原文:https://www.2cto.com/kf/201712/706399.html
springboot druid 數據庫多SQL錯誤multi-statement not allow
Caused by: java.sql.SQLException: sql injection violation, multi-statement not allowcom.alibaba.druid.wall.WallFilter.check(WallFilter.java:714) atcom.alibaba.druid.wall.WallFilter.connection_prepareStatement(WallFilter.java:240) atcom.alibaba.druid.filter.FilterChainImpl.connection_prepareStatement(FilterChainImpl.java:448) atcom.alibaba.druid.filter.FilterAdapter.connection_prepareStatement(FilterAdapter.java:928) atcom.alibaba.druid.filter.FilterEventAdapter.connection_prepareStatement(FilterEventAdapter.java:122) atcom.alibaba.druid.filter.FilterChainImpl.connection_prepareStatement(FilterChainImpl.java:448) atcom.alibaba.druid.proxy.jdbc.ConnectionProxyImpl.prepareStatement(ConnectionProxyImpl.java:342) atcom.alibaba.druid.pool.DruidPooledConnection.prepareStatement(DruidPooledConnection.java:318)
解決方案:
1、配置數據庫連接,添加allowMultiQueries=true
jdbc.url=jdbc:mysql://192.168.11.107:3306/alarm_db?allowMultiQueries=true&useUnicode=true&characterEncoding=UTF-8
2、如果需要開啟wall監控,同時允許multiStatementAllow,就不要在application.yml中配置filter,自己定義
//使用連接池dataSource
@Bean
@ConfigurationProperties(prefix = "spring.datasource")
public DataSource dataSource() {
DruidDataSource druidDataSource = new DruidDataSource();
List filterList=new ArrayList<>();
filterList.add(wallFilter());
druidDataSource.setProxyFilters(filterList);
return druidDataSource;
}
@Bean
public WallFilter wallFilter(){
WallFilter wallFilter=new WallFilter();
wallFilter.setConfig(wallConfig());
return wallFilter;
}
@Bean
public WallConfig wallConfig(){
WallConfig config =new WallConfig();
config.setMultiStatementAllow(true);//允許一次執行多條語句
config.setNoneBaseStatementAllow(true);//允許非基本語句的其他語句
return config;
}