浮头导航网

专注编程技术分享的开发者社区

2025年08月12日

Laravel8使用中间件处理XSS(laravel中间件是什么意思)

方案1

创建中间件:

php artisan make:middleware XSSClean

编辑
app/Http/Middleware/XSSClean.php文件:

<?php
 
namespace App\Http\Middleware;
 
use Closure;
use Illuminate\Http\Request;
 
class XSSClean
{
    /**
     * Handle an incoming request.
     *
     * @param \Illuminate\Http\Request $request
     * @param \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse) $next
     * @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
     */
    public function handle(Request $request, Closure $next)
    {
        // return $next($request);
 
        $query = $request->query->all();
        $req = $request->request->all();
        // $all = $request->all();
 
        array_walk_recursive($query, function (&$params) {
            // $params = htmlspecialchars($params);
            $params = strip_tags($params);
        });
 
        $request->query->replace($query);
        // $request->merge($query);
 
        array_walk_recursive($req, function (&$params) {
            // $params = htmlspecialchars($params);
            $params = strip_tags($params);
        });
        $request->request->replace($req);
        // $request->merge($req);
 
        return $next($request);
    }
}

配置app/Http/Kernel.php文件:

    protected $middleware = [
        // ...
        XSSClean::class, // 增加xss处理中间件
        // ...
    ];

方案2

# 下载依赖包
composer require mews/purifier

标签:strip_tags 

作者:myfuto , 分类:技术文章 , 浏览:13 , 评论:0

控制面板
您好,欢迎到访网站!
  查看权限
网站分类
最新留言