package bxconn;
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import java.util.*;
import java.lang.String.*;
import java.lang.*;public class urlfilter extends HttpServlet implements Filter {
public void doFilter(ServletRequest request,
ServletResponse response,
FilterChain chain)
throws ServletException, IOException {
HttpServletRequest req = (HttpServletRequest)request;
HttpServletResponse res = (HttpServletResponse)response;String inj_str ="'|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare|;|or|-|+|,";
String inj_stra[] = inj_str.split("|");
String url1=(String)((HttpServletRequest)request).getRequestURI();
for (int i=0 ; i < inj_stra.length ; i++ )
{
if (url1.indexOf(inj_stra[i])>=0)
{
res.sendRedirect(req.getContextPath());
}else{
chain.doFilter(request,response);
}
} } public void init(FilterConfig config)
throws ServletException {
} public void destroy() {}
}写了个防注射的过滤器,打开网页提示java.lang.IllegalStateException
org.apache.catalina.connector.ResponseFacade.sendRedirect(ResponseFacade.java:432)
bxconn.urlfilter.doFilter(urlfilter.java:50)
错在哪里?
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import java.util.*;
import java.lang.String.*;
import java.lang.*;public class urlfilter extends HttpServlet implements Filter {
public void doFilter(ServletRequest request,
ServletResponse response,
FilterChain chain)
throws ServletException, IOException {
HttpServletRequest req = (HttpServletRequest)request;
HttpServletResponse res = (HttpServletResponse)response;String inj_str ="'|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare|;|or|-|+|,";
String inj_stra[] = inj_str.split("|");
String url1=(String)((HttpServletRequest)request).getRequestURI();
for (int i=0 ; i < inj_stra.length ; i++ )
{
if (url1.indexOf(inj_stra[i])>=0)
{
res.sendRedirect(req.getContextPath());
}else{
chain.doFilter(request,response);
}
} } public void init(FilterConfig config)
throws ServletException {
} public void destroy() {}
}写了个防注射的过滤器,打开网页提示java.lang.IllegalStateException
org.apache.catalina.connector.ResponseFacade.sendRedirect(ResponseFacade.java:432)
bxconn.urlfilter.doFilter(urlfilter.java:50)
错在哪里?
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;public class ManageFilter extends HttpServlet implements Filter { public void init(FilterConfig arg0) throws ServletException {
// TODO Auto-generated method stub } public void doFilter(ServletRequest servletrequest, ServletResponse servletresponse,
FilterChain filterchain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) servletrequest;
HttpServletResponse response = (HttpServletResponse) servletresponse;
HttpSession session = request.getSession();
String key = "";
try{
String uriStr = request.getRequestURI().toUpperCase(); key = (String) session.getAttribute("role");
if(uriStr.equals("/TESTSERVLET/")||uriStr.indexOf("LOGIN")!=-1||uriStr.indexOf("NOTAVIP")!=-1){
filterchain.doFilter(servletrequest, servletresponse);
}
else if (key!= null&&key.equals("user1")){
filterchain.doFilter(servletrequest, servletresponse);
}
else{
response.sendRedirect("/testServlet/notavip.jsp");
System.out.println("a request is stopped");
}
}catch (Exception exception){
exception.printStackTrace();
}
} public void destroy() {
// TODO Auto-generated method stub }}
自己看吧