From 6c2b8e99aed0295f84d3915fe23a9526edc04257 Mon Sep 17 00:00:00 2001 From: leebeomjun Date: Thu, 28 Mar 2024 10:40:22 +0900 Subject: [PATCH] =?UTF-8?q?=EC=9D=91=EB=8B=B5=20=ED=97=A4=EB=8D=94=20?= =?UTF-8?q?=EA=B2=BD=EB=9F=89=ED=99=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../cokr/xit/base/ResponseHeaderFilter.java | 50 +++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 src/main/java/cokr/xit/base/ResponseHeaderFilter.java diff --git a/src/main/java/cokr/xit/base/ResponseHeaderFilter.java b/src/main/java/cokr/xit/base/ResponseHeaderFilter.java new file mode 100644 index 00000000..b2af1548 --- /dev/null +++ b/src/main/java/cokr/xit/base/ResponseHeaderFilter.java @@ -0,0 +1,50 @@ +package cokr.xit.base; + +import java.io.IOException; + +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpServletResponseWrapper; + +import org.springframework.core.annotation.Order; +import org.springframework.stereotype.Component; + +@Component +@Order(-10001) +public class ResponseHeaderFilter implements Filter { + + public ResponseHeaderFilter() {} + + @Override + public void destroy() {} + + @Override + public void doFilter(ServletRequest request, ServletResponse response, + FilterChain chain) throws IOException, ServletException { + + chain.doFilter(request, new HttpServletResponseWrapper((HttpServletResponse) response) { + + @Override + public void setHeader(String name, String value) { + + if(name.equalsIgnoreCase("X-Xss-Protection")) { + if(super.containsHeader("Content-Type")) { + if(super.getContentType() != null) { + if(super.getContentType().startsWith("application/json")) { + return; + } + } + } + } + + super.setHeader(name, value); + return; + } + }); + + } +}