Merge remote-tracking branch 'origin/4.7.1'

src/main/java/net/mingsoft/config/WebConfig.java

@@ -3,6 +3,7 @@ package net.mingsoft.config;
 import java.io.File;
 
 import org.springframework.aop.Advisor;
+import net.mingsoft.basic.filter.XSSEscapeFilter;
 import org.springframework.aop.support.DefaultPointcutAdvisor;
 import org.springframework.aop.support.JdkRegexpMethodPointcut;
 import org.springframework.boot.web.servlet.FilterRegistrationBean;
@@ -131,18 +132,16 @@ public class WebConfig implements WebMvcConfigurer {
 		return new DefaultPointcutAdvisor(druidStatPointcut(), druidStatInterceptor());
 	}
 
-	// /**
-	// * xssFilter注册
-	// */
-	// @Bean
-	// public FilterRegistrationBean xssFilterRegistration() {
-	// XssFilter xssFilter = new XssFilter();
-	// xssFilter.setUrlExclusion(Arrays.asList("/static/"));
-	// FilterRegistrationBean registration = new
-	// FilterRegistrationBean(xssFilter);
-	// registration.addUrlPatterns("/*");
-	// return registration;
-	// }
+	 /**
+	 * xssFilter注册
+	 */
+	 @Bean
+	 public FilterRegistrationBean xssFilterRegistration() {
+	 XSSEscapeFilter xssFilter = new XSSEscapeFilter();
+	 FilterRegistrationBean registration = new FilterRegistrationBean(xssFilter);
+	 registration.addUrlPatterns("/*");
+	 return registration;
+	 }
 
 	/**
 	 * RequestContextListener注册

src/main/resources/application.yml

@@ -13,7 +13,7 @@ ms:
   
  upload: 
    path: /upload 
-   denied: exe
+   denied: .exe,.jsp
    allowed: jpg
    max-size: 1
    memory-size: 4096

src/main/webapp/templets/1/default/about.htm

@@ -6,7 +6,7 @@
 
     <body>
         <#include "head.htm"/>
-        <div class="ms-banner" style="background:url({ms:global.host/}/{ms:global.style/}images/about_us.jpg) no-repeat center;">
+        <div class="ms-banner" style="background:url({ms:global.host/}/{ms:global.style/}/images/about_us.jpg) no-repeat center;">
             <p class="banner_tit_about animated fadeInLeft">关于我们</p>
             <p class="banner_tit_about_des animated fadeInRight">About us</p>
         </div>

src/main/webapp/templets/1/default/advice.htm

@@ -5,7 +5,7 @@
     </head>
     <body>
         <#include "head.htm"/>
-        <div class="ms-banner" style="background:url({ms:global.host/}/{ms:global.style/}images/talk_online.jpeg) no-repeat center;">
+        <div class="ms-banner" style="background:url({ms:global.host/}/{ms:global.style/}/images/talk_online.jpeg) no-repeat center;">
             <p class="banner_tit_other animated fadeInLeft">在线留言</p>
             <p class="banner_tit_other_des animated fadeInRight">Talk online</p>
         </div>

src/main/webapp/templets/1/default/case-list.htm

@@ -6,7 +6,7 @@
 
     <body>
         <#include "head.htm"/>
-        <div class="ms-banner" style="background:url({ms:global.host/}/{ms:global.style/}images/00.png) no-repeat center;">
+        <div class="ms-banner" style="background:url({ms:global.host/}/{ms:global.style/}/images/00.png) no-repeat center;">
             <p class="banner_tit_other animated fadeInLeft">案&nbsp;&nbsp;&nbsp;例</p>
             <p class="banner_tit_other_des animated fadeInRight">Case list</p>
         </div>

src/main/webapp/templets/1/default/news-show.htm

@@ -8,7 +8,7 @@
 
     <body>
         <#include "head.htm">
-        <div class="ms-banner" style="background:url({ms:global.host/}/{ms:global.style/}images/news2.png) no-repeat center;">
+        <div class="ms-banner" style="background:url({ms:global.host/}/{ms:global.style/}/images/news2.png) no-repeat center;">
             <p class="banner_tit_other animated fadeInLeft">公司动态</p>
             
             <p class="banner_tit_other_des animated fadeInRight">Our company</p>