struts2 过滤敏感字符


仔细研究了一下,关于struts2过滤字符串的技术,和之前基于
servlet过滤字符基本一致.过程如下:
1.编写过滤器




public class MyFilter implements Filter {

@Override
public void destroy() {


}


@Override
public void doFilter(ServletRequest arg0, ServletResponse arg1,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) arg0;
chain.doFilter(new MyWrap(request), arg1);
}


@Override
public void init(FilterConfig arg0) throws ServletException {


}


class MyWrap extends HttpServletRequestWrapper {
public MyWrap(HttpServletRequest request) {
super(request);
}

//复写的是getParameterMap方法 这样才会对stuuts2 起到获取作用
//getParameter()不可以
@Override
public Map<String, String[]> getParameterMap() {
Map<String,String[]> map = super.getParameterMap();
   Set<Entry<String, String[]>>  str = map.entrySet();
   for(Iterator iter = str.iterator();iter.hasNext();){
    Entry<String,String[]> entry = (Entry<String, String[]>) iter.next();
    String [] values = entry.getValue();
    for(int i=0;i<values.length;i++){
    values[i] = values[i].replace("法伦功", "***").replace("国民党", "xxx")
    .replace("<", "&lt;").replace(">", "&gt;").replace("'", "").replace("\"", "");
    }
   }
   return map;
}


}
}


在web.xml,配置过滤器
  <filter-mapping>
<filter-name>gongji</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>


<filter>
<filter-name>struts2</filter-name>
<filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class>
</filter>

收藏  | 打印  | 字体:  -缩小  放大+    
[ x ] 请正确填写下面信息


是否保存此网页快照 是否公开此收藏

查看全部评论(0)我来说两句