<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0">
  <channel>
    <title>개발노트</title>
    <link>https://dabok407.tistory.com/</link>
    <description>https://github.com/dabok407</description>
    <language>ko</language>
    <pubDate>Thu, 2 Jul 2026 09:27:44 +0900</pubDate>
    <generator>TISTORY</generator>
    <ttl>100</ttl>
    <managingEditor>밍꿔</managingEditor>
    <item>
      <title>CORS 이슈 우회 로컬 테스트용 크롬 브라우저 실행</title>
      <link>https://dabok407.tistory.com/101</link>
      <description>&lt;p&gt;&lt;figure class=&quot;imageblock alignLeft&quot; data-ke-mobileStyle=&quot;widthOrigin&quot; data-origin-width=&quot;514&quot; data-origin-height=&quot;272&quot;&gt;&lt;span data-url=&quot;https://blog.kakaocdn.net/dn/yQ2aE/btsokElc4XW/EKkUKNwsJtycQUpKS1r8ok/img.png&quot; data-phocus=&quot;https://blog.kakaocdn.net/dn/yQ2aE/btsokElc4XW/EKkUKNwsJtycQUpKS1r8ok/img.png&quot; data-alt=&quot;window 기준&quot;&gt;&lt;img src=&quot;https://blog.kakaocdn.net/dn/yQ2aE/btsokElc4XW/EKkUKNwsJtycQUpKS1r8ok/img.png&quot; srcset=&quot;https://img1.daumcdn.net/thumb/R1280x0/?scode=mtistory2&amp;fname=https%3A%2F%2Fblog.kakaocdn.net%2Fdn%2FyQ2aE%2FbtsokElc4XW%2FEKkUKNwsJtycQUpKS1r8ok%2Fimg.png&quot; onerror=&quot;this.onerror=null; this.src='//t1.daumcdn.net/tistory_admin/static/images/no-image-v1.png'; this.srcset='//t1.daumcdn.net/tistory_admin/static/images/no-image-v1.png';&quot; loading=&quot;lazy&quot; width=&quot;514&quot; height=&quot;272&quot; data-origin-width=&quot;514&quot; data-origin-height=&quot;272&quot;/&gt;&lt;/span&gt;&lt;figcaption&gt;window 기준&lt;/figcaption&gt;
&lt;/figure&gt;
&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;chrome.exe&amp;nbsp;--user-data-dir=&quot;C://Chrome&amp;nbsp;dev&amp;nbsp;session&quot;&amp;nbsp;--disable-web-security&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p&gt;&lt;figure class=&quot;imageblock alignLeft&quot; data-ke-mobileStyle=&quot;widthOrigin&quot; data-origin-width=&quot;755&quot; data-origin-height=&quot;167&quot;&gt;&lt;span data-url=&quot;https://blog.kakaocdn.net/dn/XOW38/btsol7t0EnV/8PseHXAZGKpN94pLyP9dtk/img.png&quot; data-phocus=&quot;https://blog.kakaocdn.net/dn/XOW38/btsol7t0EnV/8PseHXAZGKpN94pLyP9dtk/img.png&quot;&gt;&lt;img src=&quot;https://blog.kakaocdn.net/dn/XOW38/btsol7t0EnV/8PseHXAZGKpN94pLyP9dtk/img.png&quot; srcset=&quot;https://img1.daumcdn.net/thumb/R1280x0/?scode=mtistory2&amp;fname=https%3A%2F%2Fblog.kakaocdn.net%2Fdn%2FXOW38%2Fbtsol7t0EnV%2F8PseHXAZGKpN94pLyP9dtk%2Fimg.png&quot; onerror=&quot;this.onerror=null; this.src='//t1.daumcdn.net/tistory_admin/static/images/no-image-v1.png'; this.srcset='//t1.daumcdn.net/tistory_admin/static/images/no-image-v1.png';&quot; loading=&quot;lazy&quot; width=&quot;755&quot; height=&quot;167&quot; data-origin-width=&quot;755&quot; data-origin-height=&quot;167&quot;/&gt;&lt;/span&gt;&lt;/figure&gt;
&lt;/p&gt;</description>
      <category>CORS</category>
      <category>크롬</category>
      <author>밍꿔</author>
      <guid isPermaLink="true">https://dabok407.tistory.com/101</guid>
      <comments>https://dabok407.tistory.com/101#entry101comment</comments>
      <pubDate>Thu, 20 Jul 2023 11:05:54 +0900</pubDate>
    </item>
    <item>
      <title>웹 보안 XSS(Cross Site Scripting) 취약점 대응</title>
      <link>https://dabok407.tistory.com/98</link>
      <description>&lt;h3 data-ke-size=&quot;size23&quot;&gt;XSS(Cross Site Scripting)란?&lt;/h3&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;- 웹페이지에 스크립트 코드를 삽입하여 의도하지 않은 명령을 실행시키거나 쿠키, 세션등을 탈 취 할 수 있는 취약점이다.&lt;/p&gt;
&lt;p data-ke-size=&quot;size18&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;웹 보안 취약점 대응 방법은 보통&lt;span style=&quot;color: #333333; text-align: start;&quot;&gt;&lt;span&gt;&amp;nbsp;&lt;/span&gt;lucy filter와 같은 라이브러리를 적용하며, 추가로 필터로 대응되지 않는&amp;nbsp;&lt;/span&gt;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;케이스들에 대한 예외처리를 추가로 진행한다. (lucy filter의 request body, 에디터HTML 데이터)&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;hr contenteditable=&quot;false&quot; data-ke-type=&quot;horizontalRule&quot; data-ke-style=&quot;style6&quot; /&gt;
&lt;h3 data-ke-size=&quot;size23&quot;&gt;Lucy XSS Filter 적용&lt;/h3&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;- 웹어플리케이션으로 들어오는 모든 요청 파라미터에 대해 기본적인 XSS 방어 필터링을 수행한다.&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;- 화이트 리스트 방식의 필터.&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;maven pom.xml&lt;/p&gt;
&lt;pre id=&quot;code_1687693145403&quot; class=&quot;java&quot; data-ke-language=&quot;java&quot; data-ke-type=&quot;codeblock&quot;&gt;&lt;code&gt;&amp;lt;dependency&amp;gt;
    &amp;lt;groupId&amp;gt;com.navercorp.lucy&amp;lt;/groupId&amp;gt;
    &amp;lt;artifactId&amp;gt;lucy-xss-servlet&amp;lt;/artifactId&amp;gt;
    &amp;lt;version&amp;gt;2.0.1&amp;lt;/version&amp;gt;
&amp;lt;/dependency&amp;gt;&lt;/code&gt;&lt;/pre&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;web.xml&lt;/p&gt;
&lt;pre id=&quot;code_1687693208352&quot; class=&quot;java&quot; data-ke-language=&quot;java&quot; data-ke-type=&quot;codeblock&quot;&gt;&lt;code&gt;&amp;lt;filter&amp;gt;
    &amp;lt;filter-name&amp;gt;xssEscapeServletFilter&amp;lt;/filter-name&amp;gt;
    &amp;lt;filter-class&amp;gt;com.navercorp.lucy.security.xss.servletfilter.XssEscapeServletFilter&amp;lt;/filter-class&amp;gt;
&amp;lt;/filter&amp;gt;
&amp;lt;filter-mapping&amp;gt;
    &amp;lt;filter-name&amp;gt;xssEscapeServletFilter&amp;lt;/filter-name&amp;gt;
    &amp;lt;url-pattern&amp;gt;/*&amp;lt;/url-pattern&amp;gt;
&amp;lt;/filter-mapping&amp;gt;

&amp;lt;filter&amp;gt;
    &amp;lt;filter-name&amp;gt;XSS&amp;lt;/filter-name&amp;gt;
    &amp;lt;filter-class&amp;gt;com.diquest.common.web.CrossScriptingFilter&amp;lt;/filter-class&amp;gt;
&amp;lt;/filter&amp;gt;
&amp;lt;filter-mapping&amp;gt;
    &amp;lt;filter-name&amp;gt;XSS&amp;lt;/filter-name&amp;gt;
    &amp;lt;url-pattern&amp;gt;/*&amp;lt;/url-pattern&amp;gt;
&amp;lt;/filter-mapping&amp;gt;&lt;/code&gt;&lt;/pre&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;CrossScriptingFilter.java&lt;/p&gt;
&lt;pre id=&quot;code_1687695150391&quot; class=&quot;java&quot; data-ke-language=&quot;java&quot; data-ke-type=&quot;codeblock&quot;&gt;&lt;code&gt;import java.io.IOException;
import java.util.Collection;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class CrossScriptingFilter implements Filter {

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void destroy() {
    }

    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
        throws IOException, ServletException {
        HttpServletResponse httpServletResponse = (HttpServletResponse) response;
        chain.doFilter(new RequestWrapper((HttpServletRequest) request), response);
    }

}&lt;/code&gt;&lt;/pre&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;RequestWrapper.java&lt;/p&gt;
&lt;pre id=&quot;code_1687695302929&quot; class=&quot;java&quot; data-ke-language=&quot;java&quot; data-ke-type=&quot;codeblock&quot;&gt;&lt;code&gt;import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import com.nhncorp.lucy.security.xss.XssFilter;

public class RequestWrapper extends HttpServletRequestWrapper {
  private byte[] b;

  public RequestWrapper(HttpServletRequest servletRequest) throws IOException {
    super(servletRequest);
    XssFilter filter = XssFilter.getInstance(&quot;lucy-xss-sax.xml&quot;);
    b = new String(filter.doFilter(getBody(servletRequest))).getBytes(&quot;UTF-8&quot;);
  }

  @Override
  public ServletInputStream getInputStream() throws IOException {
    final ByteArrayInputStream bis = new ByteArrayInputStream(b);
    return new ServletInputStreamImpl(bis);
  }

  class ServletInputStreamImpl extends ServletInputStream {
    private InputStream is;
    public ServletInputStreamImpl(InputStream bis) {
      is = bis;
    }
    @Override
    public int read() throws IOException {
      return is.read();
    }
    @Override
    public int read(byte[] b) throws IOException {
      return is.read(b);
    }
  }

  public static String getBody(HttpServletRequest request) throws IOException {
    String body = null;
    String bodyRes = null;
    BufferedReader br = null;
    StringBuilder sb = new StringBuilder();
    try {
      InputStream inputStream = request.getInputStream();
      if (inputStream != null) {
        br = new BufferedReader(new InputStreamReader(inputStream, &quot;UTF-8&quot;));
        char[] charBuffer = new char[128];
        int bytesRead = -1;
        while ((bytesRead = br.read(charBuffer)) &amp;gt; 0) {
          sb.append(charBuffer, 0, bytesRead);
        }

      } else {
        sb.append(&quot;&quot;);
      }
    } catch (IOException ex) {
      throw ex;
    } finally {
      if (br != null) {
        try {
          br.close();
        } catch (IOException ex) {
          throw ex;
        }
      }
    }
    body = sb.toString();
    return body;
  }
}&lt;/code&gt;&lt;/pre&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;lucy-xss.xml 설정 파일&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;- 보통은 resource폴더 하위에 알맞게 위치시키며, 설정 파일은 아래의 첨부파일 참고.&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;hr contenteditable=&quot;false&quot; data-ke-type=&quot;horizontalRule&quot; data-ke-style=&quot;style6&quot; /&gt;
&lt;h3 style=&quot;color: #000000; text-align: start;&quot; data-ke-size=&quot;size23&quot;&gt;추가 예외케이스&lt;/h3&gt;
&lt;p style=&quot;color: #333333; text-align: start;&quot; data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;- 에디터 사용 시, 내용은 html형태로 저장된다. 단순히 html entity 변환하는것에 초첨을 맞추다보면,&lt;/p&gt;
&lt;p style=&quot;color: #333333; text-align: start;&quot; data-ke-size=&quot;size16&quot;&gt;img태그나 기타&amp;nbsp;에디터 기능들이 동작을 안하는 경우가 발생한다.&lt;br /&gt;때문에, 스크립트 공격이 있을 수 있는 케이스를 블랙리스트로 추가로 관리한다.&lt;/p&gt;
&lt;pre id=&quot;code_1687696580187&quot; class=&quot;java&quot; data-ke-language=&quot;java&quot; data-ke-type=&quot;codeblock&quot;&gt;&lt;code&gt;public static String[] eventArray = {&quot;onclick&quot;, &quot;ondblclick&quot;, &quot;onmouseover&quot;, &quot;onmouseout&quot;,
      &quot;onchange&quot;, &quot;onmousedown&quot;, &quot;onmouseenter&quot;, &quot;onmouseleave&quot;, &quot;onmousemove&quot;, &quot;onmouseup&quot;,
      &quot;onfocus&quot;, &quot;onfocusin&quot;, &quot;onfocusout&quot;, &quot;ondrag&quot;, &quot;ondragleave&quot;, &quot;ondragenter&quot;, &quot;ondragover&quot;,
      &quot;ondragdrop&quot;, &quot;ondragstart&quot;, &quot;ondragend&quot;, &quot;onload&quot;, &quot;onsubmit&quot;, &quot;onunload&quot;, &quot;onmousewheel&quot;,
      &quot;onkeyup&quot;, &quot;onkeypress&quot;, &quot;onkeydown&quot;, &quot;onpointercancel&quot;, &quot;onpointerdown&quot;, &quot;onpointerenter&quot;,
      &quot;onpointerleave&quot;, &quot;onpointermove&quot;, &quot;onpointerout&quot;, &quot;onpointerover&quot;, &quot;onpointerup&quot;,
      &quot;onpointerup&quot;, &quot;onscroll&quot;, &quot;onresize&quot;, &quot;onselect&quot;, &quot;onwheel&quot;, &quot;oninput&quot;, &quot;onblur&quot;,
      &quot;onauxclick&quot;, &quot;onreset&quot;, &quot;confirm&quot;, &quot;alert&quot;, &quot;console.log&quot;, &quot;onerror&quot;, &quot;prompt&quot;,
      &quot;oncontextmenu&quot;, &quot;innerHTML&quot;, &quot;eval&quot;, &quot;onactive&quot;, &quot;ondataavailable&quot;, &quot;oncut&quot;, &quot;onafterupdate&quot;,
      &quot;onbeforeactivate&quot;, &quot;onbeforedeactivate&quot;, &quot;onbeforecut&quot;, &quot;onbounce&quot;, &quot;onbeforecopy&quot;,
      &quot;ondblclick&quot;, &quot;ondeactivate&quot;, &quot;ondatasetchanged&quot;, &quot;onbeforeprint&quot;, &quot;onbeforepaste&quot;,
      &quot;onbeforeupload&quot;, &quot;onselectsatrt&quot;, &quot;onpaste&quot;, &quot;onpropertychange&quot;, &quot;ondrop&quot;,
      &quot;ondatasetcomplete&quot;, &quot;onmove&quot;, &quot;oncellchange&quot;, &quot;onfinish&quot;, &quot;onstop&quot;, &quot;onlayoutcomplete&quot;,
      &quot;onrowexit&quot;, &quot;onbefore&quot;, &quot;onstart&quot;, &quot;onrowinserted&quot;, &quot;onrowdelete&quot;, &quot;onfilterchange&quot;,
      &quot;oncontrolselected&quot;, &quot;onlosecapture&quot;, &quot;onrowenter&quot;, &quot;onhelp&quot;, &quot;onreadystatechange&quot;,
      &quot;onrepeat&quot;, &quot;onerrorupdate&quot;, &quot;onselectionchange&quot;};
          
public static String checkScriptEvent(String s){
    for(String eventStr : eventArray){
        if(s.contains(eventStr)) {
            s = s.replaceAll(eventStr + &quot;=\&quot;.*?\&quot;|&quot; + eventStr + &quot;='.*?'|&quot; + eventStr + &quot;=&amp;amp;quot;.*?&amp;amp;quot;|&quot; + eventStr + &quot;=.*?|&quot; + eventStr, &quot;&quot;);
            for (String dtEventStr : eventArray) {
                if (s.contains(dtEventStr) &amp;amp;&amp;amp; eventStr.equals(dtEventStr)) {
                    s = checkScriptEvent(s);
                }
            }
        }
    }
    return s;
}&lt;/code&gt;&lt;/pre&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;checkScriptEvent에서 재귀형태로 호출 하는 이유는 블랙리스트함수를 반복해서 사용할때도 제외하기 위함.&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;ex) ononerrorerror, onononscrollscrollscroll&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p&gt;&lt;figure class=&quot;fileblock&quot; data-ke-align=&quot;alignCenter&quot;&gt;&lt;a href=&quot;https://blog.kakaocdn.net/dn/br0Sdh/btslbo1xAoH/QnuTAykjawNuZgfeVkLLUK/lucy-xss.xml?attach=1&amp;amp;knm=tfile.xml&quot; class=&quot;&quot;&gt;
    &lt;div class=&quot;image&quot;&gt;&lt;/div&gt;
    &lt;div class=&quot;desc&quot;&gt;&lt;div class=&quot;filename&quot;&gt;&lt;span class=&quot;name&quot;&gt;lucy-xss.xml&lt;/span&gt;&lt;/div&gt;
&lt;div class=&quot;size&quot;&gt;0.00MB&lt;/div&gt;
&lt;/div&gt;
  &lt;/a&gt;&lt;/figure&gt;
&lt;figure class=&quot;fileblock&quot; data-ke-align=&quot;alignCenter&quot;&gt;&lt;a href=&quot;https://blog.kakaocdn.net/dn/qIN2D/btslcDqlFin/ObKKrPAUfgAGk7RNeSS5c0/lucy-xss-sax.xml?attach=1&amp;amp;knm=tfile.xml&quot; class=&quot;&quot;&gt;
    &lt;div class=&quot;image&quot;&gt;&lt;/div&gt;
    &lt;div class=&quot;desc&quot;&gt;&lt;div class=&quot;filename&quot;&gt;&lt;span class=&quot;name&quot;&gt;lucy-xss-sax.xml&lt;/span&gt;&lt;/div&gt;
&lt;div class=&quot;size&quot;&gt;0.00MB&lt;/div&gt;
&lt;/div&gt;
  &lt;/a&gt;&lt;/figure&gt;
&lt;figure class=&quot;fileblock&quot; data-ke-align=&quot;alignCenter&quot;&gt;&lt;a href=&quot;https://blog.kakaocdn.net/dn/sjFdu/btslnfaSBd4/hqirWAuYFM1KN0ij3cZJi0/lucy-xss-servlet-filter-rule.xml?attach=1&amp;amp;knm=tfile.xml&quot; class=&quot;&quot;&gt;
    &lt;div class=&quot;image&quot;&gt;&lt;/div&gt;
    &lt;div class=&quot;desc&quot;&gt;&lt;div class=&quot;filename&quot;&gt;&lt;span class=&quot;name&quot;&gt;lucy-xss-servlet-filter-rule.xml&lt;/span&gt;&lt;/div&gt;
&lt;div class=&quot;size&quot;&gt;0.00MB&lt;/div&gt;
&lt;/div&gt;
  &lt;/a&gt;&lt;/figure&gt;
&lt;figure class=&quot;fileblock&quot; data-ke-align=&quot;alignCenter&quot;&gt;&lt;a href=&quot;https://blog.kakaocdn.net/dn/cfTNcB/btslhcZ5tDc/JsoTTBAKruwvA4KyblEjr0/lucy-xss-superset.xml?attach=1&amp;amp;knm=tfile.xml&quot; class=&quot;&quot;&gt;
    &lt;div class=&quot;image&quot;&gt;&lt;/div&gt;
    &lt;div class=&quot;desc&quot;&gt;&lt;div class=&quot;filename&quot;&gt;&lt;span class=&quot;name&quot;&gt;lucy-xss-superset.xml&lt;/span&gt;&lt;/div&gt;
&lt;div class=&quot;size&quot;&gt;0.00MB&lt;/div&gt;
&lt;/div&gt;
  &lt;/a&gt;&lt;/figure&gt;
&lt;figure class=&quot;fileblock&quot; data-ke-align=&quot;alignCenter&quot;&gt;&lt;a href=&quot;https://blog.kakaocdn.net/dn/5CRTO/btslatI5E6w/LjZzkkUXkqgtIktfl5kz10/lucy-xss-superset-sax.xml?attach=1&amp;amp;knm=tfile.xml&quot; class=&quot;&quot;&gt;
    &lt;div class=&quot;image&quot;&gt;&lt;/div&gt;
    &lt;div class=&quot;desc&quot;&gt;&lt;div class=&quot;filename&quot;&gt;&lt;span class=&quot;name&quot;&gt;lucy-xss-superset-sax.xml&lt;/span&gt;&lt;/div&gt;
&lt;div class=&quot;size&quot;&gt;0.00MB&lt;/div&gt;
&lt;/div&gt;
  &lt;/a&gt;&lt;/figure&gt;
&lt;/p&gt;</description>
      <category>Back/Spring  Java</category>
      <category>CustomFilter</category>
      <category>Fiter</category>
      <category>Lucy</category>
      <category>XSS</category>
      <author>밍꿔</author>
      <guid isPermaLink="true">https://dabok407.tistory.com/98</guid>
      <comments>https://dabok407.tistory.com/98#entry98comment</comments>
      <pubDate>Sun, 25 Jun 2023 21:41:37 +0900</pubDate>
    </item>
    <item>
      <title>[Tomcat] MaxPostSize, MaxParameterCount</title>
      <link>https://dabok407.tistory.com/97</link>
      <description>&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;h2 data-ke-size=&quot;size26&quot;&gt;MaxPostSize&lt;/h2&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&lt;span&gt;maxPostSize의 apache&lt;span&gt;&amp;nbsp;&lt;/span&gt;문서를 참조하면 아래와 같다.&lt;/span&gt;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&lt;span&gt;&lt;span style=&quot;color: #000000;&quot;&gt;The maximum size in bytes of the POST which will be handled by the container FORM URL parameter parsing. The limit can be disabled by setting this attribute to a value less than zero. If not specified, this attribute is set to 2097152 (2 megabytes).&amp;nbsp;&lt;/span&gt;&lt;/span&gt;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;기본 설정으로 Post로 전송 할 수 있는 기본 용량은 2MB.&lt;br /&gt;maxPostSize 값을 0이나, 그보다 작은 수로 설정 하면 제한 해제.&lt;span&gt;&lt;span style=&quot;color: #000000;&quot;&gt;&lt;/span&gt;&lt;/span&gt;&lt;/p&gt;
&lt;pre id=&quot;code_1670990952904&quot; class=&quot;shell&quot; data-ke-language=&quot;shell&quot; data-ke-type=&quot;codeblock&quot;&gt;&lt;code&gt;&amp;lt;Connector port=&quot;8080&quot; protocol=&quot;HTTP/1.1&quot; redirectPort=&quot;8443&quot; maxPostSize=&quot;-1&quot;/&amp;gt;&lt;/code&gt;&lt;/pre&gt;
&lt;h2 data-ke-size=&quot;size26&quot;&gt;&amp;nbsp;&lt;/h2&gt;
&lt;h2 data-ke-size=&quot;size26&quot;&gt;MaxParameterCount&lt;/h2&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&lt;span style=&quot;color: #000000;&quot;&gt;The maximum number of parameter and value pairs (GET plus POST) which will be automatically parsed by the container. Parameter and value pairs beyond this limit will be ignored. A value of less than 0 means no limit. If not specified, a default of 10000 is used. Note that&lt;span&gt;&amp;nbsp;&lt;/span&gt;&lt;/span&gt;&lt;span style=&quot;color: #555555;&quot;&gt;FailedRequestFilter&lt;/span&gt;&lt;span style=&quot;color: #000000;&quot;&gt;&lt;span&gt;&amp;nbsp;&lt;/span&gt;&lt;/span&gt;&lt;a href=&quot;https://tomcat.apache.org/tomcat-9.0-doc/config/filter.html&quot;&gt;filter&lt;/a&gt;&lt;span style=&quot;color: #000000;&quot;&gt;&lt;span&gt;&amp;nbsp;&lt;/span&gt;can be used to reject requests that hit the limit.&lt;/span&gt;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&lt;span style=&quot;color: #555555;&quot;&gt;Get, Post전송의 경우는 파라미터의 갯수도 제한 있다.&lt;/span&gt;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&lt;span style=&quot;color: #555555;&quot;&gt;제한을 두지 않을경우 기본적으로 10,000개까지가 사용이 가능하다.&lt;/span&gt;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&lt;span style=&quot;color: #555555;&quot;&gt;다만, 해당 설정을 변경 할 일은 거의 없을 듯 하다.&amp;nbsp;&lt;/span&gt;&lt;/p&gt;
&lt;pre id=&quot;code_1670991230454&quot; class=&quot;shell&quot; data-ke-language=&quot;shell&quot; data-ke-type=&quot;codeblock&quot;&gt;&lt;code&gt;&amp;lt;Connector port=&quot;8080&quot; protocol=&quot;HTTP/1.1&quot; redirectPort=&quot;8443&quot; maxPostSize=&quot;-1&quot; maxParameterCount=&quot;-1&quot;/&amp;gt;&lt;/code&gt;&lt;/pre&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;</description>
      <category>Etc/Etc</category>
      <category>MaxParameterCount</category>
      <category>maxPostSize</category>
      <category>tomcat</category>
      <author>밍꿔</author>
      <guid isPermaLink="true">https://dabok407.tistory.com/97</guid>
      <comments>https://dabok407.tistory.com/97#entry97comment</comments>
      <pubDate>Wed, 14 Dec 2022 13:14:34 +0900</pubDate>
    </item>
    <item>
      <title>[Mysql] DB Time_Zone 변경 (Docker)</title>
      <link>https://dabok407.tistory.com/96</link>
      <description>&lt;p data-ke-size=&quot;size16&quot;&gt;time zone 이 UTC로 설정 되어 있을 경우, 현재 시간과 9시간이 차이남.&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;현재, DB가 docker로 설치 되어 있기 때문에&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;docker 쉘에 접속하여 mysql 접근 후 설정을 변경 해보겠다.&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;1. docker mysql 확인&lt;/p&gt;
&lt;p&gt;&lt;figure class=&quot;imageblock alignLeft&quot; data-ke-mobileStyle=&quot;widthOrigin&quot; data-origin-width=&quot;1179&quot; data-origin-height=&quot;57&quot;&gt;&lt;span data-url=&quot;https://blog.kakaocdn.net/dn/WnFI2/btrTzveyBXd/y5y32DSxRDIPVyd1ojpu4k/img.png&quot; data-phocus=&quot;https://blog.kakaocdn.net/dn/WnFI2/btrTzveyBXd/y5y32DSxRDIPVyd1ojpu4k/img.png&quot;&gt;&lt;img src=&quot;https://blog.kakaocdn.net/dn/WnFI2/btrTzveyBXd/y5y32DSxRDIPVyd1ojpu4k/img.png&quot; srcset=&quot;https://img1.daumcdn.net/thumb/R1280x0/?scode=mtistory2&amp;fname=https%3A%2F%2Fblog.kakaocdn.net%2Fdn%2FWnFI2%2FbtrTzveyBXd%2Fy5y32DSxRDIPVyd1ojpu4k%2Fimg.png&quot; onerror=&quot;this.onerror=null; this.src='//t1.daumcdn.net/tistory_admin/static/images/no-image-v1.png'; this.srcset='//t1.daumcdn.net/tistory_admin/static/images/no-image-v1.png';&quot; loading=&quot;lazy&quot; width=&quot;1179&quot; height=&quot;57&quot; data-origin-width=&quot;1179&quot; data-origin-height=&quot;57&quot;/&gt;&lt;/span&gt;&lt;/figure&gt;
&lt;/p&gt;
&lt;pre id=&quot;code_1670918736919&quot; class=&quot;bash&quot; data-ke-language=&quot;bash&quot; data-ke-type=&quot;codeblock&quot;&gt;&lt;code&gt;docker ps&lt;/code&gt;&lt;/pre&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;2. container 접속&lt;/p&gt;
&lt;p&gt;&lt;figure class=&quot;imageblock alignLeft&quot; data-ke-mobileStyle=&quot;widthOrigin&quot; data-origin-width=&quot;383&quot; data-origin-height=&quot;21&quot;&gt;&lt;span data-url=&quot;https://blog.kakaocdn.net/dn/ovjKl/btrTAM7SiN9/sM5jPYzHHWmy6iEOs11nmK/img.png&quot; data-phocus=&quot;https://blog.kakaocdn.net/dn/ovjKl/btrTAM7SiN9/sM5jPYzHHWmy6iEOs11nmK/img.png&quot;&gt;&lt;img src=&quot;https://blog.kakaocdn.net/dn/ovjKl/btrTAM7SiN9/sM5jPYzHHWmy6iEOs11nmK/img.png&quot; srcset=&quot;https://img1.daumcdn.net/thumb/R1280x0/?scode=mtistory2&amp;fname=https%3A%2F%2Fblog.kakaocdn.net%2Fdn%2FovjKl%2FbtrTAM7SiN9%2FsM5jPYzHHWmy6iEOs11nmK%2Fimg.png&quot; onerror=&quot;this.onerror=null; this.src='//t1.daumcdn.net/tistory_admin/static/images/no-image-v1.png'; this.srcset='//t1.daumcdn.net/tistory_admin/static/images/no-image-v1.png';&quot; loading=&quot;lazy&quot; width=&quot;383&quot; height=&quot;21&quot; data-origin-width=&quot;383&quot; data-origin-height=&quot;21&quot;/&gt;&lt;/span&gt;&lt;/figure&gt;
&lt;/p&gt;
&lt;pre id=&quot;code_1670918752103&quot; class=&quot;bash&quot; data-ke-language=&quot;bash&quot; data-ke-type=&quot;codeblock&quot;&gt;&lt;code&gt;docker exec -it mysql8 bash&lt;/code&gt;&lt;/pre&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;3. mysql 접속&lt;/p&gt;
&lt;p&gt;&lt;figure class=&quot;imageblock alignLeft&quot; data-ke-mobileStyle=&quot;widthOrigin&quot; data-origin-width=&quot;554&quot; data-origin-height=&quot;226&quot;&gt;&lt;span data-url=&quot;https://blog.kakaocdn.net/dn/cZExEl/btrTvXiNXp1/wmqyebxe4GS9YHI3RXtfSK/img.png&quot; data-phocus=&quot;https://blog.kakaocdn.net/dn/cZExEl/btrTvXiNXp1/wmqyebxe4GS9YHI3RXtfSK/img.png&quot;&gt;&lt;img src=&quot;https://blog.kakaocdn.net/dn/cZExEl/btrTvXiNXp1/wmqyebxe4GS9YHI3RXtfSK/img.png&quot; srcset=&quot;https://img1.daumcdn.net/thumb/R1280x0/?scode=mtistory2&amp;fname=https%3A%2F%2Fblog.kakaocdn.net%2Fdn%2FcZExEl%2FbtrTvXiNXp1%2Fwmqyebxe4GS9YHI3RXtfSK%2Fimg.png&quot; onerror=&quot;this.onerror=null; this.src='//t1.daumcdn.net/tistory_admin/static/images/no-image-v1.png'; this.srcset='//t1.daumcdn.net/tistory_admin/static/images/no-image-v1.png';&quot; loading=&quot;lazy&quot; width=&quot;554&quot; height=&quot;226&quot; data-origin-width=&quot;554&quot; data-origin-height=&quot;226&quot;/&gt;&lt;/span&gt;&lt;/figure&gt;
&lt;/p&gt;
&lt;pre id=&quot;code_1670918944894&quot; class=&quot;bash&quot; data-ke-language=&quot;bash&quot; data-ke-type=&quot;codeblock&quot;&gt;&lt;code&gt;mysql -u root -p&lt;/code&gt;&lt;/pre&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;4. time_zone 확인&lt;/p&gt;
&lt;p&gt;&lt;figure class=&quot;imageblock alignLeft&quot; data-ke-mobileStyle=&quot;widthOrigin&quot; data-origin-width=&quot;294&quot; data-origin-height=&quot;273&quot;&gt;&lt;span data-url=&quot;https://blog.kakaocdn.net/dn/t1x5E/btrTvWEajPQ/dWFsU1YuqYaUx9gTre86sk/img.png&quot; data-phocus=&quot;https://blog.kakaocdn.net/dn/t1x5E/btrTvWEajPQ/dWFsU1YuqYaUx9gTre86sk/img.png&quot;&gt;&lt;img src=&quot;https://blog.kakaocdn.net/dn/t1x5E/btrTvWEajPQ/dWFsU1YuqYaUx9gTre86sk/img.png&quot; srcset=&quot;https://img1.daumcdn.net/thumb/R1280x0/?scode=mtistory2&amp;fname=https%3A%2F%2Fblog.kakaocdn.net%2Fdn%2Ft1x5E%2FbtrTvWEajPQ%2FdWFsU1YuqYaUx9gTre86sk%2Fimg.png&quot; onerror=&quot;this.onerror=null; this.src='//t1.daumcdn.net/tistory_admin/static/images/no-image-v1.png'; this.srcset='//t1.daumcdn.net/tistory_admin/static/images/no-image-v1.png';&quot; loading=&quot;lazy&quot; width=&quot;294&quot; height=&quot;273&quot; data-origin-width=&quot;294&quot; data-origin-height=&quot;273&quot;/&gt;&lt;/span&gt;&lt;/figure&gt;
&lt;/p&gt;
&lt;pre id=&quot;code_1670918993847&quot; class=&quot;bash&quot; data-ke-language=&quot;bash&quot; data-ke-type=&quot;codeblock&quot;&gt;&lt;code&gt;show variables like &quot;%time_zone&quot;;&lt;/code&gt;&lt;/pre&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;5. time_zone 변경 및 확인&lt;/p&gt;
&lt;p&gt;&lt;figure class=&quot;imageblock alignLeft&quot; data-ke-mobileStyle=&quot;widthOrigin&quot; data-origin-width=&quot;301&quot; data-origin-height=&quot;438&quot;&gt;&lt;span data-url=&quot;https://blog.kakaocdn.net/dn/bNlpk5/btrTzwq0Szd/BXE3YbMDrP16xXwcy4II61/img.png&quot; data-phocus=&quot;https://blog.kakaocdn.net/dn/bNlpk5/btrTzwq0Szd/BXE3YbMDrP16xXwcy4II61/img.png&quot;&gt;&lt;img src=&quot;https://blog.kakaocdn.net/dn/bNlpk5/btrTzwq0Szd/BXE3YbMDrP16xXwcy4II61/img.png&quot; srcset=&quot;https://img1.daumcdn.net/thumb/R1280x0/?scode=mtistory2&amp;fname=https%3A%2F%2Fblog.kakaocdn.net%2Fdn%2FbNlpk5%2FbtrTzwq0Szd%2FBXE3YbMDrP16xXwcy4II61%2Fimg.png&quot; onerror=&quot;this.onerror=null; this.src='//t1.daumcdn.net/tistory_admin/static/images/no-image-v1.png'; this.srcset='//t1.daumcdn.net/tistory_admin/static/images/no-image-v1.png';&quot; loading=&quot;lazy&quot; width=&quot;301&quot; height=&quot;438&quot; data-origin-width=&quot;301&quot; data-origin-height=&quot;438&quot;/&gt;&lt;/span&gt;&lt;/figure&gt;
&lt;/p&gt;
&lt;pre id=&quot;code_1670919061000&quot; class=&quot;bash&quot; data-ke-language=&quot;bash&quot; data-ke-type=&quot;codeblock&quot;&gt;&lt;code&gt;SET GLOBAL time_zone='Asia/Seoul';
SET time_zone = 'Asia/Seoul';&lt;/code&gt;&lt;/pre&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;</description>
      <category>DB/Mysql</category>
      <category>9시간</category>
      <category>docker</category>
      <category>MYSQL</category>
      <category>timezone</category>
      <category>time_zone</category>
      <author>밍꿔</author>
      <guid isPermaLink="true">https://dabok407.tistory.com/96</guid>
      <comments>https://dabok407.tistory.com/96#entry96comment</comments>
      <pubDate>Tue, 13 Dec 2022 17:12:04 +0900</pubDate>
    </item>
    <item>
      <title>Spring ssl cors설정 403오류</title>
      <link>https://dabok407.tistory.com/95</link>
      <description>&lt;pre id=&quot;code_1649411715015&quot; class=&quot;java&quot; data-ke-language=&quot;java&quot; data-ke-type=&quot;codeblock&quot;&gt;&lt;code&gt;@Override
public void addCorsMappings(CorsRegistry registry) {
	registry.addMapping(&quot;/api/stats/extration&quot;).allowedOrigins(&quot;http://무언가의도메인.com&quot;)
			.allowedMethods(
            HttpMethod.GET.name()
            ,HttpMethod.POST.name()
            ,HttpMethod.OPTIONS.name()
            );
}&lt;/code&gt;&lt;/pre&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&lt;a href=&quot;https://oingdaddy.tistory.com/243&quot; target=&quot;_blank&quot; rel=&quot;noopener&quot;&gt;https://oingdaddy.tistory.com/243&lt;/a&gt;&lt;/p&gt;
&lt;figure id=&quot;og_1649411721479&quot; contenteditable=&quot;false&quot; data-ke-type=&quot;opengraph&quot; data-ke-align=&quot;alignCenter&quot; data-og-type=&quot;article&quot; data-og-title=&quot;Spring Security CORS 설정하기&quot; data-og-description=&quot;예전에 CORS(Cross-Origin Resource Sharing)를 filter를 사용해서 설정하는것에 대해 포스팅을 한적이 있다. Spring Security를 사용하면 이렇게 별도의 filter를 만들지 않고 간단하게 CORS 설정을 할 수 있다...&quot; data-og-host=&quot;oingdaddy.tistory.com&quot; data-og-source-url=&quot;https://oingdaddy.tistory.com/243&quot; data-og-url=&quot;https://oingdaddy.tistory.com/243&quot; data-og-image=&quot;https://scrap.kakaocdn.net/dn/oUOFl/hyNXkXvnRX/eStWvOWpt9ufaM7685Z7R1/img.png?width=800&amp;amp;height=800&amp;amp;face=0_0_800_800,https://scrap.kakaocdn.net/dn/FpbqO/hyNXvdGiey/vMd5UmEuIGa37xBGhI07Jk/img.png?width=800&amp;amp;height=800&amp;amp;face=0_0_800_800&quot;&gt;&lt;a href=&quot;https://oingdaddy.tistory.com/243&quot; target=&quot;_blank&quot; rel=&quot;noopener&quot; data-source-url=&quot;https://oingdaddy.tistory.com/243&quot;&gt;
&lt;div class=&quot;og-image&quot; style=&quot;background-image: url('https://scrap.kakaocdn.net/dn/oUOFl/hyNXkXvnRX/eStWvOWpt9ufaM7685Z7R1/img.png?width=800&amp;amp;height=800&amp;amp;face=0_0_800_800,https://scrap.kakaocdn.net/dn/FpbqO/hyNXvdGiey/vMd5UmEuIGa37xBGhI07Jk/img.png?width=800&amp;amp;height=800&amp;amp;face=0_0_800_800');&quot;&gt;&amp;nbsp;&lt;/div&gt;
&lt;div class=&quot;og-text&quot;&gt;
&lt;p class=&quot;og-title&quot; data-ke-size=&quot;size16&quot;&gt;Spring Security CORS 설정하기&lt;/p&gt;
&lt;p class=&quot;og-desc&quot; data-ke-size=&quot;size16&quot;&gt;예전에 CORS(Cross-Origin Resource Sharing)를 filter를 사용해서 설정하는것에 대해 포스팅을 한적이 있다. Spring Security를 사용하면 이렇게 별도의 filter를 만들지 않고 간단하게 CORS 설정을 할 수 있다...&lt;/p&gt;
&lt;p class=&quot;og-host&quot; data-ke-size=&quot;size16&quot;&gt;oingdaddy.tistory.com&lt;/p&gt;
&lt;/div&gt;
&lt;/a&gt;&lt;/figure&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&lt;a href=&quot;https://duooo-story.tistory.com/22&quot; target=&quot;_blank&quot; rel=&quot;noopener&quot;&gt;https://duooo-story.tistory.com/22&lt;/a&gt;&lt;/p&gt;
&lt;figure id=&quot;og_1649411723746&quot; contenteditable=&quot;false&quot; data-ke-type=&quot;opengraph&quot; data-ke-align=&quot;alignCenter&quot; data-og-type=&quot;article&quot; data-og-title=&quot;Spring을 사용하는 서버에서 CORS 설정 과정에서 발생한 이슈들&quot; data-og-description=&quot;신규 기능으로 엑셀 다운로드 기능을 개발하는 도중, CORS문제가 났던 문제를 기록해보려 합니다. 먼저 간략하게 구성도를 그려보면 브라우저(A.com)에서 B.com 으로 호출을 하고 B.com에선 nginx가 프&quot; data-og-host=&quot;duooo-story.tistory.com&quot; data-og-source-url=&quot;https://duooo-story.tistory.com/22&quot; data-og-url=&quot;https://duooo-story.tistory.com/22&quot; data-og-image=&quot;https://scrap.kakaocdn.net/dn/ciF570/hyNYBXEgqc/rm4fsK2vJhoXSFBeMojByk/img.png?width=800&amp;amp;height=263&amp;amp;face=0_0_800_263,https://scrap.kakaocdn.net/dn/boVxKu/hyNXuFOhfQ/fn5EKnVb22KpuW2btKQRq1/img.png?width=800&amp;amp;height=263&amp;amp;face=0_0_800_263,https://scrap.kakaocdn.net/dn/ceLCTg/hyNYBQSIeo/wMIeqUZxPscS6y9SQoypd0/img.png?width=897&amp;amp;height=296&amp;amp;face=0_0_897_296&quot;&gt;&lt;a href=&quot;https://duooo-story.tistory.com/22&quot; target=&quot;_blank&quot; rel=&quot;noopener&quot; data-source-url=&quot;https://duooo-story.tistory.com/22&quot;&gt;
&lt;div class=&quot;og-image&quot; style=&quot;background-image: url('https://scrap.kakaocdn.net/dn/ciF570/hyNYBXEgqc/rm4fsK2vJhoXSFBeMojByk/img.png?width=800&amp;amp;height=263&amp;amp;face=0_0_800_263,https://scrap.kakaocdn.net/dn/boVxKu/hyNXuFOhfQ/fn5EKnVb22KpuW2btKQRq1/img.png?width=800&amp;amp;height=263&amp;amp;face=0_0_800_263,https://scrap.kakaocdn.net/dn/ceLCTg/hyNYBQSIeo/wMIeqUZxPscS6y9SQoypd0/img.png?width=897&amp;amp;height=296&amp;amp;face=0_0_897_296');&quot;&gt;&amp;nbsp;&lt;/div&gt;
&lt;div class=&quot;og-text&quot;&gt;
&lt;p class=&quot;og-title&quot; data-ke-size=&quot;size16&quot;&gt;Spring을 사용하는 서버에서 CORS 설정 과정에서 발생한 이슈들&lt;/p&gt;
&lt;p class=&quot;og-desc&quot; data-ke-size=&quot;size16&quot;&gt;신규 기능으로 엑셀 다운로드 기능을 개발하는 도중, CORS문제가 났던 문제를 기록해보려 합니다. 먼저 간략하게 구성도를 그려보면 브라우저(A.com)에서 B.com 으로 호출을 하고 B.com에선 nginx가 프&lt;/p&gt;
&lt;p class=&quot;og-host&quot; data-ke-size=&quot;size16&quot;&gt;duooo-story.tistory.com&lt;/p&gt;
&lt;/div&gt;
&lt;/a&gt;&lt;/figure&gt;
&lt;p data-ke-size=&quot;size16&quot;&gt;&amp;nbsp;&lt;/p&gt;</description>
      <category>Back/Spring  Java</category>
      <author>밍꿔</author>
      <guid isPermaLink="true">https://dabok407.tistory.com/95</guid>
      <comments>https://dabok407.tistory.com/95#entry95comment</comments>
      <pubDate>Fri, 8 Apr 2022 18:55:49 +0900</pubDate>
    </item>
    <item>
      <title>Spring class 동적 로딩 (Singleton)</title>
      <link>https://dabok407.tistory.com/94</link>
      <description>&lt;p&gt;&amp;nbsp;&lt;/p&gt;
&lt;p&gt;&amp;nbsp;&lt;/p&gt;
&lt;pre id=&quot;code_1617616173503&quot; class=&quot;java&quot; data-ke-language=&quot;java&quot; data-ke-type=&quot;codeblock&quot;&gt;&lt;code&gt;package com.mk.common.web.security;

import org.springframework.web.multipart.MultipartFile;
import java.io.File;
import java.io.FileOutputStream;


public interface FileSecurityInterface {

    /**
     * 파일 업로드 암호화
     *
     * @param multi
     * @return
     */
    MultipartFile encryptUpload(MultipartFile multi);

    /**
     * 파일 업로드 암호화
     *
     * @param file
     * @return
     */
    File encryptUpload(File file);

    /**
     * Excel 파일 업로드 암호화
     *
     * @param multi
     * @return
     */
    MultipartFile encryptExcelUpload(MultipartFile multi);

    /**
     * 파일 다운로드 복호화
     *
     * @param file
     * @return
     */
    File decryptDownload(File file);

    /**
     * Excel 파일 다운로드 복호화
     *
     * @param file
     * @return
     */
    FileOutputStream decryptDownload(FileOutputStream file);
}
&lt;/code&gt;&lt;/pre&gt;
&lt;p&gt;&amp;nbsp;&lt;/p&gt;
&lt;p&gt;&amp;nbsp;&lt;/p&gt;
&lt;pre id=&quot;code_1617616202709&quot; class=&quot;java&quot; data-ke-language=&quot;java&quot; data-ke-type=&quot;codeblock&quot;&gt;&lt;code&gt;package com.mk.common.web.security;

import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.multipart.MultipartFile;

import java.io.File;
import java.io.FileOutputStream;

public class FileSecurity implements FileSecurityInterface {

    private static FileSecurityInterface instance;

    public FileSecurity(){}

    public static FileSecurityInterface getInstance(String libPath){
        if(instance == null) {
            try {
                instance = (FileSecurityInterface) Class.forName(libPath).newInstance();
            } catch (ClassNotFoundException e) {
                instance = new FileSecurityException();
            }  catch (InstantiationException e) {
                e.printStackTrace();
            } catch (IllegalAccessException e) {
                e.printStackTrace();
            }
        }
        return instance;
    }

    @Override
    public MultipartFile encryptUpload(MultipartFile multi) {
        return multi;
    }

    @Override
    public File encryptUpload(File file) {
        return file;
    }

    @Override
    public MultipartFile encryptExcelUpload(MultipartFile multi) {
        return multi;
    }

    @Override
    public File decryptDownload(File file) {
        return file;
    }

    @Override
    public FileOutputStream decryptDownload(FileOutputStream file) {
        return file;
    }
}
&lt;/code&gt;&lt;/pre&gt;
&lt;p&gt;&amp;nbsp;&lt;/p&gt;
&lt;p&gt;&amp;nbsp;&lt;/p&gt;
&lt;pre id=&quot;code_1617616229421&quot; class=&quot;java&quot; data-ke-language=&quot;java&quot; data-ke-type=&quot;codeblock&quot;&gt;&lt;code&gt;package com.mk.common.web.security;

import org.apache.log4j.Logger;
import org.springframework.web.multipart.MultipartFile;

import java.io.File;
import java.io.FileOutputStream;

public class FileSecurityException implements FileSecurityInterface{

    public Logger logger = Logger.getLogger(this.getClass());

    public FileSecurityException(){}

    @Override
    public MultipartFile encryptUpload(MultipartFile multi) { return multi; }

    @Override
    public File encryptUpload(File file) { return file; }

    @Override
    public MultipartFile encryptExcelUpload(MultipartFile multi) { return multi; }

    @Override
    public File decryptDownload(File file) { return file; }

    @Override
    public FileOutputStream decryptDownload(FileOutputStream file) { return file; }
}&lt;/code&gt;&lt;/pre&gt;
&lt;p&gt;&amp;nbsp;&lt;/p&gt;</description>
      <category>Back/Spring  Java</category>
      <category>class동적할당</category>
      <category>singleton</category>
      <author>밍꿔</author>
      <guid isPermaLink="true">https://dabok407.tistory.com/94</guid>
      <comments>https://dabok407.tistory.com/94#entry94comment</comments>
      <pubDate>Mon, 5 Apr 2021 18:52:57 +0900</pubDate>
    </item>
    <item>
      <title>PreparedStatement 대량 insert(addBatch, executeBatch)</title>
      <link>https://dabok407.tistory.com/93</link>
      <description>&lt;p&gt;&amp;nbsp;&lt;/p&gt;
&lt;p&gt;&lt;a href=&quot;https://fruitdev.tistory.com/111&quot;&gt;fruitdev.tistory.com/111&lt;/a&gt;&lt;/p&gt;
&lt;figure id=&quot;og_1615342303936&quot; contenteditable=&quot;false&quot; data-ke-type=&quot;opengraph&quot; data-og-type=&quot;article&quot; data-og-title=&quot;[Java] addBatch와 exceuteBatch를 이용한 대용량 데이터 처리&quot; data-og-description=&quot;어느날 100만건이 넘는 대용량 데이터를 빠른 시간내에 처리해야 하는 이슈가 있었다. 처음에는 습관처럼 myBatis를 이용하여 데이터 insert를 처리하였는데 데이터를 insert 하는 시간이 생각보다 오&quot; data-og-host=&quot;fruitdev.tistory.com&quot; data-og-source-url=&quot;https://fruitdev.tistory.com/111&quot; data-og-url=&quot;https://fruitdev.tistory.com/111&quot; data-og-image=&quot;https://scrap.kakaocdn.net/dn/brkIWd/hyJvR6jzkl/G4QOqYC3ldJ5e5M8wBZFa1/img.png?width=800&amp;amp;height=800&amp;amp;face=0_0_800_800,https://scrap.kakaocdn.net/dn/xHIny/hyJvQzyt5a/lTBnoU1bQfJpFMbLz7BrK1/img.png?width=800&amp;amp;height=800&amp;amp;face=0_0_800_800&quot;&gt;&lt;a href=&quot;https://fruitdev.tistory.com/111&quot; target=&quot;_blank&quot; rel=&quot;noopener&quot; data-source-url=&quot;https://fruitdev.tistory.com/111&quot;&gt;
&lt;div class=&quot;og-image&quot; style=&quot;background-image: url('https://scrap.kakaocdn.net/dn/brkIWd/hyJvR6jzkl/G4QOqYC3ldJ5e5M8wBZFa1/img.png?width=800&amp;amp;height=800&amp;amp;face=0_0_800_800,https://scrap.kakaocdn.net/dn/xHIny/hyJvQzyt5a/lTBnoU1bQfJpFMbLz7BrK1/img.png?width=800&amp;amp;height=800&amp;amp;face=0_0_800_800');&quot;&gt;&amp;nbsp;&lt;/div&gt;
&lt;div class=&quot;og-text&quot;&gt;
&lt;p class=&quot;og-title&quot;&gt;[Java] addBatch와 exceuteBatch를 이용한 대용량 데이터 처리&lt;/p&gt;
&lt;p class=&quot;og-desc&quot;&gt;어느날 100만건이 넘는 대용량 데이터를 빠른 시간내에 처리해야 하는 이슈가 있었다. 처음에는 습관처럼 myBatis를 이용하여 데이터 insert를 처리하였는데 데이터를 insert 하는 시간이 생각보다 오&lt;/p&gt;
&lt;p class=&quot;og-host&quot;&gt;fruitdev.tistory.com&lt;/p&gt;
&lt;/div&gt;
&lt;/a&gt;&lt;/figure&gt;
&lt;p&gt;&amp;nbsp;&lt;/p&gt;
&lt;p&gt;&amp;nbsp;&lt;/p&gt;</description>
      <category>Back/Spring  Java</category>
      <category>PreparedStatement</category>
      <category>대량업로드</category>
      <author>밍꿔</author>
      <guid isPermaLink="true">https://dabok407.tistory.com/93</guid>
      <comments>https://dabok407.tistory.com/93#entry93comment</comments>
      <pubDate>Wed, 10 Mar 2021 11:13:11 +0900</pubDate>
    </item>
    <item>
      <title>ORA-12519 TNS:no appropriate handler found</title>
      <link>https://dabok407.tistory.com/92</link>
      <description>&lt;p data-ke-size=&quot;size18&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size18&quot;&gt;&lt;span&gt;ORA-12519: TNS:no appropriate service handler found&lt;/span&gt;&lt;/p&gt;
&lt;p id=&quot;SE-3df61412-2179-446f-8904-a691354a9071&quot; data-ke-size=&quot;size18&quot;&gt;&lt;span&gt;​&lt;/span&gt;&lt;/p&gt;
&lt;p id=&quot;SE-29ee917c-27be-46c4-a990-925461fbfb42&quot; data-ke-size=&quot;size18&quot;&gt;&lt;span&gt;=&amp;gt; DB Connection 후 close를 안해서 오라클 프로세스 수가 설정한 max값을 초과한 경우 발생.&lt;/span&gt;&lt;/p&gt;
&lt;p id=&quot;SE-625f2f96-2421-41ef-bd8b-12d4d59eda13&quot; data-ke-size=&quot;size18&quot;&gt;&lt;span&gt;​&lt;/span&gt;&lt;span&gt;&lt;/span&gt;&lt;/p&gt;
&lt;pre id=&quot;code_1615192183585&quot; class=&quot;sql&quot; data-ke-language=&quot;sql&quot; data-ke-type=&quot;codeblock&quot;&gt;&lt;code&gt;SQL &amp;gt; SELECT * FROM v$resource_limit where resource_name='processes'; -- connection 확인
SQL &amp;gt; ALTER SYSTEM SET PROCESSES=200 SCOPE=spfile; -- max값 200으로 설정(보통 그 이하)
SQL &amp;gt; shutdown immediate; 
SQL &amp;gt; startup; -- 재시작 후 적용됨&lt;/code&gt;&lt;/pre&gt;
&lt;p&gt;&amp;nbsp;&lt;/p&gt;
&lt;p&gt;&amp;nbsp;&lt;/p&gt;
&lt;p&gt;&amp;nbsp;&lt;/p&gt;</description>
      <category>DB/Oracle</category>
      <category>ora-12519</category>
      <author>밍꿔</author>
      <guid isPermaLink="true">https://dabok407.tistory.com/92</guid>
      <comments>https://dabok407.tistory.com/92#entry92comment</comments>
      <pubDate>Mon, 8 Mar 2021 17:30:12 +0900</pubDate>
    </item>
    <item>
      <title>css/js 파일 캐시 방지</title>
      <link>https://dabok407.tistory.com/91</link>
      <description>&lt;p data-ke-size=&quot;size18&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size18&quot;&gt;css, js 파일을 수정 후 반영을 하면 브라우저에서 css,js파일은 캐시로 저장하기 때문에&amp;nbsp;&lt;br /&gt;&lt;br /&gt;참조하는 파일 url이 동일 하다면 수정 되기 전 앞서 저장되어 있는 파일을 사용하기 때문에&lt;/p&gt;
&lt;p data-ke-size=&quot;size18&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size18&quot;&gt;수정된 부분이 작동하지 않게 된다&lt;/p&gt;
&lt;p data-ke-size=&quot;size18&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size18&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size18&quot;&gt;이를 일시적으로 해결하기 위해 브라우저 캐시 비우기 및 강력 새로고침 작업을&lt;/p&gt;
&lt;p data-ke-size=&quot;size18&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size18&quot;&gt;진행 하게 되면 해결 된다. 하지만 이는 일회성 해결 방법이고,&lt;/p&gt;
&lt;p data-ke-size=&quot;size18&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size18&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size18&quot;&gt;css, js파일 경로 끝에 버전정보, 날짜정보와 같이 반영할때마다 해당 파일이 변경되었다는 점을&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size18&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size18&quot;&gt;알 수 있게 파라미터로 넘겨주는 방법이 있다&lt;/p&gt;
&lt;p data-ke-size=&quot;size18&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size18&quot;&gt;아래와 같이,&lt;/p&gt;
&lt;p data-ke-size=&quot;size18&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;pre id=&quot;code_1611297109016&quot; class=&quot;javascript&quot; data-ke-language=&quot;javascript&quot; data-ke-type=&quot;codeblock&quot;&gt;&lt;code&gt;&amp;lt;%@ taglib prefix=&quot;c&quot; uri=&quot;http://java.sun.com/jsp/jstl/core&quot;%&amp;gt;
&amp;lt;%@ taglib prefix=&quot;fmt&quot; uri=&quot;http://java.sun.com/jsp/jstl/fmt&quot;%&amp;gt;
&amp;lt;%@ taglib uri=&quot;http://java.sun.com/jsp/jstl/functions&quot; prefix=&quot;fnc&quot;%&amp;gt;

&amp;lt;jsp:useBean id=&quot;today&quot; class=&quot;java.util.Date&quot;/&amp;gt;
&amp;lt;fmt:formatDate var=&quot;nowDate&quot; pattern=&quot;yyyyMMddhhmmss&quot; value=&quot;${today}&quot;/&amp;gt;
&amp;lt;script type=&quot;text/javascript&quot; src=&quot;../resources/js/pages/test/list.js?importDate=${nowDate}&quot;&amp;gt;&amp;lt;/script&amp;gt;&lt;/code&gt;&lt;/pre&gt;
&lt;p data-ke-size=&quot;size18&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size18&quot;&gt;importDate라는 변수로 화면이 로딩 될 때마다 날짜데이터를 넘겨주는 형태 이다.&lt;/p&gt;
&lt;p data-ke-size=&quot;size18&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size18&quot;&gt;&amp;nbsp;&lt;/p&gt;
&lt;p&gt;&amp;nbsp;&lt;/p&gt;
&lt;p&gt;&amp;nbsp;&lt;/p&gt;</description>
      <category>Front/JavaScript</category>
      <author>밍꿔</author>
      <guid isPermaLink="true">https://dabok407.tistory.com/91</guid>
      <comments>https://dabok407.tistory.com/91#entry91comment</comments>
      <pubDate>Fri, 22 Jan 2021 15:33:43 +0900</pubDate>
    </item>
    <item>
      <title>MongoDb Connection</title>
      <link>https://dabok407.tistory.com/90</link>
      <description>&lt;p&gt;&amp;nbsp;&lt;/p&gt;
&lt;p&gt;NoSql중 Node.js 아래의 MongoDb 기본 Connection 부분을 간략히 설명.&lt;/p&gt;
&lt;p&gt;&amp;nbsp;&lt;/p&gt;
&lt;p&gt;&amp;nbsp;&lt;/p&gt;
&lt;h2 data-ke-size=&quot;size26&quot;&gt;1. npm install mongoose&lt;/h2&gt;
&lt;p&gt;&amp;nbsp;&lt;/p&gt;
&lt;h2 data-ke-size=&quot;size26&quot;&gt;2. connection.js 접속정보 입력&lt;/h2&gt;
&lt;pre id=&quot;code_1606891423028&quot; class=&quot;javascript&quot; data-ke-language=&quot;javascript&quot; data-ke-type=&quot;codeblock&quot;&gt;&lt;code&gt;module.exports = async () =&amp;gt; {
    const mongoose = require('mongoose');
    const mongoConfig = require('../../config/mongo.config');
    await mongoose.connect(mongoConfig.mongoURI,{
        useNewUrlParser :true,
        useUnifiedTopology :true,
        useFindAndModify :false
    }).then(()=&amp;gt;{
        console.log('mongoDB Connected...');
    }).catch(err =&amp;gt;{
        console.log(err);
    })
    return mongoose;
}&lt;/code&gt;&lt;/pre&gt;
&lt;p&gt;&amp;nbsp;&lt;/p&gt;
&lt;h4 data-ke-size=&quot;size20&quot;&gt;&amp;nbsp;- mongo.config(샘플)&lt;/h4&gt;
&lt;pre id=&quot;code_1606891499086&quot; class=&quot;javascript&quot; data-ke-language=&quot;javascript&quot; data-ke-type=&quot;codeblock&quot;&gt;&lt;code&gt;module.exports = {
    mongoURI : &quot;mongodb://127.0.0.1:27017/testDb?retryWrites=true&amp;amp;w=majority&quot;
}
&lt;/code&gt;&lt;/pre&gt;
&lt;p&gt;&amp;nbsp;&lt;/p&gt;
&lt;h2 data-ke-size=&quot;size26&quot;&gt;3. sample service.js&lt;/h2&gt;
&lt;pre id=&quot;code_1606891942894&quot; class=&quot;javascript&quot; data-ke-language=&quot;javascript&quot; data-ke-type=&quot;codeblock&quot;&gt;&lt;code&gt;/**
 * Sample Service
 *
 * @author mkhwang
 * @description Sample Service *
 */
const mongoRoomChat = require(&quot;../../mongoModels/RoomChat&quot;);
/**
 * sample service list select
 * @param {test_seq} 채팅 방 seq
 */
exports.getPreChatList = async (obj) =&amp;gt; {
    try{
        if(isEmpty(obj))
        {
            return api.parameterNull;
        }
        else
        {
            let conversationList = await mongoRoomChat.find({&quot;test_seq&quot;:obj.test_seq}).sort({date: -1}).skip(obj.page_size*(obj.page_num-1)).limit(obj.page_size);
	    return objectAssign({&quot;page_size&quot;:obj.page_size, &quot;page_num&quot;:obj.page_num, &quot;list&quot;:conversationList});
        }
    } catch (e) {
        return objectAssign({&quot;error&quot;:e.toString()}, api.fail) ;
    }&lt;/code&gt;&lt;/pre&gt;
&lt;p&gt;&amp;nbsp;&lt;/p&gt;
&lt;p data-ke-size=&quot;size18&quot;&gt;&lt;u&gt;sort - 정렬할 field : 1 or -1 (1일 경우 오름차순, -1일 경우에 내림차순.)&lt;/u&gt;&lt;br /&gt;&lt;u&gt;limit - 출력할 갯수를 제한&lt;/u&gt;&lt;/p&gt;
&lt;p data-ke-size=&quot;size18&quot;&gt;&lt;u&gt;skip - 출력할 데이터의 시작을 설정. 즉 인자로 들어오는 value 만큼 건너뛰고 value+1부터 출력&lt;/u&gt;&lt;/p&gt;
&lt;p&gt;&amp;nbsp;&lt;/p&gt;
&lt;p&gt;&amp;nbsp;&lt;/p&gt;</description>
      <category>DB/NoSql</category>
      <author>밍꿔</author>
      <guid isPermaLink="true">https://dabok407.tistory.com/90</guid>
      <comments>https://dabok407.tistory.com/90#entry90comment</comments>
      <pubDate>Wed, 2 Dec 2020 15:53:26 +0900</pubDate>
    </item>
  </channel>
</rss>