package com.achievo.framework.server.core.filter;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;public class BugFilter
implements Filter
{
private List<String> keywords = new ArrayList(); public void destroy()
{
} public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException
{
HttpServletRequest req = (HttpServletRequest)request;
HttpServletResponse res = (HttpServletResponse)response;
if (!isBugInvade(req)) { //如果bug入侵
chain.doFilter(request, response);
} else {
res.reset();
res.setContentType("text/html; charset=UTF-8");
res.getWriter().println("检测到入侵");
}
} private boolean isBugInvade(HttpServletRequest request)
{
String queryString = request.getQueryString();
if (queryString != null) {
for (String keyword : this.keywords) {
if (queryString.indexOf(keyword) != -1) {
return true;
}
}
} Enumeration e = request.getParameterNames();
String parName;
while (e.hasMoreElements()) {
parName = (String)e.nextElement();
for (String keyword : this.keywords) {
if (parName.indexOf(keyword) != -1) {
return true;
}
}
}
return false;
} public void init(FilterConfig fConfig) throws ServletException
{
this.keywords.add("getWriter");
this.keywords.add("FileOutputStream");
this.keywords.add("getRuntime");
this.keywords.add("getRequest");
this.keywords.add("getProperty");
this.keywords.add("\\u0023");
this.keywords.add("\\43");
}
}web.xml配置
<filter>
<filter-name>bugFilter</filter-name>
<filter-class>com.achievo.framework.server.core.filter.BugFilter</filter- class>
</filter>
<filter-mapping>
<filter-name>bugFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>不明白为什么保存中文就出乱码了~ 求大神解答我这个小菜鸟。
import java.io.IOException;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;public class BugFilter
implements Filter
{
private List<String> keywords = new ArrayList(); public void destroy()
{
} public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException
{
HttpServletRequest req = (HttpServletRequest)request;
HttpServletResponse res = (HttpServletResponse)response;
if (!isBugInvade(req)) { //如果bug入侵
chain.doFilter(request, response);
} else {
res.reset();
res.setContentType("text/html; charset=UTF-8");
res.getWriter().println("检测到入侵");
}
} private boolean isBugInvade(HttpServletRequest request)
{
String queryString = request.getQueryString();
if (queryString != null) {
for (String keyword : this.keywords) {
if (queryString.indexOf(keyword) != -1) {
return true;
}
}
} Enumeration e = request.getParameterNames();
String parName;
while (e.hasMoreElements()) {
parName = (String)e.nextElement();
for (String keyword : this.keywords) {
if (parName.indexOf(keyword) != -1) {
return true;
}
}
}
return false;
} public void init(FilterConfig fConfig) throws ServletException
{
this.keywords.add("getWriter");
this.keywords.add("FileOutputStream");
this.keywords.add("getRuntime");
this.keywords.add("getRequest");
this.keywords.add("getProperty");
this.keywords.add("\\u0023");
this.keywords.add("\\43");
}
}web.xml配置
<filter>
<filter-name>bugFilter</filter-name>
<filter-class>com.achievo.framework.server.core.filter.BugFilter</filter- class>
</filter>
<filter-mapping>
<filter-name>bugFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>不明白为什么保存中文就出乱码了~ 求大神解答我这个小菜鸟。
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货