Merge branch 'dev' into test
This commit is contained in:
chenbowen
@@ -33,6 +33,7 @@ import org.springframework.web.util.ContentCachingResponseWrapper;
|
||||
import org.springframework.web.util.UriComponentsBuilder;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.net.URLDecoder;
|
||||
import java.net.URLEncoder;
|
||||
import java.nio.charset.Charset;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
@@ -304,15 +305,28 @@ public class GatewaySecurityFilter extends OncePerRequestFilter {
|
||||
.build()
|
||||
.getQueryParams();
|
||||
params.forEach((key, values) -> {
|
||||
if (!StringUtils.hasText(key) || "signature".equalsIgnoreCase(key)) {
|
||||
String decodedKey = URLDecoder.decode(key, StandardCharsets.UTF_8);
|
||||
if (!StringUtils.hasText(decodedKey) || "signature".equalsIgnoreCase(decodedKey)) {
|
||||
return;
|
||||
}
|
||||
if (CollectionUtils.isEmpty(values)) {
|
||||
target.put(key, "");
|
||||
} else if (values.size() == 1) {
|
||||
target.put(key, values.get(0));
|
||||
target.put(decodedKey, "");
|
||||
return;
|
||||
}
|
||||
// 对每一个 value 做 URL 解码,确保与客户端原文签名一致
|
||||
List<String> decodedValues = values.stream()
|
||||
.map(val -> URLDecoder.decode(val, StandardCharsets.UTF_8))
|
||||
.toList();
|
||||
boolean allNullLiteral = decodedValues.stream()
|
||||
.allMatch(v -> "null".equals(v));
|
||||
if (allNullLiteral) {
|
||||
// 过滤掉仅包含字符串 "null" 的参数
|
||||
return;
|
||||
}
|
||||
if (decodedValues.size() == 1) {
|
||||
target.put(decodedKey, decodedValues.get(0));
|
||||
} else {
|
||||
target.put(key, String.join(",", values));
|
||||
target.put(decodedKey, String.join(",", decodedValues));
|
||||
}
|
||||
});
|
||||
} catch (IllegalArgumentException ex) {
|
||||
|
||||
File diff suppressed because one or more lines are too long
Reference in New Issue
Block a user