From 170507f071808f3c3c2d412fc29430e16c464b68 Mon Sep 17 00:00:00 2001 From: jiwoo Date: Tue, 18 Jul 2023 14:29:58 +0900 Subject: [PATCH] =?UTF-8?q?=EC=9D=B4=EC=A7=80=EC=9A=B0=20-=20XSS=20?= =?UTF-8?q?=ED=95=84=ED=84=B0=EB=A7=81=20=EC=B2=98=EB=A6=AC=20:=20?= =?UTF-8?q?=EA=B8=B0=EC=A1=B4=20=EC=9D=B8=ED=84=B0=EC=85=89=ED=84=B0=20?= =?UTF-8?q?=EC=A0=95=EA=B7=9C=EC=8B=9D=20=EC=88=98=EC=A0=95,=20=EC=82=AC?= =?UTF-8?q?=EC=9A=A9=EC=9E=90=20=EA=B2=8C=EC=8B=9C=EA=B8=80=20=EC=83=81?= =?UTF-8?q?=EC=84=B8=EC=97=90=20unscript=20=EC=A0=81=EC=9A=A9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 인터셉터 정규식. '<' , '>'안에 한글만 입력하도록 처리. smstxt 등 몇몇 파라미터는 필터링 예외 게시글 상세 unscript 적용. 공지사항, 1:1문의, 이벤트 상세 이동시 파라미터의 '<', '>'와 같은 XSS 취약한 단어들은 replaceAll 처리 --- .../cmm/interceptor/InterceptorHandler.java | 5 ++- .../cop/bbs/web/EgovBBSManageController.java | 38 ++++++++++++++++++- 2 files changed, 41 insertions(+), 2 deletions(-) diff --git a/src/main/java/itn/com/cmm/interceptor/InterceptorHandler.java b/src/main/java/itn/com/cmm/interceptor/InterceptorHandler.java index d6eb725e..d200c1cc 100644 --- a/src/main/java/itn/com/cmm/interceptor/InterceptorHandler.java +++ b/src/main/java/itn/com/cmm/interceptor/InterceptorHandler.java @@ -49,12 +49,15 @@ public class InterceptorHandler extends HandlerInterceptorAdapter{ && !name.toLowerCase().contains("info2list") && !name.toLowerCase().contains("info3list") && !name.toLowerCase().contains("info4list") + && !name.toLowerCase().contains("nttcn") ) { //파라미터 중에 URL 주소를 넘겨주는 부분이 있어서 해당 부분에것 select~, update~, delete~ 로 시작하는 주소경로가 있어서 제외처리를 하였음 String[] values = request.getParameterValues(name); //HTML 태그 관련 부분이 들어있으면 필터링 해주는 정규식 <> ~ 구문 찾아줌 - Pattern regex = Pattern.compile("<(/)?([a-zA-Z]*)(\\\\s[a-zA-Z]*=[^>]*)?(\\\\s)*(/)?>"); + //Pattern regex = Pattern.compile("<(/)?([a-zA-Z]*)(\\\\s[a-zA-Z]*=[^>]*)?(\\\\s)*(/)?>"); + //23.7.18 이지우 - XSS 필터링을 위한 정규식 수정 + Pattern regex = Pattern.compile("<[^ㄱ-ㅎㅏ-ㅣ가-힣<>]+>"); for (String value : values) { //정규식과 동일한 패턴인지 비교해준다. diff --git a/src/main/java/itn/let/cop/bbs/web/EgovBBSManageController.java b/src/main/java/itn/let/cop/bbs/web/EgovBBSManageController.java index 087de32c..7611fd4e 100644 --- a/src/main/java/itn/let/cop/bbs/web/EgovBBSManageController.java +++ b/src/main/java/itn/let/cop/bbs/web/EgovBBSManageController.java @@ -233,7 +233,8 @@ public class EgovBBSManageController { ret = ret.replaceAll("<(F|f)(O|o)(R|r)(M|m)", "<form"); ret = ret.replaceAll("", ">"); ret = ret.replaceAll("alert", ""); //ret = ret.replaceAll("iframe", ""); @@ -1815,6 +1816,18 @@ public class EgovBBSManageController { @RequestParam Map commandMap, RedirectAttributes redirectAttributes) throws Exception { + //XSS 태그 필터링 처리 + boardVO.setBbsId(unscript(boardVO.getBbsId())); + boardVO.setSeCmmnCdId(unscript(boardVO.getSeCmmnCdId())); + boardVO.setFrstRegisterId(unscript(boardVO.getFrstRegisterId())); + boardVO.setSearchBgnDe(unscript(boardVO.getSearchBgnDe())); + boardVO.setSearchEndDe(unscript(boardVO.getSearchEndDe())); + boardVO.setSearchSortCnd(unscript(boardVO.getSearchSortCnd())); + boardVO.setSearchSortOrd(unscript(boardVO.getSearchSortOrd())); + boardVO.setSearchCnd(unscript(boardVO.getSearchCnd())); + boardVO.setSearchWrd(unscript(boardVO.getSearchWrd())); + + BoardMasterVO bmVO = new BoardMasterVO(); if("".equals(boardVO.getBbsId())) { //검색에서 조회시 nttid로 마스터 조회 bmVO = bbsAttrbService.selectBbsIdByNttId(boardVO); @@ -1959,6 +1972,17 @@ public class EgovBBSManageController { @RequestParam Map commandMap, RedirectAttributes redirectAttributes) throws Exception { + //XSS 태그 필터링 처리 + boardVO.setBbsId(unscript(boardVO.getBbsId())); + boardVO.setSeCmmnCdId(unscript(boardVO.getSeCmmnCdId())); + boardVO.setFrstRegisterId(unscript(boardVO.getFrstRegisterId())); + boardVO.setSearchBgnDe(unscript(boardVO.getSearchBgnDe())); + boardVO.setSearchEndDe(unscript(boardVO.getSearchEndDe())); + boardVO.setSearchSortCnd(unscript(boardVO.getSearchSortCnd())); + boardVO.setSearchSortOrd(unscript(boardVO.getSearchSortOrd())); + boardVO.setSearchCnd(unscript(boardVO.getSearchCnd())); + boardVO.setSearchWrd(unscript(boardVO.getSearchWrd())); + BoardMasterVO bmVO = new BoardMasterVO(); //선택된 카테고리가 없는 경우 @@ -4432,6 +4456,18 @@ public class EgovBBSManageController { RedirectAttributes redirectAttributes) throws Exception { + //XSS 태그 필터링 처리 + boardVO.setBbsId(unscript(boardVO.getBbsId())); + boardVO.setSeCmmnCdId(unscript(boardVO.getSeCmmnCdId())); + boardVO.setFrstRegisterId(unscript(boardVO.getFrstRegisterId())); + boardVO.setSearchBgnDe(unscript(boardVO.getSearchBgnDe())); + boardVO.setSearchEndDe(unscript(boardVO.getSearchEndDe())); + boardVO.setSearchSortCnd(unscript(boardVO.getSearchSortCnd())); + boardVO.setSearchSortOrd(unscript(boardVO.getSearchSortOrd())); + boardVO.setSearchCnd(unscript(boardVO.getSearchCnd())); + boardVO.setSearchWrd(unscript(boardVO.getSearchWrd())); + + BoardMasterVO bmVO = new BoardMasterVO(); if("".equals(boardVO.getBbsId())) { //검색에서 조회시 nttid로 마스터 조회 bmVO = bbsAttrbService.selectBbsIdByNttId(boardVO);