update

src/main/java/com/ym/mec/collectfee/CollectFeeServerApplication.java

@@ -3,12 +3,14 @@ package com.ym.mec.collectfee;
 import org.mybatis.spring.annotation.MapperScan;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.web.servlet.ServletComponentScan;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
 
 @SpringBootApplication
 @MapperScan("com.ym.mec.collectfee.dal.dao")
 @ComponentScan(basePackages="com.ym.mec.collectfee")
+@ServletComponentScan//filter才能生效
 @Configuration
 public class CollectFeeServerApplication {
 

src/main/java/com/ym/mec/collectfee/config/WebMvcConfig.java

@@ -3,6 +3,7 @@ package com.ym.mec.collectfee.config;
 import java.util.ArrayList;
 import java.util.List;
 
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@@ -11,21 +12,22 @@ import com.ym.mec.collectfee.interceptor.RequestInterceptor;
 
 @Configuration
 public class WebMvcConfig implements WebMvcConfigurer {
-	
+
 	@Override
-    public void addInterceptors(InterceptorRegistry registry) {
+	public void addInterceptors(InterceptorRegistry registry) {
 		// addPathPatterns 用于添加拦截规则, 这里假设拦截 /url 后面的全部链接
-        List<String> includePathPatterns = new ArrayList<String>();
-        includePathPatterns.add("/**");
-        
-        // excludePathPatterns 用户排除拦截
-        List<String> excludePathPatterns = new ArrayList<String>();
-        excludePathPatterns.add("/login");
-        
-        registry.addInterceptor(getRequestInterceptor()).addPathPatterns(includePathPatterns).excludePathPatterns(excludePathPatterns);
-    }
-	
-	public RequestInterceptor getRequestInterceptor(){
+		List<String> includePathPatterns = new ArrayList<String>();
+		includePathPatterns.add("/**");
+
+		// excludePathPatterns 用户排除拦截
+		List<String> excludePathPatterns = new ArrayList<String>();
+		excludePathPatterns.add("/login");
+
+		registry.addInterceptor(getRequestInterceptor()).addPathPatterns(includePathPatterns).excludePathPatterns(excludePathPatterns);
+	}
+
+	@Bean
+	public RequestInterceptor getRequestInterceptor() {
 		return new RequestInterceptor();
 	}
 }

src/main/java/com/ym/mec/collectfee/controller/DemoController.java

@@ -0,0 +1,16 @@
+package com.ym.mec.collectfee.controller;
+
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import com.ym.mec.collectfee.core.BaseController;
+
+@RestController
+public class DemoController extends BaseController {
+
+	@GetMapping("/info")
+	public Object getInfo() {
+		System.out.println("************* Demo Controller *************");
+		return succeed();
+	}
+}

src/main/java/com/ym/mec/collectfee/filter/XssFilter.java

@@ -0,0 +1,26 @@
+package com.ym.mec.collectfee.filter;
+
+import java.io.IOException;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.annotation.WebFilter;
+
+import org.springframework.core.annotation.Order;
+
+@Order(1)
+// 执行的顺序，值越小，越先执行
+@WebFilter(urlPatterns = "/*")
+public class XssFilter implements Filter {
+
+	@Override
+	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+		System.out.println("******************XssFilter ****************");
+
+		chain.doFilter(request, response);
+	}
+
+}

src/main/java/com/ym/mec/collectfee/interceptor/RequestInterceptor.java

@@ -17,6 +17,8 @@ public class RequestInterceptor extends HandlerInterceptorAdapter {
 	@Override
 	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
 
+		System.out.println("*************Request Interceptor************");
+		
 		String username = "";
 		String userId = "";
 		// 存储userId以及IP