xinyin025/RuoYi-Vue-Plus
1
0
Fork 0
mirror of https://github.com/dromara/RuoYi-Vue-Plus.git synced 2025-11-04 16:23:42 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

update 优化 拦截爬虫跟踪等垃圾请求

Browse Source
This commit is contained in:
疯狂的狮子Li
2024-11-15 11:03:20 +08:00
parent f6d9bec16c
commit 2d2bd48963
1 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
ruoyi-common/ruoyi-common-web/src/main/java/org/dromara/common/web/config/UndertowConfig.java
View File

@@ -1,6 +1,8 @@
package org.dromara.common.web.config; package org.dromara.common.web.config;
import io.undertow.server.DefaultByteBufferPool; import io.undertow.server.DefaultByteBufferPool;
import io.undertow.server.handlers.DisallowedMethodsHandler;
import io.undertow.util.HttpString;
import io.undertow.websockets.jsr.WebSocketDeploymentInfo; import io.undertow.websockets.jsr.WebSocketDeploymentInfo;
import org.dromara.common.core.utils.SpringUtils; import org.dromara.common.core.utils.SpringUtils;
import org.springframework.boot.autoconfigure.AutoConfiguration; import org.springframework.boot.autoconfigure.AutoConfiguration;
@@ -28,6 +30,15 @@ public class UndertowConfig implements WebServerFactoryCustomizer<UndertowServle
deploymentInfo.setExecutor(executor); deploymentInfo.setExecutor(executor);
deploymentInfo.setAsyncExecutor(executor); deploymentInfo.setAsyncExecutor(executor);
} }
deploymentInfo.addInitialHandlerChainWrapper(handler -> {
// 禁止三个方法 CONNECT/TRACE/TRACK 也是不安全的 避免爬虫骚扰
HttpString[] disallowedHttpMethods = {
HttpString.tryFromString("CONNECT"),
HttpString.tryFromString("TRACE"),
HttpString.tryFromString("TRACK")
};
return new DisallowedMethodsHandler(handler, disallowedHttpMethods);
});
}); });
} }