想用Tomcat对输入的链接进行过滤,提取referer头,然后进行检查,用这种方式进行防盗链
具体的方法为:
在tomcat的conf中的server.xml中添加了
<Valve className="org.apache.catalina.valves.RequestHeaderValve" header="Referer" deny="*.mydomain.com, *localhost*"/> 其中RequestHeaderValve是自己写的一个类:package org.apache.catalina.valves;import java.io.IOException;
import javax.servlet.ServletException;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
public final class RequestHeaderValve extends RequestFilterValve{
private String header = "";
public void invoke(Request request, Response response) throws IOException, ServletException {
String headervalue = request.getRequest().getHeader(getHeader());
System.out.println("$$$$$$$$$$$$$" + headervalue);
String URI = request.getRequestURI();
String referer = request.getHeader("referer");
System.out.println("$$$$$$$$$$$$$" + referer);
String sitePart = request.getServerName() + "/upload";
System.out.println("1=======================" + URI + "--------------------------");
System.out.println("12=======================" + sitePart + "--------------------------");
if(URI.startsWith("/upload")){
if(referer == null || !referer.startsWith("http://" + request.getServerName())){
System.out.println("3+++++++++++++++++++This is NG!++++++++++++++++++++++++++");
return;
}else{
System.out.println("4-------------------This is OK!--------------------------");
}
}else{
}
System.out.println("goout~");
headervalue = headervalue != null ? headervalue : "";
System.out.println("$$$$$$$$$$$$$" + headervalue);
process(headervalue, request, response);
} public String getHeader() {
return header;
} public void setHeader(String header) {
this.header = header;
}}运行是可以的,但是不管输入什么网址都进入不了网站,
请问invoke以后用什么方式可以正常返回,继续执行接下来的操作!在线等~~~
具体的方法为:
在tomcat的conf中的server.xml中添加了
<Valve className="org.apache.catalina.valves.RequestHeaderValve" header="Referer" deny="*.mydomain.com, *localhost*"/> 其中RequestHeaderValve是自己写的一个类:package org.apache.catalina.valves;import java.io.IOException;
import javax.servlet.ServletException;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
public final class RequestHeaderValve extends RequestFilterValve{
private String header = "";
public void invoke(Request request, Response response) throws IOException, ServletException {
String headervalue = request.getRequest().getHeader(getHeader());
System.out.println("$$$$$$$$$$$$$" + headervalue);
String URI = request.getRequestURI();
String referer = request.getHeader("referer");
System.out.println("$$$$$$$$$$$$$" + referer);
String sitePart = request.getServerName() + "/upload";
System.out.println("1=======================" + URI + "--------------------------");
System.out.println("12=======================" + sitePart + "--------------------------");
if(URI.startsWith("/upload")){
if(referer == null || !referer.startsWith("http://" + request.getServerName())){
System.out.println("3+++++++++++++++++++This is NG!++++++++++++++++++++++++++");
return;
}else{
System.out.println("4-------------------This is OK!--------------------------");
}
}else{
}
System.out.println("goout~");
headervalue = headervalue != null ? headervalue : "";
System.out.println("$$$$$$$$$$$$$" + headervalue);
process(headervalue, request, response);
} public String getHeader() {
return header;
} public void setHeader(String header) {
this.header = header;
}}运行是可以的,但是不管输入什么网址都进入不了网站,
请问invoke以后用什么方式可以正常返回,继续执行接下来的操作!在线等~~~
解决方案 »
- 用httpclient获取Gmail联系人
- weblogic系统中默认的用户weblogic被彻底删除了
- aop一个小例子的疑问
- java调用sap函数
- HTTP Status 404 - Servlet action is not available
- hibernate+dwr问题
- <%@ include file="XXX.jsp"%>后为何无法正常显示中文,谢谢前辈指教(焦急中。。。)
- jboss-3.0.8_tomcat-4.1.24测试实例interest的servlet时,网页出现500错误
- 关于moudle!(apache2.0.39+resin2.1.2)
- JRun 1.3在添加Server时能不能指定Root Directory
- 关于session注销的问题,
- 问个cookie的问题
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException,
ServletException {