hubez-admin partner-git master -> hubez-git transfer 202205241800

src/main/resources/application-dev.yml

@@ -0,0 +1,19 @@
+spring:
+  datasource:
+    driver-class-name: org.mariadb.jdbc.Driver
+    url: jdbc:mariadb://partner.medialog.co.kr:53306/hubez_admin?serverTimezone=UTC&characterEncoding=UTF-8
+    username: hubez_admin
+    password: ENC(KujgLXvYG1ZD0bT9ec6I3Ld/xV25JmyX)
+    hikari:
+      pool-name: hikari-cp
+      maximum-pool-size: 30
+      minimum-idle: 5
+      connection-timeout: 5000
+      connection-init-sql: SELECT 1
+      validation-timeout: 2000
+      idle-timeout: 600000
+      max-lifetime: 1800000
+
+schedule:
+  sample:
+    init: 60000

src/main/resources/application-local.yml

@@ -0,0 +1,19 @@
+spring:
+  datasource:
+    driver-class-name: org.mariadb.jdbc.Driver
+    url: jdbc:mariadb://partner.medialog.co.kr:53306/hubez_admin?serverTimezone=UTC&characterEncoding=UTF-8
+    username: hubez_admin
+    password: ENC(KujgLXvYG1ZD0bT9ec6I3Ld/xV25JmyX)
+    hikari:
+      pool-name: hikari-cp
+      maximum-pool-size: 30
+      minimum-idle: 5
+      connection-timeout: 5000
+      connection-init-sql: SELECT 1
+      validation-timeout: 2000
+      idle-timeout: 600000
+      max-lifetime: 1800000
+
+schedule:
+  sample:
+    init: 60000

src/main/resources/application-prod.yml

@@ -0,0 +1,19 @@
+spring:
+  datasource:
+    driver-class-name: org.mariadb.jdbc.Driver
+    url: jdbc:mariadb://partner.medialog.co.kr:53306/hubez_admin?serverTimezone=UTC&characterEncoding=UTF-8
+    username: hubez_admin
+    password: ENC(KujgLXvYG1ZD0bT9ec6I3Ld/xV25JmyX)
+    hikari:
+      pool-name: hikari-cp
+      maximum-pool-size: 30
+      minimum-idle: 5
+      connection-timeout: 5000
+      connection-init-sql: SELECT 1
+      validation-timeout: 2000
+      idle-timeout: 600000
+      max-lifetime: 1800000
+
+schedule:
+  sample:
+    init: 60000

src/main/resources/application-stg.yml

@@ -0,0 +1,19 @@
+spring:
+  datasource:
+    driver-class-name: org.mariadb.jdbc.Driver
+    url: jdbc:mariadb://partner.medialog.co.kr:53306/hubez_admin?serverTimezone=UTC&characterEncoding=UTF-8
+    username: hubez_admin
+    password: ENC(KujgLXvYG1ZD0bT9ec6I3Ld/xV25JmyX)
+    hikari:
+      pool-name: hikari-cp
+      maximum-pool-size: 30
+      minimum-idle: 5
+      connection-timeout: 5000
+      connection-init-sql: SELECT 1
+      validation-timeout: 2000
+      idle-timeout: 600000
+      max-lifetime: 1800000
+
+schedule:
+  sample:
+    init: 60000

src/main/resources/application.yml

@@ -0,0 +1,42 @@
+server:
+  port: 7070
+
+spring:
+  profiles:
+    active: local
+  application:
+    name: mhez-admin
+  servlet:
+    multipart:
+      max-file-size: 15MB 
+      max-request-size: 15MB
+  main:
+    banner-mode: log
+#  mvc:
+#    view:
+#      prefix: /WEB-INF/views/
+#      suffix: .jsp
+#  mvc:
+#    static-path-pattern: /static/**
+
+app.props:
+  encKey: RW5jS2V5Rm9yVXBsdXM=
+  xss-excludes:
+#    - /api
+#    - /api/allow/script/uri # xss filter 제외 uri를 list 형식으로 추가
+  jwt:
+    key-string: LcDVU5pmcXIakjK6yw/TJw==
+    private-token-expiration: 1800
+    part1: JwtPart1
+    part2: JwtPart2
+    access-token-expiration: 180
+    refresh-token-expiration: 1800
+    header: Authorization
+    prefix: "Bearer "
+    
+logging:
+  config: classpath:logback-spring.xml
+  
+mybatis:
+  config-location: classpath:/sql-map-config.xml
+  mapper-locations: classpath*:/mapper/mysql/**/*-mapper.xml

src/main/resources/banner.txt

@@ -0,0 +1,8 @@
+
+  __      __  ___   ___
+  \ \    / / | __| | _ )
+   \ \/\/ /  | _|  | _ \
+    \_/\_/   |___| |___/
+
+* Application: ${application.title}-${application.version}, Spring Boot Version:${spring-boot.formatted-version}
+* Copyright 2022.LGU+ All rights reserved.

src/main/resources/db-schema.properties

@@ -0,0 +1,3 @@
+HUBEZ_COMMON=hubez_common
+HUBEZ_ADMIN=hubez_admin
+HUBEZ_SEND=hubez_send

src/main/resources/logback-spring.xml

@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- configuration file for LogBack (slf4J implementation)
+See here for more details: http://gordondickens.com/wordpress/2013/03/27/sawing-through-the-java-loggers/ -->
+<configuration>
+
+	<conversionRule conversionWord="clr" converterClass="org.springframework.boot.logging.logback.ColorConverter" />
+	<conversionRule conversionWord="wex" converterClass="org.springframework.boot.logging.logback.WhitespaceThrowableProxyConverter" />
+	<conversionRule conversionWord="wEx" converterClass="org.springframework.boot.logging.logback.ExtendedWhitespaceThrowableProxyConverter" />
+
+    <appender name="console" class="ch.qos.logback.core.ConsoleAppender">
+        <encoder>
+            <pattern>%clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(%5p) %clr(%-40.40logger{39}){cyan} %clr(%-4L){cyan} %m%n%wEx</pattern>
+        </encoder>
+    </appender>
+
+    <property name="app_name" value="sample" />
+    <property name="log_path" value="/logs/${app_name}/service" />
+
+	<appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
+		<file>${log_path}/${hostName}.log</file>
+		<rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+			<fileNamePattern>${log_path}/%d{yyyyMMdd}/${hostName}-%i.log</fileNamePattern>
+			<MaxFileSize>500MB</MaxFileSize>
+		</rollingPolicy>
+		<encoder>
+			<pattern>%d{yyyy-MM-dd HH:mm:ss.SSS} [mhez-admin] %5p %-40.40logger{39} %-4L %m%n%wEx</pattern>
+		</encoder>
+	</appender>
+
+	<logger name="org.springframework" level="info"/>
+	<logger name="org.springframework.security" level="info"/>
+	<logger name="org.springframework.boot" level="info"/>
+	<logger name="com.zaxxer.hikari.HikariConfig" level="info"/>
+	<logger name="org.mongodb" level="info"/>
+	<logger name="reactor.netty" level="info" />
+    <logger name="io.lettuce.core" level="info" />
+	<logger name="org.thymeleaf" level="info"/>
+	<logger name="com.lguplus" level="info"/>
+
+	<springProfile name="local">
+	</springProfile>
+
+    <root level="info">
+        <appender-ref ref="console"/>
+        <appender-ref ref="FILE"/>
+    </root>
+
+</configuration>

src/main/resources/mapper/mysql/attractMgt/attractMgt-mapper.xml

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="kr.co.uplus.ez.api.attractMgt.AttractMgtMapper">
+
+
+</mapper>

src/main/resources/mapper/mysql/calculate/calculate-mapper.xml

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="kr.co.uplus.ez.api.calculate.CalculateMapper">
+
+
+</mapper>

src/main/resources/mapper/mysql/channelMgt/channelMgt-mapper.xml

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="kr.co.uplus.ez.api.channelMgt.ChannelMgtMapper">
+
+
+</mapper>

src/main/resources/mapper/mysql/comm/authuser-mapper.xml

@@ -0,0 +1,187 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="kr.co.uplus.ez.common.auth.AuthUserDao">
+
+	<select id="getByUsername" parameterType="string" resultType="kr.co.uplus.ez.common.auth.AuthUser">
+		/* authuser-mapper.xml(getByUsername) */
+		SELECT
+			OPRTR_ID
+			, OPRTR_NM
+			, STTUS_CD
+			, CONCAT('{noop}',PWD) AS PWD
+			, EMAIL
+			, HP_NO
+			, AUT_CD
+			, AUTHCHR_FAIL_CNT
+			, RFRSH_TKN
+			, RFRSH_TKN_DT
+			, LAST_LOGIN_DT
+			, LOGIN_FAIL_CNT
+			, PWD_CHG_DT
+		FROM
+			${HUBEZ_ADMIN}.EZ_ADM_USER
+		WHERE
+			OPRTR_ID = #{oprtrId}
+	</select>
+
+	<select id="getRoles" parameterType="string" resultType="string">
+		/* authuser-mapper.xml(getRoles) */
+		SELECT
+			r.ROLE_ID
+		FROM
+			${HUBEZ_ADMIN}.RCS_USER u
+		INNER JOIN RCS_USER_ROLE r ON u.USER_ID = r.USER_ID
+		WHERE
+			u.USER_ID = #{userId}
+	</select>
+
+	<update id="increaseFailCount" parameterType="string">
+		/* authuser-mapper.xml(increaseFailCount) */
+		UPDATE
+			${HUBEZ_ADMIN}.EZ_ADM_USER
+		SET
+			LOGIN_FAIL_CNT = IFNULL(LOGIN_FAIL_CNT, 0) + 1
+		WHERE
+			OPRTR_ID = #{oprtrId}
+	</update>
+
+	<update id="increaseAuthFailCnt" parameterType="string">
+		/* authuser-mapper.xml(increaseAuthFailCnt) */
+		UPDATE
+			${HUBEZ_ADMIN}.EZ_ADM_USER
+		SET
+			AUTHCHR_FAIL_CNT = IFNULL(AUTHCHR_FAIL_CNT, 0) + 1
+		WHERE
+			OPRTR_ID = #{oprtrId}
+	</update>
+
+	<update id="setUserStatus" parameterType="kr.co.uplus.ez.common.auth.AuthUser">
+		/* authuser-mapper.xml(setUserStatus) */
+		UPDATE
+			${HUBEZ_ADMIN}.EZ_ADM_USER
+		SET
+			STTUS_CD = #{sttusCd}
+		WHERE
+			OPRTR_ID = #{oprtrId}
+	</update>
+
+	<update id="setLoginInfo" parameterType="string">
+		/* authuser-mapper.xml(setLoginInfo) */
+		UPDATE
+			${HUBEZ_ADMIN}.EZ_ADM_USER
+		SET
+			LAST_LOGIN_DT = DATE_FORMAT(NOW(), '%Y%m%d%H%i%s')
+			, LOGIN_FAIL_CNT = 0
+		WHERE
+			OPRTR_ID = #{oprtrId}
+	</update>
+
+	<select id="getUser" parameterType="string" resultType="kr.co.uplus.ez.common.auth.AuthUser">
+		/* authuser-mapper.xml(getUser) */
+		SELECT
+			OPRTR_ID
+			,OPRTR_NM
+			,PWD
+			,STTUS_CD
+			,HP_NO
+			,AUTHCHR_FAIL_CNT
+		FROM
+			${HUBEZ_ADMIN}.EZ_ADM_USER
+		WHERE
+			OPRTR_ID  = #{oprtrId}
+	</select>
+
+	<insert id="addAuthNum" parameterType="kr.co.uplus.ez.common.auth.AuthNum">
+		/* authuser-mapper.xml(addAuthNum) */
+		INSERT INTO	${HUBEZ_COMMON}.EZ_AUTH_CHR
+		(
+			AUTH_TP_CD
+			,STTUS_CD
+			,HP_NO
+			,CHR_VAL
+			,EXP_DT
+			,REG_ID
+			,REG_DT
+			,CHG_ID
+			,CHG_DT
+		)VALUES(
+			#{authTpCd}
+			,#{sttusCd}
+			,#{hpNo}
+			,#{chrVal}
+			,DATE_FORMAT(DATE_ADD(NOW(), INTERVAL 3 MINUTE), '%Y%m%d%H%i%s')
+			,#{regId}
+			,DATE_FORMAT(NOW(), '%Y%m%d%H%i%s')
+			,#{regId}
+			,DATE_FORMAT(NOW(), '%Y%m%d%H%i%s')
+		)
+	</insert>
+
+	<select id="getAuthNum" parameterType="kr.co.uplus.ez.common.auth.AuthNum" resultType="kr.co.uplus.ez.common.auth.AuthNum">
+		/* authuser-mapper.xml(getAuthNum) */
+		SELECT
+			T2.SEQ_NO
+			,T1.OPRTR_ID
+			,T1.AUTHCHR_FAIL_CNT
+			,T2.AUTH_TP_CD
+			,T2.STTUS_CD
+			,T2.HP_NO
+			,T2.CHR_VAL
+			,T2.EXP_DT
+		FROM ${HUBEZ_ADMIN}.EZ_ADM_USER T1
+			LEFT JOIN ${HUBEZ_COMMON}.EZ_AUTH_CHR T2
+			ON T1.OPRTR_ID = T2.REG_ID
+			AND T1.HP_NO = T2.HP_NO
+		WHERE T2.AUTH_TP_CD = #{authTpCd}
+			AND T2.HP_NO = #{hpNo}
+			AND T2.CHR_VAL = #{chrVal}
+			AND T2.EXP_DT >= NOW()
+			AND T2.STTUS_CD = #{sttusCd}
+		ORDER BY T2.SEQ_NO DESC
+		LIMIT 1
+	</select>
+
+	<update id="setAuthUserInfo" parameterType="kr.co.uplus.ez.common.auth.AuthNum">
+		/* authuser-mapper.xml(setAuthUserInfo) */
+		UPDATE
+			${HUBEZ_ADMIN}.EZ_ADM_USER
+		SET
+			AUTHCHR_FAIL_CNT = #{authchrFailCnt}
+		WHERE
+			OPRTR_ID  = #{oprtrId}
+	</update>
+
+	<update id="setAuthNum" parameterType="kr.co.uplus.ez.common.auth.AuthNum">
+		/* authuser-mapper.xml(setAuthNum) */
+		UPDATE
+			${HUBEZ_COMMON}.EZ_AUTH_CHR
+		SET
+			STTUS_CD = #{sttusCd}
+		WHERE
+			SEQ_NO  = #{seqNo}
+	</update>
+
+	<select id="getSmsAuthNumByNum" parameterType="string" resultType="kr.co.uplus.ez.common.auth.SmsAuthNum">
+		/* authuser-mapper.xml(getSmsAuthNumByNum) */
+		SELECT
+			USER_ID, ISS_NUM, REG_DT, AUTH_FAIL_CNT, ISS_LOCK_YN
+		FROM
+			RCS_ISS_AUTH_NUM
+		WHERE
+			ISS_NUM = #{issNum}
+	</select>
+
+	<!-- ckr 불명확
+	<select id="getSmsAuthPhone" parameterType="kr.co.uplus.ez.common.auth.SmsAuthNum" resultType="string">
+		/* authuser-mapper.xml(getSmsAuthPhone) */
+		SELECT
+			PHONE
+		FROM
+			RCS_USER U
+			INNER JOIN RCS_ISS_AUTH_NUM I ON U.USER_ID = I.USER_ID
+		WHERE
+			U.USER_ID = #{userId} AND I.ISS_NUM = #{issNum}
+	</select>
+ -->
+</mapper>

src/main/resources/mapper/mysql/comm/comm-mapper.xml

@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="kr.co.uplus.ez.api.comm.CommMapper">
+
+	<select id="getMenuByRole" parameterType="string" resultType="kr.co.uplus.ez.api.comm.Menu">
+		/* comm-mapper.xml(getMenuByRole) */
+		SELECT
+			 MENU_NO AS menuNo
+			, PRNTS_MENU_NO AS prntsMenuNo
+			, MENU_NM AS menuNm
+			, MENU_ODRG AS menuOdrg
+			, USE_YN AS useYn
+			, AUTCHK_GRPNO AS autchkGrpno
+			, MENU_LVL AS menuLvl
+			, MENU_URL AS menuUrl
+		FROM
+			(SELECT
+				M1.*
+			FROM
+				${HUBEZ_ADMIN}.EZ_ADM_MENU M1
+			WHERE
+				M1.MENU_LVL = 1
+			UNION ALL
+			SELECT
+				M2.*
+			FROM
+				${HUBEZ_ADMIN}.EZ_ADM_MENU M2
+				INNER JOIN (
+					SELECT MENU_NO, AUT_CD
+					FROM ${HUBEZ_ADMIN}.EZ_ADM_AUTMENU
+					WHERE AUT_CD = #{role}
+				) R ON M2.MENU_NO = R.MENU_NO
+			) A
+		ORDER BY
+			menuLvl, menuOdrg;
+	</select>
+
+</mapper>

src/main/resources/mapper/mysql/custMgt/custMgt-mapper.xml

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="kr.co.uplus.ez.api.channelMgt.ChannelMgtMapper">
+
+
+</mapper>

src/main/resources/mapper/mysql/login/login-mapper.xml

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="kr.co.uplus.ez.api.login.LoginMapper">
+
+
+</mapper>

src/main/resources/mapper/mysql/mntrng/mntrng-mapper.xml

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="kr.co.uplus.ez.api.mntrng.MntrngMapper">
+
+
+</mapper>

src/main/resources/mapper/mysql/riskMgt/riskMgt-mapper.xml

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="kr.co.uplus.ez.api.riskMgt.RiskMgtMapper">
+
+
+</mapper>

src/main/resources/mapper/mysql/sample/sample-mapper.xml

@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="kr.co.uplus.ez.api.sample.SampleMapper">
+
+	<select id="selectSample" parameterType="kr.co.uplus.ez.api.sample.Sample" resultType="kr.co.uplus.ez.api.sample.Sample">
+		SELECT EMAIL FROM ${HUBEZ_COMMON}.EZ_ADDR
+	</select>
+
+</mapper>

src/main/resources/mapper/mysql/sendNumMgt/sendNumMgt-mapper.xml

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="kr.co.uplus.ez.api.sendNumMgt.SendNumMgtMapper">
+
+
+</mapper>

src/main/resources/mapper/mysql/servMgt/servMgt-mapper.xml

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="kr.co.uplus.ez.api.servMgt.ServMgtMapper">
+
+
+</mapper>

src/main/resources/mapper/mysql/stats/stats-mapper.xml

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="kr.co.uplus.ez.api.stats.StatsMapper">
+
+
+</mapper>

src/main/resources/mapper/mysql/sysMgt/sysMgt-mapper.xml

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="kr.co.uplus.ez.api.sysMgt.SysMgtMapper">
+
+
+</mapper>

src/main/resources/sql-map-config.xml

@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE configuration PUBLIC "-//mybatis.org//DTD Config 3.0//EN" "http://mybatis.org/dtd/mybatis-3-config.dtd">
+
+<configuration>
+
+	<properties resource="db-schema.properties" />
+
+	<settings>
+		<setting name="localCacheScope" value="SESSION"/>
+		<setting name="mapUnderscoreToCamelCase" value="true" />
+		<setting name="jdbcTypeForNull" value="NULL" />
+	</settings>
+	
+</configuration>

src/main/resources/xss-prevent.yml

@@ -0,0 +1,47 @@
+xssconfig :
+  #xss filter 제외 URL
+  exclude-urls :
+    - "/assets/**"
+    - "/se2/**"
+    - "/multiSendTemplateApi/insertMultiSendTemplate"
+    - "/projectApi/manage/saveProject"
+    #- "/uc/test/testUrl" #테스트 URL
+  #xss 제외 방식(allow, except)
+  #allow - escape-characters 를 모두 적용 후 allow-elements 만 <, > 치환
+  #except - escape-characters 를 적용하지 않고 except-elements 적용
+  escape-type: "allow"
+  #allow 일 경우 넘어온 파라미터를 치환작업할 문자,문자열
+  #unescapeYn "Y"일 경우 unescape 시 치환 역작업을 하고 "N"인 경우 제외한다.
+  #공백치환을 추천하지 않는다. <sc<script>ript=alert(1)> 특정문자가 공백치환될 경우 차단우회방지를 위해 필터코멘트 사용.
+  escape-characters :
+    - {target: "<", trans: "&lt;", unescapeYn: "Y"}
+    - {target: ">", trans: "&gt;", unescapeYn: "Y"}
+    - {target: "'", trans: "&#39;", unescapeYn: "Y"}
+    - {target: "\\(", trans: "&#40;", unescapeYn: "Y"}
+    - {target: "\\)", trans: "&#41;", unescapeYn: "Y"}
+    - {target: "(?i)javascript", trans: "<!-- Not Allowed String Filtered -->", unescapeYn: "N"}
+    - {target: "(?i)iframe", trans: "<!-- Not Allowed String Filtered -->", unescapeYn: "N"}
+    - {target: "&lt;\\/?(?i)script", trans: "<!-- Not Allowed String Filtered -->", unescapeYn: "N"}
+    - {target: "(?i)eval\\((.*)\\)", trans: "<!-- Not Allowed String Filtered -->", unescapeYn: "N"}
+  #allow 일 경우 escape-characters 를 모두 적용 후 <, > 를 적용할 tag
+  allow-elements : "a, label, noscript, h1, h2, h3, h4, h5, h6,
+          p, i, b, u, strong, em, small, big, pre, code,
+          cite, samp, sub, sup, strike, center, blockquote,
+          hr, br, col, font, map, span, div, img,
+          ul, ol, li, dd, dt, dl, tbody, thead, tfoot,
+          table, td, th, tr, colgroup, fieldset, legend"
+  #except 일 경우 넘어온 파라미터를 치환작업할 문자,문자열
+  except-elements :
+    #공백치환을 추천하지 않는다. <sc<script>ript=alert(1)> 특정문자가 공백치환될 경우 차단우회방지를 위해 필터코멘트 사용.
+    - {target: "&#((?!;).)*?;", trans: "<!-- Not Allowed String Filtered -->"}  #<IMG SRC="jav&#x0D;ascript:alert('XSS');"> 방지
+    - {target: "<\\/?(?i)svg(>|\\s+((?!>).)*?>)", trans: "<!-- Not Allowed String Filtered -->"}
+    - {target: "<\\/?(?i)script(>|\\s+((?!>).)*?>)", trans: "<!-- Not Allowed String Filtered -->"}
+    - {target: "<\\/?(?i)embed(>|\\s+((?!>).)*?>)", trans: "<!-- Not Allowed String Filtered -->"}
+    - {target: "(?i)javascript", trans: "<!-- Not Allowed String Filtered -->"}
+    - {target: "(?i)iframe", trans: "<!-- Not Allowed String Filtered -->"}
+    - {target: "(?i)onload", trans: "<!-- Not Allowed String Filtered -->"}
+    - {target: "(?i)onerror", trans: "<!-- Not Allowed String Filtered -->"}
+    - {target: "(?i)eval\\((.*)\\)", trans: "<!-- Not Allowed String Filtered -->"}
+    
+    
+