From 79e8be43552a57c08c61c3339aa30ab2b84b2526 Mon Sep 17 00:00:00 2001
From: fit2cloud-chenyw <yawen.chen@fit2cloud.com>
Date: Fri, 24 Mar 2023 14:38:24 +0800
Subject: [PATCH] =?UTF-8?q?perf(=E6=B6=88=E6=81=AFapi):=20=E6=8E=92?=
 =?UTF-8?q?=E5=BA=8F=E5=AD=97=E6=AE=B5=E6=8A=A5=E9=94=99?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 backend/src/main/java/io/dataease/auth/aop/SqlInjectAop.java | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/backend/src/main/java/io/dataease/auth/aop/SqlInjectAop.java b/backend/src/main/java/io/dataease/auth/aop/SqlInjectAop.java
index add12ab202..a7737c4c3b 100644
--- a/backend/src/main/java/io/dataease/auth/aop/SqlInjectAop.java
+++ b/backend/src/main/java/io/dataease/auth/aop/SqlInjectAop.java
@@ -5,6 +5,7 @@ import io.dataease.auth.annotation.SqlInjectValidator;
 import io.dataease.commons.exception.DEException;
 import io.dataease.controller.sys.base.BaseGridRequest;
 import org.apache.commons.collections4.CollectionUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.Signature;
 import org.aspectj.lang.annotation.Around;
@@ -63,6 +64,6 @@ public class SqlInjectAop {
         return orderList.stream().anyMatch(exp ->
                 Arrays.stream(exp.toLowerCase().split(",")).anyMatch(word ->
                         Arrays.stream(word.split(" ")).anyMatch(item ->
-                                !wordList.contains(item))));
+                                StringUtils.isNotBlank(item.trim()) && !wordList.contains(item.trim()))));
     }
 }