###文件名称敏感词### sensitive.words = ###安全模式### security.mode = false ########################## cfg.security.url.intercept.external.address =false cfg.security.url.exclude.address =127.0.0.1;localhost;192.168.0.66;happy.teemlink.com ####\u7981\u6B62\u4E0A\u4F20\u7684\u6587\u4EF6\u7C7B\u578B\uFF0C\u591A\u4E2D\u6587\u4EF6\u7C7B\u578B\u7528\u201C|\u201D\u7B26\u53F7\u9694\u5F00#### cfg.upload.exclude.fileType = class|jsp|jspx ############################SecurityFilter Firewall Start#################################################################### ####\u662F\u5426\u5F00\u542F\u9632\u706B\u5899#### SecurityFilter.firewall.startFirewall = false ####\u662F\u5426\u6253\u5F00\u8BF7\u6C42\u53C2\u6570\u5173\u952E\u8BCD\u62E6\u622A\u5668\uFF08\u53EF\u7528\u4E8E\u62E6\u622ASQL\u6CE8\u5165\u3001XSS\u811A\u672C\u653B\u51FB\uFF09#### SecurityFilter.firewall.interceptor.keyword = true ####\u662F\u5426\u5F00\u542F\u5F3A\u529B\u62E6\u622A\u6A21\u5F0F\uFF0C\u6B64\u6A21\u5F0F\u4E0B\u53EF\u80FD\u5B58\u5728\u4F4E\u6982\u7387\u8BEF\u6740#### SecurityFilter.firewall.strongMode = true ####\u62E6\u622A\u5173\u952E\u8BCD\uFF0C\u591A\u4E2A\u5173\u952E\u8BCD\u7528\u201C|\u201D\u7B26\u53F7\u9694\u5F00#### SecurityFilter.firewall.interceptor.keyword.excludeChars = exec | and |%20and%20|exec%20|exec(|execute |execute%20|execute(|insert |insert%20|select |select%20|delete |delete%20|update |update%20|count(|count |count%20| * |%20*%20|truncate |truncate%20|declare |declare%20|net user|xp_cmdshell| or |%20or%20|`| like |%20like%20| table |%20table%20|create |create%20|drop |drop%20| from |%20from%20|grant |grant%20|use |use%20|group_concat(|group_concat |group_concat%20|column_name(|column_name |column_name%20|table_schema|information_schema.columns| union |%20union%20| where |%20where%20| order |%20order%20| Order by |%20Orderby by%20| having | 1=1|' and '|**/and/**|master.|-- |--%20|xgprobeix00 ####\u62E6\u622A\u5173\u952E\u8BCD\u7684\u6B63\u5219\u8868\u8FBE\u5F0F\u3001\u591A\u4E2A\u6B63\u5219\u8868\u8FBE\u5F0F\u7528\u201C|\u201D\u7B26\u53F7\u9694\u5F00#### SecurityFilter.firewall.interceptor.keyword.excludePatterns = <\\s*script.*>||<\\s*script.*>|%3c\\s*script.*%3e|%bc\\s*script|<\\s*iframe.*>|<\\s*iframe.*>|%3c\\s*iframe.*%3e|%bc\\s*iframe|<\\s*marquee.*>|<\\s*marquee.*> |<\\s*object.*>|<\\s*object.*>|/*javascript:*|/*alert\\\\(|/*alert(|/*eval\\\\(|/*eval(|\\s*location.*=|/*expression\\\\(|/*expression( ####\u62E6\u622A\u5173\u952E\u8BCD-\u5217\u5916URL\u8BF7\u6C42\uFF08\u8FD9\u91CC\u6240\u914D\u7F6E\u7684URL\u9632\u706B\u5899\u90FD\u4E0D\u8FDB\u884C\u62E6\u622A\uFF09\u3001\u591A\u4E2AURL\u7528\u201C|\u201D\u7B26\u53F7\u9694\u5F00#### #SecurityFilter.firewall.interceptor.keyword.ignoreURL = /core/dynaform/form/save.action|/core/dynaform/view/save.action|/core/workflow/billflow/defi/save.action|/core/expimp/exp/step1exp.action|/core/expimp/imp/imp.action|/core/macro/repository/save.action|/core/resource/save.action|/core/task/save.action|/core/task/saveAndNew.action|/core/task/start.action|/core/task/stop.action|/core/task/stop.action|/portal/user/savePersonal.action|/core/sysconfig/save.action|save.action SecurityFilter.firewall.interceptor.keyword.ignoreURL = /api/portal/FrontFileAndImageUploadServlet|/runtime/upload ####\u662F\u5426\u6253\u5F00\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020\u62E6\u622A\u5668#### SecurityFilter.firewall.interceptor.CSRF = true ####\u8DE8\u7AD9\u8BF7\u6C42\u4F2A\u9020\u62E6\u622A-\u4E3B\u673A\u57DF\u540D \uFF08\u683C\u5F0F\uFF1Ahttp://xxx.xx.com:8001,\u591A\u4E2A\u5730\u5740\u7528\u201C|\u201D\u7B26\u53F7\u9694\u5F00\uFF09\u670D\u52A1\u5668\u7531\u524D\u7F6E\u673A\u53CD\u5411\u4EE3\u7406\u7684\u60C5\u51B5\u4E0B\u4E5F\u9700\u8981\u914D\u7F6E\u524D\u7F6E\u673A\u7684\u57DF\u540D#### SecurityFilter.firewall.interceptor.CSRF.excludeHostAddress = http://192.168.80.51:8080|http://localhost:8080 ####escape\u7F16\u7801\u6392\u67E5\u8DEF\u5F84#### #SecurityFilter.firewall.interceptor.keyword.ignoreEscapeURL = /message/messages/publicMessage.action SecurityFilter.firewall.interceptor.keyword.ignoreEscapeURL = ############################SecurityFilter Firewall End########################################################################