From 7479ff4b06680cb7cca3a9cd987c4d6efb2d0032 Mon Sep 17 00:00:00 2001 From: RuoYi Date: Sat, 25 Sep 2021 17:12:37 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8Dxss=E8=BF=87=E6=BB=A4?= =?UTF-8?q?=E5=90=8E=E6=A0=BC=E5=BC=8F=E5=87=BA=E7=8E=B0=E7=9A=84=E5=BC=82?= =?UTF-8?q?=E5=B8=B8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../src/main/java/com/ruoyi/common/utils/html/HTMLFilter.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/utils/html/HTMLFilter.java b/ruoyi-common/src/main/java/com/ruoyi/common/utils/html/HTMLFilter.java index 3de26bb4..415acbab 100644 --- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/html/HTMLFilter.java +++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/html/HTMLFilter.java @@ -387,7 +387,7 @@ public final class HTMLFilter { paramValue = processParamProtocol(paramValue); } - params.append(' ').append(paramName).append("=\"").append(paramValue).append("\""); + params.append(' ').append(paramName).append("=\\\"").append(paramValue).append("\""); } }