Example 51 with WallConfig
use of com.alibaba.druid.wall.WallConfig in project druid by alibaba.
the class WallUnionTest4 method testMySql.
public void testMySql() throws Exception {
WallConfig config = new WallConfig();
config.setSelectUnionCheck(true);
Assert.assertTrue(WallUtils.isValidateMySql("SELECT id, product FROM T1 t where id=1 UNION (SELECT * FROM (SELECT 1,'x') X)", config));
Assert.assertFalse(WallUtils.isValidateMySql("SELECT id, product FROM T1 t where id=1 UNION (SELECT * FROM (SELECT 1,'x') X) -- ", config));
}
Also used :
WallConfig(com.alibaba.druid.wall.WallConfig)
Example 52 with WallConfig
use of com.alibaba.druid.wall.WallConfig in project druid by alibaba.
the class WallUpdateWhereTest1 method test_check_false.
public void test_check_false() throws Exception {
WallConfig config = new WallConfig();
config.setUpdateWhereAlayTrueCheck(false);
config.setConditionAndAlwayTrueAllow(true);
config.setCommentAllow(true);
Assert.assertTrue(WallUtils.isValidateMySql(sql, config));
Assert.assertTrue(WallUtils.isValidateMySql(sql1, config));
}
Also used :
WallConfig(com.alibaba.druid.wall.WallConfig)
Example 53 with WallConfig
use of com.alibaba.druid.wall.WallConfig in project druid by alibaba.
the class WallUpdateWhereTest1 method test_check_true.
public void test_check_true() throws Exception {
WallConfig config = new WallConfig();
config.setUpdateWhereAlayTrueCheck(true);
config.setConditionAndAlwayTrueAllow(true);
config.setCommentAllow(true);
Assert.assertFalse(WallUtils.isValidateMySql(sql, config));
Assert.assertFalse(WallUtils.isValidateMySql(sql1, config));
}
Also used :
WallConfig(com.alibaba.druid.wall.WallConfig)
Example 54 with WallConfig
use of com.alibaba.druid.wall.WallConfig in project druid by alibaba.
the class MySqlWallDescribteTest method test_allow.
public void test_allow() throws Exception {
WallConfig config = new WallConfig();
config.setDescribeAllow(true);
Assert.assertTrue(WallUtils.isValidateMySql("describe t", config));
}
Also used :
WallConfig(com.alibaba.druid.wall.WallConfig)
Example 55 with WallConfig
use of com.alibaba.druid.wall.WallConfig in project druid by alibaba.
the class MySqlWallTest_hint method test_false_1.
public void test_false_1() throws Exception {
WallConfig config = new WallConfig();
config.setHintAllow(true);
config.setMultiStatementAllow(true);
String sql = "select * from person where id = '3'/**/union select 0,1,v from (select 1,2,user/*!() as v*/) a where '1'<>''";
//
Assert.assertFalse(WallUtils.isValidateMySql(sql, config));
}
Also used :
WallConfig(com.alibaba.druid.wall.WallConfig)
Aggregations
WallConfig (com.alibaba.druid.wall.WallConfig)83
Properties (java.util.Properties)8
WallFilter (com.alibaba.druid.wall.WallFilter)5
DruidDataSource (com.alibaba.druid.pool.DruidDataSource)4
WallCheckResult (com.alibaba.druid.wall.WallCheckResult)3
Filter (com.alibaba.druid.filter.Filter)2
SQLExpr (com.alibaba.druid.sql.ast.SQLExpr)2
OracleMockDriver (com.alibaba.druid.test.util.OracleMockDriver)2
WallContext (com.alibaba.druid.wall.WallContext)2
MySqlWallProvider (com.alibaba.druid.wall.spi.MySqlWallProvider)2
SQLCommentHint (com.alibaba.druid.sql.ast.SQLCommentHint)1
SQLStatement (com.alibaba.druid.sql.ast.SQLStatement)1
SQLStartTransactionStatement (com.alibaba.druid.sql.ast.statement.SQLStartTransactionStatement)1
MySqlCommitStatement (com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlCommitStatement)1
MySqlDeleteStatement (com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlDeleteStatement)1
MySqlDescribeStatement (com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlDescribeStatement)1
MySqlHintStatement (com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlHintStatement)1
MySqlLockTableStatement (com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlLockTableStatement)1
MySqlRenameTableStatement (com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlRenameTableStatement)1
MySqlReplaceStatement (com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlReplaceStatement)1
