From e38a936ac4c5c1d44d597e6416e01b0068d67cf7 Mon Sep 17 00:00:00 2001
From: gorgeous_lies <q9722088@gmail.com>
Date: Sat, 12 Aug 2023 11:17:00 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=E7=94=B1=E4=BA=8Etomc?=
 =?UTF-8?q?at=E5=8D=87=E7=BA=A7=E5=AF=BC=E8=87=B4=E7=9A=84webhook=E6=96=9C?=
 =?UTF-8?q?=E6=9D=A0=E8=BD=AC=E4=B9=89=E4=B8=8D=E8=AF=86=E5=88=AB=E9=97=AE?=
 =?UTF-8?q?=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/dev/jianmu/api/SpringbootApp.java    | 21 +++++++++++++++----
 1 file changed, 17 insertions(+), 4 deletions(-)

diff --git a/api/src/main/java/dev/jianmu/api/SpringbootApp.java b/api/src/main/java/dev/jianmu/api/SpringbootApp.java
index a08aece4a..405e917b4 100644
--- a/api/src/main/java/dev/jianmu/api/SpringbootApp.java
+++ b/api/src/main/java/dev/jianmu/api/SpringbootApp.java
@@ -6,9 +6,13 @@ import io.swagger.v3.oas.annotations.enums.SecuritySchemeType;
 import io.swagger.v3.oas.annotations.info.Info;
 import io.swagger.v3.oas.annotations.info.License;
 import io.swagger.v3.oas.annotations.security.SecurityScheme;
+import org.apache.tomcat.util.buf.EncodedSolidusHandling;
 import org.mybatis.spring.annotation.MapperScan;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.web.embedded.tomcat.TomcatConnectorCustomizer;
+import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
+import org.springframework.boot.web.server.WebServerFactoryCustomizer;
 import org.springframework.boot.web.servlet.ServletComponentScan;
 import org.springframework.retry.annotation.EnableRetry;
 import org.springframework.scheduling.annotation.EnableAsync;
@@ -16,12 +20,14 @@ import org.springframework.web.servlet.config.annotation.PathMatchConfigurer;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 import org.springframework.web.util.UrlPathHelper;
 
+import java.util.List;
+
 /**
+ * @author Ethan Liu
  * @class SpringbootApp
  * @description 项目启动类
- * @author Ethan Liu
  * @create 2021-02-12 15:35
-*/
+ */
 @SpringBootApplication(scanBasePackages = "dev.jianmu")
 @MapperScan("dev.jianmu.infrastructure.mapper")
 @EnableRetry
@@ -48,9 +54,8 @@ import org.springframework.web.util.UrlPathHelper;
         )
 )
 @ServletComponentScan
-public class SpringbootApp implements WebMvcConfigurer {
+public class SpringbootApp implements WebMvcConfigurer, WebServerFactoryCustomizer<TomcatServletWebServerFactory> {
     public static void main(String[] args) {
-        System.setProperty("org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH", "true");
         SpringApplication.run(SpringbootApp.class, args);
     }
 
@@ -60,4 +65,12 @@ public class SpringbootApp implements WebMvcConfigurer {
         urlPathHelper.setUrlDecode(false);
         configurer.setUrlPathHelper(urlPathHelper);
     }
+
+    // TODO: 此配置有安全隐患，未来产品需要考虑
+    @Override
+    public void customize(TomcatServletWebServerFactory factory) {
+        TomcatConnectorCustomizer tomcatConnectorCustomizer =
+                connector -> connector.setEncodedSolidusHandling(EncodedSolidusHandling.DECODE.getValue());
+        factory.setTomcatConnectorCustomizers(List.of(tomcatConnectorCustomizer));
+    }
 }
-- 
Gitee