update 优化拦截爬虫跟踪等垃圾请求

2024-11-15 11:03:20 +08:00 · 2024-11-15 11:03:20 +08:00 · 2d2bd48963
commit 2d2bd48963
parent f6d9bec16c
1 changed files with 11 additions and 0 deletions
--- a/ruoyi-common/ruoyi-common-web/src/main/java/org/dromara/common/web/config/UndertowConfig.java
+++ b/ruoyi-common/ruoyi-common-web/src/main/java/org/dromara/common/web/config/UndertowConfig.java
@ -1,6 +1,8 @@
 package org.dromara.common.web.config;

 import io.undertow.server.DefaultByteBufferPool;
+import io.undertow.server.handlers.DisallowedMethodsHandler;
+import io.undertow.util.HttpString;
 import io.undertow.websockets.jsr.WebSocketDeploymentInfo;
 import org.dromara.common.core.utils.SpringUtils;
 import org.springframework.boot.autoconfigure.AutoConfiguration;
@ -28,6 +30,15 @@ public class UndertowConfig implements WebServerFactoryCustomizer<UndertowServle
                deploymentInfo.setExecutor(executor);
                deploymentInfo.setAsyncExecutor(executor);
            }
+            deploymentInfo.addInitialHandlerChainWrapper(handler -> {
+                // 禁止三个方法 CONNECT/TRACE/TRACK 也是不安全的 避免爬虫骚扰
+                HttpString[] disallowedHttpMethods = {
+                    HttpString.tryFromString("CONNECT"),
+                    HttpString.tryFromString("TRACE"),
+                    HttpString.tryFromString("TRACK")
+                };
+                return new DisallowedMethodsHandler(handler, disallowedHttpMethods);
+            });
        });
    }