代码语言
.
CSharp
.
JS
Java
Asp.Net
C
MSSQL
PHP
Css
PLSQL
Python
Shell
EBS
ASP
Perl
ObjC
VB.Net
VBS
MYSQL
GO
Delphi
AS
DB2
Domino
Rails
ActionScript
Scala
代码分类
文件
系统
字符串
数据库
网络相关
图形/GUI
多媒体
算法
游戏
Jquery
Extjs
Android
HTML5
菜单
网页交互
WinForm
控件
企业应用
安全与加密
脚本/批处理
开放平台
其它
【
Java
】
增强 request 和 response 功能
作者:
知冀
/ 发布于
2017/10/12
/
742
request 增强(html转义 ,中文乱码,过滤敏感字符) package me.gacl.web.filter; import java.io.BufferedReader; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; import java.io.UnsupportedEncodingException; import java.util.ArrayList; import java.util.List; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequestWrapper; import javax.servlet.http.HttpServletResponse; /** * @ClassName: AdvancedFilter * @Description: 这个过滤器是用来解决中文乱码,转义内容中的html标签,过滤内容中的敏感字符的 * @author: 孤傲苍狼 * @date: 2014-9-6 下午6:17:37 * */ public class AdvancedFilter implements Filter { private FilterConfig filterConfig = null; //设置默认的字符编码 private String defaultCharset = "UTF-8"; @Override public void init(FilterConfig filterConfig) throws ServletException { //得到过滤器的初始化配置信息 this.filterConfig = filterConfig; } @Override public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = (HttpServletResponse) resp; //得到在web.xml中配置的字符编码 String charset = filterConfig.getInitParameter("charset"); if(charset==null){ charset = defaultCharset; } request.setCharacterEncoding(charset); response.setCharacterEncoding(charset); response.setContentType("text/html;charset="+charset); AdvancedRequest requestWrapper = new AdvancedRequest(request); chain.doFilter(requestWrapper, response); } @Override public void destroy() { } class AdvancedRequest extends HttpServletRequestWrapper{ private List<String> dirtyWords = getDirtyWords(); //定义一个变量记住被增强对象(request对象是需要被增强的对象) private HttpServletRequest request; //定义一个构造函数,接收被增强对象 public AdvancedRequest(HttpServletRequest request) { super(request); this.request = request; } /* 覆盖需要增强的getParameter方法 * @see javax.servlet.ServletRequestWrapper#getParameter(java.lang.String) */ @Override public String getParameter(String name) { try{ //获取参数的值 String value= this.request.getParameter(name); if(value==null){ return null; } //如果不是以get方式提交数据的,就直接返回获取到的值 if(!this.request.getMethod().equalsIgnoreCase("get")) { //调用filter转义value中的html标签 value= filter(value); }else{ //如果是以get方式提交数据的,就对获取到的值进行转码处理 value = new String(value.getBytes("ISO8859-1"),this.request.getCharacterEncoding()); //调用filter转义value中的html标签 value= filter(value); } for(String dirtyWord : dirtyWords){ if(value.contains(dirtyWord)){ System.out.println("内容中包含敏感词:"+dirtyWord+",将会被替换成****"); //替换敏感字符 value = value.replace(dirtyWord, "****"); } } return value; }catch (Exception e) { throw new RuntimeException(e); } } } /** * @Method: filter * @Description: 过滤内容中的html标签 * @Anthor:孤傲苍狼 * @param value * @return */ public String filter(String value) { if (value == null){ return null; } char content[] = new char[value.length()]; value.getChars(0, value.length(), content, 0); StringBuffer result = new StringBuffer(content.length + 50); for (int i = 0; i < content.length; i++) { switch (content[i]) { case '<': result.append("<"); break; case '>': result.append(">"); break; case '&': result.append("&"); break; case '"': result.append("""); break; default: result.append(content[i]); } } return (result.toString()); } /** * @Method: getDirtyWords * @Description: 获取敏感字符 * @Anthor:孤傲苍狼 * * @return */ private List<String> getDirtyWords(){ List<String> dirtyWords = new ArrayList<String>(); String dirtyWordPath = filterConfig.getInitParameter("dirtyWord"); InputStream inputStream = filterConfig.getServletContext().getResourceAsStream(dirtyWordPath); InputStreamReader is = null; try { is = new InputStreamReader(inputStream,defaultCharset); } catch (UnsupportedEncodingException e2) { e2.printStackTrace(); } BufferedReader reader = new BufferedReader(is); String line; try { while ((line = reader.readLine())!= null) {//如果 line为空说明读完了 dirtyWords.add(line); } } catch (IOException e) { e.printStackTrace(); } return dirtyWords; } } <filter> <filter-name>AdvancedFilter</filter-name> <filter-class>me.gacl.web.filter.AdvancedFilter</filter-class> <init-param> <param-name>charset</param-name> <param-value>UTF-8</param-value> //中文乱码解决 </init-param> <init-param> <param-name>dirtyWord</param-name> <param-value>/WEB-INF/DirtyWord.txt</param-value> //敏感字符路径 </init-param> </filter> <filter-mapping> <filter-name>AdvancedFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> response 增强过滤压缩 import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.OutputStreamWriter; import java.io.PrintWriter; import java.util.zip.GZIPOutputStream; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletOutputStream; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponseWrapper; /** * @ClassName: GzipFilter * @Description: 压缩过滤器,将web应用中的文本都经过压缩后再输出到浏览器 * @author: 孤傲苍狼 * @date: 2014-9-7 上午10:52:42 * */ public class GzipFilter implements Filter { public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = (HttpServletResponse) resp; BufferResponse myresponse = new BufferResponse(response); chain.doFilter(request, myresponse); //拿出缓存中的数据,压缩后再打给浏览器 byte out[] = myresponse.getBuffer(); System.out.println("原始大小:" + out.length); ByteArrayOutputStream bout = new ByteArrayOutputStream(); //压缩输出流中的数据 GZIPOutputStream gout = new GZIPOutputStream(bout); gout.write(out); gout.close(); byte gzip[] = bout.toByteArray(); System.out.println("压缩后的大小:" + gzip.length); response.setHeader("content-encoding", "gzip"); response.setContentLength(gzip.length); response.getOutputStream().write(gzip); } public void destroy() { } public void init(FilterConfig filterConfig) throws ServletException { } } class BufferResponse extends HttpServletResponseWrapper{ private ByteArrayOutputStream bout = new ByteArrayOutputStream(); private PrintWriter pw; private HttpServletResponse response; public BufferResponse(HttpServletResponse response) { super(response); this.response = response; } @Override public ServletOutputStream getOutputStream() throws IOException { return new MyServletOutputStream(bout); } @Override public PrintWriter getWriter() throws IOException { pw = new PrintWriter(new OutputStreamWriter(bout,this.response.getCharacterEncoding())); return pw; } public byte[] getBuffer(){ try{ if(pw!=null){ pw.close(); } if(bout!=null){ bout.flush(); return bout.toByteArray(); } return null; }catch (Exception e) { throw new RuntimeException(e); } } } class MyServletOutputStream extends ServletOutputStream{ private ByteArrayOutputStream bout; public MyServletOutputStream(ByteArrayOutputStream bout){ this.bout = bout; } @Override public void write(int b) throws IOException { this.bout.write(b); } } <filter> <description>配置压缩过滤器</description> <filter-name>GzipFilter</filter-name> <filter-class>me.gacl.web.filter.GzipFilter</filter-class> </filter> <!--jsp文件的输出的内容都经过压缩过滤器压缩后才输出 --> <filter-mapping> <filter-name>GzipFilter</filter-name> <url-pattern>*.jsp</url-pattern> <!-- 配置过滤器的拦截方式--> <!-- 对于在Servlet中通过 request.getRequestDispatcher("jsp页面路径").forward(request, response) 方式访问的Jsp页面的要进行拦截 --> <dispatcher>FORWARD</dispatcher> <!--对于直接以URL方式访问的jsp页面进行拦截,过滤器的拦截方式默认就是 REQUEST--> <dispatcher>REQUEST</dispatcher> </filter-mapping> <!--js文件的输出的内容都经过压缩过滤器压缩后才输出 --> <filter-mapping> <filter-name>GzipFilter</filter-name> <url-pattern>*.js</url-pattern> </filter-mapping> <!--css文件的输出的内容都经过压缩过滤器压缩后才输出 --> <filter-mapping> <filter-name>GzipFilter</filter-name> <url-pattern>*.css</url-pattern> </filter-mapping> <!--html文件的输出的内容都经过压缩过滤器压缩后才输出 --> <filter-mapping> <filter-name>GzipFilter</filter-name> <url-pattern>*.html</url-pattern> </filter-mapping> response 增强缓存 import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.OutputStreamWriter; import java.io.PrintWriter; import java.util.HashMap; import java.util.Map; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletOutputStream; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponseWrapper; /** * @ClassName: WebResourceCachedFilter * @Description: Web资源缓存过滤器 * @author: 孤傲苍狼 * @date: 2014-9-8 上午12:20:16 * */ public class WebResourceCachedFilter implements Filter { /** * @Field: map * 缓存Web资源的Map容器 */ private Map<String,byte[]> map = new HashMap<String,byte[]>(); @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = (HttpServletResponse) resp; //1.得到用户请求的uri String uri = request.getRequestURI(); //2.看缓存中有没有uri对应的数据 byte b[] = map.get(uri); //3.如果缓存中有,直接拿缓存的数据打给浏览器,程序返回 if(b!=null){ //根据字节数组和指定的字符编码构建字符串 String webResourceHtmlStr = new String(b,response.getCharacterEncoding()); System.out.println(webResourceHtmlStr); response.getOutputStream().write(b); return; } //4.如果缓存没有,让目标资源执行,并捕获目标资源的输出 BufferResponse myresponse = new BufferResponse(response); chain.doFilter(request, myresponse); //获取缓冲流中的内容的字节数组 byte out[] = myresponse.getBuffer(); //5.把资源的数据以用户请求的uri为关键字保存到缓存中 map.put(uri, out); //6.把数据打给浏览器 response.getOutputStream().write(out); } @Override public void destroy() { } class BufferResponse extends HttpServletResponseWrapper{ private ByteArrayOutputStream bout = new ByteArrayOutputStream(); //捕获输出的缓存 private PrintWriter pw; private HttpServletResponse response; public BufferResponse(HttpServletResponse response) { super(response); this.response = response; } @Override public ServletOutputStream getOutputStream() throws IOException { return new MyServletOutputStream(bout); } @Override public PrintWriter getWriter() throws IOException { pw = new PrintWriter(new OutputStreamWriter(bout,this.response.getCharacterEncoding())); return pw; } public byte[] getBuffer(){ try{ if(pw!=null){ pw.close(); } return bout.toByteArray(); }catch (Exception e) { throw new RuntimeException(e); } } } class MyServletOutputStream extends ServletOutputStream{ private ByteArrayOutputStream bout; public MyServletOutputStream(ByteArrayOutputStream bout){ //接收数据写到哪里 this.bout = bout; } @Override public void write(int b) throws IOException { bout.write(b); } } } <filter> <description>Web资源缓存过滤器</description> <filter-name>WebResourceCachedFilter</filter-name> <filter-class>me.gacl.web.filter.WebResourceCachedFilter</filter-class> </filter> <filter-mapping> <filter-name>WebResourceCachedFilter</filter-name> <!-- 映射需要缓存输出的JSP页面,这几个页面都只是单纯作为输入UI,不会有太多的变化,因此可以缓存输出 --> <url-pattern>/login.jsp</url-pattern> <url-pattern>/test.jsp</url-pattern> <url-pattern>/test2.jsp</url-pattern> </filter-mapping>
试试其它关键字
同语言下
.
List 切割成几份 工具类
.
一行一行读取txt的内容
.
Java PDF转换成图片并输出给前台展示
.
java 多线程框架
.
double类型如果小数点后为零则显示整数否则保留两位小
.
将图片转换为Base64字符串公共类抽取
.
sqlParser 处理SQL(增删改查) 替换schema 用于多租户
.
JAVA 月份中的第几周处理 1-7属于第一周 依次类推 29-
.
java计算两个经纬度之间的距离
.
输入时间参数计算年龄
可能有用的
.
List 切割成几份 工具类
.
一行一行读取txt的内容
.
Java PDF转换成图片并输出给前台展示
.
java 多线程框架
.
double类型如果小数点后为零则显示整数否则保留两位小
.
将图片转换为Base64字符串公共类抽取
.
sqlParser 处理SQL(增删改查) 替换schema 用于多租户
.
JAVA 月份中的第几周处理 1-7属于第一周 依次类推 29-
.
java计算两个经纬度之间的距离
.
输入时间参数计算年龄
知冀
贡献的其它代码
(
14
)
.
增强 request 和 response 功能
.
创建文件夹路径
.
修改数据库表的编码
.
按周、月统计总值 和 平均值
.
获取日期工具类-周一定时执行任务工具类
.
ALTER FUNCTION [dbo].[UFun_SqlSplit] (@Str varcha
.
日期格式转换
.
实现先弹出对话框,再跳转到另一个网页的实现方法
.
C#调用FFMPEG实现桌面录制(视频+音频+生成本地文件)
.
操作消息队列
Copyright © 2004 - 2024 dezai.cn. All Rights Reserved
站长博客
粤ICP备13059550号-3