common icon indicating copy to clipboard operation
common copied to clipboard

verified publisher icon ihaolin

Metadata

轻量的公用组件(A Lightweight Common Component)

Results 3 common issues
Sort by recently updated
recently updated
newest added

微信用户的昵称中有特殊字符时,获取用户信息出错

接口:`WxUtil.getWechat().user().getUser(openId)` 错误信息: me.hao0.common.exception.JsonException: com.fasterxml.jackson.core.JsonParseException: Illegal unquoted character ((CTRL-CHAR, code 20)): has to be escaped using backslash to be included in string value 需要在 `me.hao0.common.json.Jsons` 工具类中设置 `mapper.configure(Feature.ALLOW_UNQUOTED_CONTROL_CHARS, true) ;`

hrwhat avatar hrwhat

微信支付XXE漏洞

1 comment

微信支付的SDK曝出重大漏洞(XXE漏洞) https://www.cnblogs.com/kismetv/p/9266224.html

Caratacus avatar Caratacus

enhancement

禁用XML外部实体注入

XML 外部实体注入漏洞(XML External Entity Injection,简称 XXE),是一种容易被忽视,但危害巨大的漏洞。它可以利用 XML 外部实体加载注入,执行不可预控的代码,可导致读取任意文件、执行系统命令、探测内网端口、攻击内网网站等危害。

objcoding avatar objcoding

Metadata

23
Stars
24
Forks
Watchers

Owner

verified publisher icon ihaolin

Metadata

轻量的公用组件(A Lightweight Common Component)

Back