Question

在访问iserver服务时，请求了一张图片symbol.png，而这个请求的url中有双引号，被网络安全策略判定为“sql注入攻击”，怎么修改代码来解决这个问题呢？ 具体报错信息如下：

HTTP请求方法 GET 域名 xxx.com URI /iserver/services/map-china400/rest/maps/China_432 6/symbol.png?transparent=true&resourceType=SYMBOLM ARKER&picWidth=0&picHeight=0&style={"fillBackOpaqu e":true,"lineWidth":0.1,"fillBackColor":{"red":255 ,"blue":255,"green":255,"alpha":255},"markerWidth" :0,"markerAngle":0,"fillForeColor":{"red":13,"blue "%3 告警级别 高 告警类型 SQL注入攻击 告警发生时间 2018-08-22 13:53:06 匹配次数 1 匹配策略 default_1 匹配规则 sql_double_quotation_marks 策略动作 阻断 是否启用IP封禁 不启用 封禁信息  匹配特征 Param list:style={"fillBackOpaque":true,"lineWidth":0.1,"fillBackColor":{"red":255,"blue":255,"green":255,"alpha":255},"markerWidth":0,"markerAngle":0,"fillForeColor":{"red":13,"blue":143,"green":80,"alpha":255},"markerSize":0,"fillGradientOffsetRatioX":0,"fillGradientOffsetRatioY":0,"lineColor":{"red":59,"blue":81,"green":71,"alpha":255},"fillOpaqueRate":100,"markerHeight":0,"fillGradientMode":"NONE","fillSymbolID":0,"fillGradientAngle":0,"markerSymbolID":908087,"lineSymbolID":0} 代理信息  HTTP请求或者响应信息 GET /iserver/services/map-china400/rest/maps/China_4326/symbol.png?transparent=true&resourceType=SYMBOLMARKER&picWidth=0&picHeight=0&style={"fillBackOpaque":true,"lineWidth":0.1,"fillBackColor":{"red":255,"blue":255,"green":255,"alpha":255},"markerWidth":0,"markerAngle":0,"fillForeColor":{"red":13,"blue":143,"green":80,"alpha":255},"markerSize":0,"fillGradientOffsetRatioX":0,"fillGradientOffsetRatioY":0,"lineColor":{"red":59,"blue":81,"green":71,"alpha":255},"fillOpaqueRate":100,"markerHeight":0,"fillGradientMode":"NONE","fillSymbolID":0,"fillGradientAngle":0,"markerSymbolID":908087,"lineSymbolID":0} HTTP/1.1Host: app2.shmetro.com:8090Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36Accept: image/webp,image/apng,image/*,*/*;q=0.8Referer: http://222.66.139.82:8087/shior/templates/main.jspAccept-Encoding: gzip, deflateAccept-Language: zh-CN

Answer 1

您好，这种情况可能是因为您的安全级别设置的太高了。

Comments

其实symbol.png并没有用，怎么屏蔽这个请求呢

---

业主的网络不可能降低安全级别的，有没有其他什么办法可以解决？

---

这个问题应该是防火墙设置的问题。