From 269f2e3c10e1cfe248ec77d1c94bbbd4ce3e8f77 Mon Sep 17 00:00:00 2001
From: kim <haerong22@naver.com>
Date: Thu, 21 Jan 2021 19:15:10 +0900
Subject: [PATCH] xss filter

---
 .../src/main/java/com/example/jspblog/domain/board/Board.java | 4 ++++
 jspblog/src/main/webapp/WEB-INF/web.xml                       | 1 +
 2 files changed, 5 insertions(+)

diff --git a/jspblog/src/main/java/com/example/jspblog/domain/board/Board.java b/jspblog/src/main/java/com/example/jspblog/domain/board/Board.java
index 4fabefdf..49f0e1d3 100644
--- a/jspblog/src/main/java/com/example/jspblog/domain/board/Board.java
+++ b/jspblog/src/main/java/com/example/jspblog/domain/board/Board.java
@@ -19,4 +19,8 @@ public class Board {
     private String content;
     private int readCount;
     private Timestamp createDate;
+
+    public String getTitle() {
+        return title.replaceAll("<", "&lt;").replaceAll(">", "&gt;");
+    }
 }
diff --git a/jspblog/src/main/webapp/WEB-INF/web.xml b/jspblog/src/main/webapp/WEB-INF/web.xml
index 8487619a..7697c346 100644
--- a/jspblog/src/main/webapp/WEB-INF/web.xml
+++ b/jspblog/src/main/webapp/WEB-INF/web.xml
@@ -25,6 +25,7 @@
         <filter-name>charConfig</filter-name>
         <url-pattern>/*</url-pattern>
     </filter-mapping>
+
     <filter-mapping>
         <filter-name>forbiddenUrlConfig</filter-name>
         <url-pattern>*.jsp</url-pattern>