Comments (7)
pagehelper
commented on July 30, 2024
有一个不检查的方法你试试
from mybatis-pagehelper.
fly2086
commented on July 30, 2024
有一个不检查的方法你试试
哪一个?
from mybatis-pagehelper.
fly2086
commented on July 30, 2024
已有项目存在一些类似的使用,没办法直接升级了,想要使用新功能,就必须修改原有代码。
你这个修改应该加上配置,默认关闭,有需要的才开启,现在是强制开启,太狠了。
如果不小心升级了,编译又没报错,一上线系统到处报警,让人一脸懵逼啊。
from mybatis-pagehelper.
abel533
commented on July 30, 2024
不这样就影响漏洞检测。。
下个版本加个参数允许关闭。
from mybatis-pagehelper.
pagehelper
commented on July 30, 2024
当前的设计不支持参数控制order by,后续考虑集成 mybatis-config 后再支持。
from mybatis-pagehelper.
zhangdp
commented on July 30, 2024
建议增加方法重载可传入参数配置是否需要开启order by sql注入检查而不是全局开关,很多时候参数都是后端直接生成的不是前端传过来的这时候很确定不可能有sql注入,白白浪费性能来检测
from mybatis-pagehelper.
abel533
commented on July 30, 2024
可以来个PR试试。
建议在自己框架封装个新的PageHelper静态方法,调用不检查注入的方法。(不是PR的建议)
from mybatis-pagehelper.
Related Issues (20)
- Springboot3版本supportMethodsArguments参数失效 HOT 2
- NoClassDefFoundError: net/sf/jsqlparser/statement/select/ParenthesedSelect HOT 1
- 开启asyncCount 时,打印的sql语句不全 HOT 2
- JSqlParser4.8 HOT 1
- 如何兼容MybatisPlus 3.5.5 和 PageHelper 2.1.0 ? HOT 7
- make PageInfo implement Collection, and then can use it as a List directly HOT 1
- 开启异步count支持后,不兼容Mybatis-Plus的多租户插件 HOT 4
- springboot3.2.2引入pageHelper5.3.2执行分页方法报类型转换异常。分页不生效 HOT 1
- 开发者福利,尽快尝试领取!StarkNet针对TOP 5K进行空投!
- pagehelper在docker中卡在了启动欢迎处 HOT 1
- sqlserver 使用 PageHelper.startPage 分页报错 HOT 3
- 数据查询返回后进行转化,hasNextPage属性值永远是false HOT 3
- 升级到6.1.0后jsqlparser4.7又出问题了 HOT 2
- 版本由4.1.6 升级到5.3.2后,PageDynamicSqlSource被删除了有什么方案代替 HOT 1
- PageHelper6.1.0搭配jsqlparser4.5又出问题了
- springboot 3 整合 pagehelper 报错 Caused by: java.lang.NoClassDefFoundError: net/sf/jsqlparser/statement/select/SelectBody HOT 2
- sqlparser-timeout超时时间好像不是10秒 HOT 2
- SqlServer 跨服务器查询语句,会提示不支持该SQL转换为分页查询 HOT 2
- 希望增加分页条数的缓存功能 HOT 3
- 严重BUG,使用sqlserver时,分页查询因为ORDER BY前的空行导致查询缓慢的问题 HOT 8
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from mybatis-pagehelper.