springboot4 · bugfinderbot · Dec 16, 2025 · Copilot · Mar 2, 2026 · Copilot
diff --git a/...k/art-spring-boot-starter-xss/src/main/java/com/art/common/xss/core/filter/XssFilter.java b/...k/art-spring-boot-starter-xss/src/main/java/com/art/common/xss/core/filter/XssFilter.java
@@ -39,6 +39,8 @@ public class XssFilter extends OncePerRequestFilter {
 
 	private final PathMatcher pathMatcher;
 
+	private final XssCleaner xssCleaner;
+
 	@Override
 	protected boolean shouldNotFilter(HttpServletRequest request) {
 		if (!xssProperties.isEnable()) {
@@ -58,9 +60,9 @@ protected boolean shouldNotFilter(HttpServletRequest request) {
 	 * @throws IOException
 	 */
 	@Override
-	protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
+	protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain, XssCleaner xssCleaner)
 			throws ServletException, IOException {
-		filterChain.doFilter(new XssRequestWrapper(request), response);
+		filterChain.doFilter(new XssRequestWrapper(request,xssCleaner), response);
 	}
 
 }