本文介绍了java spring请求正文中的转义引号的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我有一个 Java Spring 控制器.我想转义我的请求中的所有引号(例如在 SQL 查询中使用它来清理它).
I have a Java Spring controller. I want to escape all quotes in my request (sanitize it for using it in SQL queries for example).
有没有办法用 Spring 做到这一点?
Is there a way to do that with Spring ?
示例:
@RequestMapping(method = RequestMethod.POST) public List<String[]> myEndpoint(@RequestBody Map<String, String> params, @AuthenticationPrincipal Account connectedUser) throws Exception{ return myService.runQuery(params, connectedUser); } 推荐答案如果要验证控制器中的所有请求参数,可以使用自定义验证器.如需完整信息,请查看完整示例
If you want to validate all your request parameters in controllers, you can use custom validators. For Complete info, check Complete Example
简要概述:
@Component public class YourValidator implements Validator { @Override public boolean supports(Class<?> clazz) { return clazz.isAssignableFrom(YourPojoType.class); } @Override public void validate(Object target, Errors errors) { if (target instanceof YourPojoType) { YourPojoType req = (YourPojoType) target; Map<String, String> params = req.getParams(); //Do your validations. //if any validation failed, errors.rejectValue("yourFieldName", "YourCustomErrorCode", "YourCustomErrorMessage"); } } }控制器
@RestController public class YourController{ @Autowired private YourValidator validator; @RequestMapping(method = RequestMethod.POST) public List<String[]> myEndpoint(@Valid YourPojoType req, BindingResult result, @AuthenticationPrincipal Account connectedUser) throws Exception{ if (result.hasErrors()) { //throw exception } return myService.runQuery(params, connectedUser); } @InitBinder private void initBinder(WebDataBinder binder) { binder.setValidator(validator); }}
更多推荐
java spring请求正文中的转义引号
发布评论