1、创建中间件
php artisan make:middleware XSSClean
2、编辑app/Http/Middleware/XSSClean.php文件
query->all();
$req = $request->request->all();
// $all = $request->all();
array_walk_recursive($query, function (&$params) {
// $params = htmlspecialchars($params);
$params = strip_tags($params);
});
$request->query->replace($query);
// $request->merge($query);
array_walk_recursive($req, function (&$params) {
// $params = htmlspecialchars($params);
$params = strip_tags($params);
});
$request->request->replace($req);
// $request->merge($req);
return $next($request);
}
}
3、配置app/Http/Kernel.php文件
protected $middleware = [
// ...
XSSClean::class, // 增加xss处理中间件
// ...
];
其他方案:
composer require mews/purifier
参考:
laravel8 实现XSS预防处理方案_laravel防止转义xss-CSDN博客
360通用php防护代码(使用操作详解)_php编程-跟版网
http://www.cnblogs.com/bingtang123/p/12844659.html