Spring Boot application enables a simple injection defender, to prevent SQL injections and XSS injections.
- Import dependencies
<dependency>
<groupId>com.yookue.springstarter</groupId>
<artifactId>injection-defender-spring-boot-starter</artifactId>
<version>LATEST</version>
</dependency>
By default, this starter will auto take effect, you can turn it off by
spring.injection-defender.enabled = false
- Configure Spring Boot
application.yml
with prefixspring.injection-defender
(Optional)
spring:
injection-defender:
defender-filter:
filter-paths:
- '/**'
exclude-paths:
- '/foo/**'
- '/bar/**'
sql-protection:
throws-exception: true
xss-protection:
throws-exception: true
- jdk 17+
This project is under the Apache License 2.0
See the NOTICE.txt
file for required notices and attributions.
You like this package? Then donate to Yookue to support the development.
- Yookue: https://yookue.com