Spring Boot application enables a simple injection defender, to prevent SQL injections and XSS injections.
- Import dependencies
<dependency>
<groupId>cn.unikue.springstarter</groupId>
<artifactId>injection-defender-spring-boot-starter</artifactId>
<version>LATEST</version>
</dependency>By default, this starter will auto take effect, you can turn it off by
spring.injection-defender.enabled = false
- Configure Spring Boot
application.ymlwith prefixspring.injection-defender(Optional)
spring:
injection-defender:
defender-filter:
filter-paths:
- '/**'
exclude-paths:
- '/foo/**'
- '/bar/**'
sql-protection:
throws-exception: true
xss-protection:
throws-exception: true- jdk 17+
This project is under the Apache License 2.0
See the NOTICE.txt file for required notices and attributions.
You like this package? Then donate to us to support the development.
Beijing Unikue Network Technology Ltd.
- Unikue: https://unikue.cn