XSS
2.其次,修改app/Http/Middleware/XSS.php文件
XSS.php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
class XSS
{
public function handle(Request $request, Closure$next)
{
$input = $request->all();
array_walk_recursive($input,function(&$input) {
$input = strip_tags($input);
});
$request->merge($input);
return $next($request);
}
}
3.然后,必须在app/Http/Kernel.php文件中注册中间件:
Kernel.php
class Kernel extends HttpKernel
{
....
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
....
'XSS' => \App\Http\Middleware\XSS::class,
];
}
4.最后,在路由中增加**‘middleware’ => [‘XSS’]**:
Route::group(['namespace'=>'Home','middleware' => ['XSS']],function(){ Route::post('customValiPost','CustomValDemoController@customValiPost');
});
lhttps://blog.csdn.net/huangfenhu/article/details/88550751
laravel8 防止XSS攻击 预防处理方案从及防sql注入 | Laravel China 社区 (learnku.com)
标签:laravel,XSS,Http,Middleware,中间件,input,php,class 来源: https://www.cnblogs.com/xiaoyantongxue/p/16120223.html