Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
浙江兰德纵横网络技术股份有限公司
o2oa
提交
44c8437c
o2oa
项目概览
浙江兰德纵横网络技术股份有限公司
/
o2oa
通知
333
Star
10
Fork
6
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
o2oa
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
44c8437c
编写于
3月 18, 2024
作者:
NoSubject
浏览文件
操作
浏览文件
下载
差异文件
Merge branch 'fix/xml_xxe_leak' into 'develop'
修复 XML 实体注入漏洞 See merge request o2oa/o2oa!2591
上级
2fb8316b
7c044103
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
24 addition
and
16 deletion
+24
-16
o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/mpweixin/ActionReceiveMsg.java
...com/x/program/center/jaxrs/mpweixin/ActionReceiveMsg.java
+20
-15
o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/qiyeweixin/XMLParse.java
.../java/com/x/program/center/jaxrs/qiyeweixin/XMLParse.java
+4
-1
未找到文件。
o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/mpweixin/ActionReceiveMsg.java
浏览文件 @
44c8437c
...
...
@@ -27,13 +27,13 @@ import com.x.program.center.core.entity.MPWeixinMenu;
* Created by fancyLou on 3/8/21.
* Copyright © 2021 O2. All rights reserved.
*/
public
class
ActionReceiveMsg
extends
BaseAction
{
public
class
ActionReceiveMsg
extends
BaseAction
{
private
static
Logger
logger
=
LoggerFactory
.
getLogger
(
ActionReceiveMsg
.
class
);
ActionResult
<
Wo
>
execute
(
String
signature
,
Long
timestamp
,
String
nonce
,
String
echostr
,
InputStream
inputStream
)
throws
Exception
{
ActionResult
<
Wo
>
execute
(
String
signature
,
Long
timestamp
,
String
nonce
,
String
echostr
,
InputStream
inputStream
)
throws
Exception
{
logger
.
info
(
"微信公众号接收消息,signature:{}, timestamp:{}, nonce:{}, echostr:{}."
,
signature
,
timestamp
,
nonce
,
echostr
);
Wo
wo
=
new
Wo
();
ActionResult
<
Wo
>
actionResult
=
new
ActionResult
<>();
...
...
@@ -88,7 +88,7 @@ public class ActionReceiveMsg extends BaseAction {
wo
.
setText
(
"success"
);
actionResult
.
setData
(
wo
);
return
actionResult
;
}
else
{
}
else
{
String
xml
=
txtMessageBack
(
toUser
,
fromUser
,
content
);
logger
.
info
(
"回复点击菜单消息: {}"
,
xml
);
wo
.
setText
(
xml
);
...
...
@@ -98,7 +98,7 @@ public class ActionReceiveMsg extends BaseAction {
}
else
{
logger
.
info
(
"没有查询到对应的 eventKey:{}"
,
eventKey
);
}
}
else
if
(
WX_MSG_RECEIVE_EVENT_SUBSCRIBE
.
equalsIgnoreCase
(
event
))
{
// 订阅事件
}
else
if
(
WX_MSG_RECEIVE_EVENT_SUBSCRIBE
.
equalsIgnoreCase
(
event
))
{
// 订阅事件
MPWeixinMenu
menu
=
findMenuWithEventKey
(
WX_MSG_RECEIVE_EVENT_SUBSCRIBE
);
if
(
menu
!=
null
)
{
String
content
=
menu
.
getContent
();
...
...
@@ -127,7 +127,7 @@ public class ActionReceiveMsg extends BaseAction {
}
else
{
logger
.
info
(
"未处理消息类型, MsgType: {}"
,
msgType
);
}
}
else
{
}
else
{
logger
.
info
(
"没有获取到消息内容 inputStream 为空!"
);
}
wo
.
setText
(
"success"
);
//不回复消息
...
...
@@ -157,7 +157,7 @@ public class ActionReceiveMsg extends BaseAction {
"<FromUserName><![CDATA["
+
from
+
"]]></FromUserName>"
+
"<CreateTime>"
+
time
+
"</CreateTime>"
+
"<MsgType><![CDATA[image]]></MsgType>"
+
"<Image><MediaId><![CDATA["
+
mediaId
+
"]]></MediaId></Image>"
+
"<Image><MediaId><![CDATA["
+
mediaId
+
"]]></MediaId></Image>"
+
"</xml>"
;
return
xml
;
}
...
...
@@ -170,7 +170,7 @@ public class ActionReceiveMsg extends BaseAction {
"<FromUserName><![CDATA["
+
from
+
"]]></FromUserName>"
+
"<CreateTime>"
+
time
+
"</CreateTime>"
+
"<MsgType><![CDATA[voice]]></MsgType>"
+
"<Voice><MediaId><![CDATA["
+
mediaId
+
"]]></MediaId></Voice>"
+
"<Voice><MediaId><![CDATA["
+
mediaId
+
"]]></MediaId></Voice>"
+
"</xml>"
;
return
xml
;
}
...
...
@@ -183,10 +183,10 @@ public class ActionReceiveMsg extends BaseAction {
"<FromUserName><![CDATA["
+
from
+
"]]></FromUserName>"
+
"<CreateTime>"
+
time
+
"</CreateTime>"
+
"<MsgType><![CDATA[video]]></MsgType>"
+
"<Video>"
+
"<MediaId><![CDATA["
+
mediaId
+
"]]></MediaId>"
+
"<Title><![CDATA["
+
title
+
"]]></Title>"
+
"<Description><![CDATA["
+
description
+
"]]></Description>"
+
"<Video>"
+
"<MediaId><![CDATA["
+
mediaId
+
"]]></MediaId>"
+
"<Title><![CDATA["
+
title
+
"]]></Title>"
+
"<Description><![CDATA["
+
description
+
"]]></Description>"
+
"</Video>"
+
"</xml>"
;
return
xml
;
...
...
@@ -199,24 +199,27 @@ public class ActionReceiveMsg extends BaseAction {
/**
* 读取xml
*
* @param ins
* @return
* @throws Exception
*/
public
static
Map
<
String
,
String
>
xmlToMap
(
InputStream
ins
)
throws
Exception
{
public
static
Map
<
String
,
String
>
xmlToMap
(
InputStream
ins
)
throws
Exception
{
Map
<
String
,
String
>
map
=
new
HashMap
<>();
if
(
ins
==
null
)
{
return
map
;
}
SAXReader
reader
=
new
SAXReader
();
reader
.
setFeature
(
"http://apache.org/xml/features/disallow-doctype-decl"
,
true
);
reader
.
setFeature
(
"http://xml.org/sax/features/external-general-entities"
,
false
);
reader
.
setFeature
(
"http://xml.org/sax/features/external-parameter-entities"
,
false
);
Document
doc
=
reader
.
read
(
ins
);
Element
root
=
doc
.
getRootElement
();
List
<
Element
>
list
=
root
.
elements
();
for
(
Element
e
:
list
)
{
for
(
Element
e
:
list
)
{
map
.
put
(
e
.
getName
(),
e
.
getText
());
}
ins
.
close
();
...
...
@@ -231,11 +234,13 @@ public class ActionReceiveMsg extends BaseAction {
String
toUser
;
String
text
;
String
scriptId
;
ExecuteServiceScriptThread
(
String
toUser
,
String
text
,
String
scriptId
)
{
this
.
toUser
=
toUser
;
this
.
text
=
text
;
this
.
scriptId
=
scriptId
;
}
@Override
public
void
run
()
{
evalRemote
();
...
...
@@ -248,7 +253,7 @@ public class ActionReceiveMsg extends BaseAction {
body
.
setKeyword
(
text
);
body
.
setOpenId
(
toUser
);
ActionResponse
result
=
CipherConnectionAction
.
post
(
false
,
Config
.
url_x_program_center_jaxrs
(
"invoke"
,
scriptId
,
"execute"
),
body
);
Config
.
url_x_program_center_jaxrs
(
"invoke"
,
scriptId
,
"execute"
),
body
);
logger
.
info
(
"执行脚本结果: "
+
result
.
toJson
());
}
else
{
logger
.
warn
(
"没有配置服务脚本id"
);
...
...
o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/qiyeweixin/XMLParse.java
浏览文件 @
44c8437c
...
...
@@ -35,11 +35,14 @@ class XMLParse {
Object
[]
result
=
new
Object
[
3
];
try
{
DocumentBuilderFactory
dbf
=
DocumentBuilderFactory
.
newInstance
();
dbf
.
setExpandEntityReferences
(
false
);
dbf
.
setFeature
(
"http://apache.org/xml/features/disallow-doctype-decl"
,
true
);
dbf
.
setFeature
(
"http://xml.org/sax/features/external-general-entities"
,
false
);
dbf
.
setFeature
(
"http://xml.org/sax/features/external-parameter-entities"
,
false
);
DocumentBuilder
db
=
dbf
.
newDocumentBuilder
();
StringReader
sr
=
new
StringReader
(
xmltext
);
InputSource
is
=
new
InputSource
(
sr
);
Document
document
=
db
.
parse
(
is
);
Element
root
=
document
.
getDocumentElement
();
NodeList
nodelist1
=
root
.
getElementsByTagName
(
"Encrypt"
);
NodeList
nodelist2
=
root
.
getElementsByTagName
(
"ToUserName"
);
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录