删除XSSFilter，避免OOM

src/main/java/com/ycwl/basic/config/FilterConfig.java

@@ -1,22 +0,0 @@
-package com.ycwl.basic.config;
-
-import com.ycwl.basic.filter.XssFilter;
-import org.springframework.boot.web.servlet.FilterRegistrationBean;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-
-import javax.servlet.DispatcherType;
-
-@Configuration
-public class FilterConfig {
-    @Bean
-    public FilterRegistrationBean xssFilterRegistrationBean(){
-        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
-        filterRegistrationBean.setFilter(new XssFilter());
-        filterRegistrationBean.setOrder(1);
-        filterRegistrationBean.setDispatcherTypes(DispatcherType.REQUEST);
-        filterRegistrationBean.setEnabled(true);
-        filterRegistrationBean.addUrlPatterns("/*");
-        return filterRegistrationBean;
-    }
-}

src/main/java/com/ycwl/basic/filter/XssFilter.java

@@ -1,33 +0,0 @@
-package com.ycwl.basic.filter;
-
-import com.ycwl.basic.xss.XSSHttpServletRequestWrapper;
-
-import javax.servlet.*;
-import javax.servlet.http.HttpServletRequest;
-import java.io.IOException;
-
-public class XssFilter implements Filter {
-    /**
-     * 初始化方法
-     */
-    @Override
-    public void init(FilterConfig filterConfig) throws ServletException {
-    }
-    /**
-     * 过滤方法
-     */
-    @Override
-    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
-        ServletRequest wrapper = null;
-        if (request instanceof HttpServletRequest) {
-            HttpServletRequest servletRequest = (HttpServletRequest) request;
-            wrapper = new XSSHttpServletRequestWrapper(servletRequest);
-        }
-
-        if (null == wrapper) {
-            chain.doFilter(request, response);
-        } else {
-            chain.doFilter(wrapper, response);
-        }
-    }
-}

src/main/java/com/ycwl/basic/xss/XSSHttpServletRequestWrapper.java

@@ -1,186 +0,0 @@
-package com.ycwl.basic.xss;
-
-
-import cn.hutool.core.collection.CollectionUtil;
-import org.apache.commons.lang3.StringUtils;
-import org.apache.commons.text.StringEscapeUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import javax.servlet.ReadListener;
-import javax.servlet.ServletInputStream;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletRequestWrapper;
-import java.io.*;
-import java.nio.charset.StandardCharsets;
-import java.util.Arrays;
-import java.util.Map;
-
-/**
- * 重新包装一下Request。重写一些获取参数的方法，将每个参数都进行过滤
- */
-public class XSSHttpServletRequestWrapper extends HttpServletRequestWrapper {
-    private static final Logger logger = LoggerFactory.getLogger(XSSHttpServletRequestWrapper.class);
-
-    private HttpServletRequest request;
-    /**
-     * 请求体 RequestBody
-     */
-    private String reqBody;
-
-    /**
-     * Constructs a request object wrapping the given request.
-     *
-     * @param request The request to wrap
-     * @throws IllegalArgumentException if the request is null
-     */
-    public XSSHttpServletRequestWrapper(HttpServletRequest request) {
-        super(request);
-        this.request = request;
-        reqBody = getBodyString();
-    }
-
-
-    @Override
-    public String getQueryString() {
-        return StringEscapeUtils.escapeHtml4(super.getQueryString());
-    }
-
-    /**
-     * The default behavior of this method is to return getParameter(String
-     * name) on the wrapped request object.
-     *
-     * @param name
-     */
-    @Override
-    public String getParameter(String name) {
-        String parameter = request.getParameter(name);
-        if (StringUtils.isNotBlank(parameter)) {
-            parameter = StringEscapeUtils.escapeHtml4(parameter);
-        }
-        return parameter;
-    }
-
-    /**
-     * The default behavior of this method is to return
-     * getParameterValues(String name) on the wrapped request object.
-     *
-     * @param name
-     */
-    @Override
-    public String[] getParameterValues(String name) {
-        String[] parameterValues = request.getParameterValues(name);
-        if (parameterValues != null && parameterValues.length > 0) {
-            if (!CollectionUtil.isEmpty(Arrays.asList(parameterValues))) {
-                for (int i = 0; i < parameterValues.length; i++)
-                {
-                    parameterValues[i] = StringEscapeUtils.escapeHtml4(parameterValues[i]);
-                }
-            }
-        }
-        return parameterValues;
-    }
-
-    /**
-     * The default behavior of this method is to return getParameterMap() on the
-     * wrapped request object.
-     */
-    @Override
-    public Map<String, String[]> getParameterMap() {
-        Map<String, String[]> map = request.getParameterMap();
-        if (map != null && !map.isEmpty()) {
-            for (String[] value : map.values()) {
-                /*循环所有的value*/
-                for (String str : value) {
-                    logger.info("----filter before--value:{}----", str);
-                    str = StringEscapeUtils.escapeHtml4(str);
-                    logger.info("----filter after--value:{}----", str);
-                }
-            }
-        }
-        return map;
-    }
-
-    /*重写输入流的方法，因为使用RequestBody的情况下是不会走上面的方法的*/
-    /**
-     * The default behavior of this method is to return getReader() on the
-     * wrapped request object.
-     */
-    @Override
-    public BufferedReader getReader() throws IOException {
-        return new BufferedReader(new InputStreamReader(getInputStream()));
-    }
-
-    /**
-     * The default behavior of this method is to return getInputStream() on the
-     * wrapped request object.
-     */
-    @Override
-    public ServletInputStream getInputStream() throws IOException {
-        /*创建字节数组输入流*/
-        final ByteArrayInputStream bais = new ByteArrayInputStream(reqBody.getBytes(StandardCharsets.UTF_8));
-        return new ServletInputStream() {
-            @Override
-            public boolean isFinished() {
-                return false;
-            }
-
-            @Override
-            public boolean isReady() {
-                return false;
-            }
-
-            @Override
-            public void setReadListener(ReadListener listener) {
-            }
-
-            @Override
-            public int read() throws IOException {
-                return bais.read();
-            }
-        };
-    }
-
-
-    /**
-     * 获取请求体
-     *
-     * @return 请求体
-     */
-    private String getBodyString() {
-        StringBuilder builder = new StringBuilder();
-        InputStream inputStream = null;
-        BufferedReader reader = null;
-
-        try {
-            inputStream = request.getInputStream();
-
-            reader = new BufferedReader(new InputStreamReader(inputStream));
-
-            String line;
-
-            while ((line = reader.readLine()) != null) {
-                builder.append(line);
-            }
-        } catch (IOException e) {
-            logger.error("-----get Body String Error:{}----", e.getMessage(), e);
-        } finally {
-            if (inputStream != null) {
-                try {
-                    inputStream.close();
-                } catch (IOException e) {
-                    logger.error("-----get Body String Error:{}----", e.getMessage(), e);
-                }
-            }
-            if (reader != null) {
-                try {
-                    reader.close();
-                } catch (IOException e) {
-                    logger.error("-----get Body String Error:{}----", e.getMessage(), e);
-                }
-            }
-        }
-        return builder.toString();
-    }
-}
-