关闭

js中对中文escape转码,java后台通过URL获取中文参数的问题

标签: MD5 escape
927人阅读 评论(0) 收藏 举报
分类:

在做银行支付的时候,需要生成MAC域校验,此时文档中规定对中文参数字段需要用escape转码,在js中通过escape对中文转码后,发现后台接收到的参数为null.

解决办法:转码两次 escape(escape("中文字符串")); 

这时会出现新的问题,就是后台接收到的串是转码一次的数据,而转一次转两次的数据是不一样的,例如对"客户"进行escape转码一次为REGINFO1 = "%u5BA2%u6237"  再转码一次为REGINFO = "%25u5BA2%25u6237"  ,如果在生成MAC校验域时,js端用的是二次转码后的值来进行md5加密,那么在java后台进行md5加密的是转码一次的值,就会造成数据的不一致,导致MAC校验失败.

解决办法:在页面端js中加密跟URL拼接字段时分别用转码一次和转码两次后的数据,这样保证前后台数据一致就OK了.

附上几个java加密 转码的工具类:

import java.security.MessageDigest;

/**
 * 加密工具类
 * MD5加密
 * HMAC加密
 *
 */
public class MD5Utils {
	private static final String KEY_MD5 = "MD5";
    // 全局数组
    private static final String[] strDigits = { "0", "1", "2", "3", "4", "5",
            "6", "7", "8", "9", "a", "b", "c", "d", "e", "f" };

    // 返回形式为数字跟字符串
    private static String byteToArrayString(byte bByte) {
        int iRet = bByte;
        if (iRet < 0) {
            iRet += 256;
        }
        int iD1 = iRet / 16;
        int iD2 = iRet % 16;
        return strDigits[iD1] + strDigits[iD2];
    }

    // 转换字节数组为16进制字串
    private static String byteToString(byte[] bByte) {
        StringBuffer sBuffer = new StringBuffer();
        for (int i = 0; i < bByte.length; i++) {
            sBuffer.append(byteToArrayString(bByte[i]));
        }
        return sBuffer.toString();
    }
    /**
     * MD5加密
     * @param strObj
     * @return
     * @throws Exception
     */
    public static String GetMD5Code(String strObj) throws Exception{
        MessageDigest md = MessageDigest.getInstance(KEY_MD5);
        // md.digest() 该函数返回值为存放哈希值结果的byte数组
        return byteToString(md.digest(strObj.getBytes()));
    }
}
/** 
* 对js中escape编码后 进行解码
* 
*/
public class EscapeUtils {

/** The Constant hex. */ 
private final static String[] hex = { "00", "01", "02", "03", "04", "05", 
"06", "07", "08", "09", "0A", "0B", "0C", "0D", "0E", "0F", "10", 
"11", "12", "13", "14", "15", "16", "17", "18", "19", "1A", "1B", 
"1C", "1D", "1E", "1F", "20", "21", "22", "23", "24", "25", "26", 
"27", "28", "29", "2A", "2B", "2C", "2D", "2E", "2F", "30", "31", 
"32", "33", "34", "35", "36", "37", "38", "39", "3A", "3B", "3C", 
"3D", "3E", "3F", "40", "41", "42", "43", "44", "45", "46", "47", 
"48", "49", "4A", "4B", "4C", "4D", "4E", "4F", "50", "51", "52", 
"53", "54", "55", "56", "57", "58", "59", "5A", "5B", "5C", "5D", 
"5E", "5F", "60", "61", "62", "63", "64", "65", "66", "67", "68", 
"69", "6A", "6B", "6C", "6D", "6E", "6F", "70", "71", "72", "73", 
"74", "75", "76", "77", "78", "79", "7A", "7B", "7C", "7D", "7E", 
"7F", "80", "81", "82", "83", "84", "85", "86", "87", "88", "89", 
"8A", "8B", "8C", "8D", "8E", "8F", "90", "91", "92", "93", "94", 
"95", "96", "97", "98", "99", "9A", "9B", "9C", "9D", "9E", "9F", 
"A0", "A1", "A2", "A3", "A4", "A5", "A6", "A7", "A8", "A9", "AA", 
"AB", "AC", "AD", "AE", "AF", "B0", "B1", "B2", "B3", "B4", "B5", 
"B6", "B7", "B8", "B9", "BA", "BB", "BC", "BD", "BE", "BF", "C0", 
"C1", "C2", "C3", "C4", "C5", "C6", "C7", "C8", "C9", "CA", "CB", 
"CC", "CD", "CE", "CF", "D0", "D1", "D2", "D3", "D4", "D5", "D6", 
"D7", "D8", "D9", "DA", "DB", "DC", "DD", "DE", "DF", "E0", "E1", 
"E2", "E3", "E4", "E5", "E6", "E7", "E8", "E9", "EA", "EB", "EC", 
"ED", "EE", "EF", "F0", "F1", "F2", "F3", "F4", "F5", "F6", "F7", 
"F8", "F9", "FA", "FB", "FC", "FD", "FE", "FF" }; 

/** The Constant val. */ 
private final static byte[] val = { 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 
0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 
0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 
0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 
0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x00, 0x01, 
0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x3F, 0x3F, 0x3F, 
0x3F, 0x3F, 0x3F, 0x3F, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x3F, 
0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 
0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 
0x3F, 0x3F, 0x3F, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x3F, 0x3F, 
0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 
0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 
0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 
0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 
0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 
0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 
0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 
0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 
0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 
0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 
0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 
0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 
0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 
0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F, 0x3F }; 

/** 
* Escape. 
* 
* @param s 
* the s 
* 
* @return the string 
*/ 
/** 
* 编码 
* 
* @param s 
* @return 
*/ 
public static String escape(String s) { 
if (s != null) { 
StringBuffer sbuf = new StringBuffer(); 
int len = s.length(); 
for (int i = 0; i < len; i++) { 
int ch = s.charAt(i); 
if ('A' <= ch && ch <= 'Z') { 
sbuf.append((char) ch); 
} else if ('a' <= ch && ch <= 'z') { 
sbuf.append((char) ch); 
} else if ('0' <= ch && ch <= '9') { 
sbuf.append((char) ch); 
} else if (ch == '-' || ch == '_' || ch == '.' || ch == '!' 
|| ch == '~' || ch == '*' || ch == '\'' || ch == '(' 
|| ch == ')') { 
sbuf.append((char) ch); 
} else if (ch <= 0x007F) { 
sbuf.append('%'); 
sbuf.append(hex[ch]); 
} else { 
sbuf.append('%'); 
sbuf.append('u'); 
sbuf.append(hex[(ch >>> 8)]); 
sbuf.append(hex[(0x00FF & ch)]); 
} 
} 
return sbuf.toString(); 
} 
return null; 
} 

/** 
* Unescape. 
* 
* @param s 
* the s 
* 
* @return the string 
*/ 
/** 
* 解码 说明:本方法保证 不论参数s是否经过escape()编码,均能得到正确的“解码”结果 
* 
* @param s 
* @return 
*/ 
public static String unescape(String s) { 
if (s != null) { 
StringBuffer sbuf = new StringBuffer(); 
int i = 0; 
int len = s.length(); 
while (i < len) { 
int ch = s.charAt(i); 
if ('A' <= ch && ch <= 'Z') { 
sbuf.append((char) ch); 
} else if ('a' <= ch && ch <= 'z') { 
sbuf.append((char) ch); 
} else if ('0' <= ch && ch <= '9') { 
sbuf.append((char) ch); 
} else if (ch == '-' || ch == '_' || ch == '.' || ch == '!' 
|| ch == '~' || ch == '*' || ch == '\'' || ch == '(' 
|| ch == ')') { 
sbuf.append((char) ch); 
} else if (ch == '%') { 
int cint = 0; 
if ('u' != s.charAt(i + 1)) { 
cint = (cint << 4) | val[s.charAt(i + 1)]; 
cint = (cint << 4) | val[s.charAt(i + 2)]; 
i += 2; 
} else { 
cint = (cint << 4) | val[s.charAt(i + 2)]; 
cint = (cint << 4) | val[s.charAt(i + 3)]; 
cint = (cint << 4) | val[s.charAt(i + 4)]; 
cint = (cint << 4) | val[s.charAt(i + 5)]; 
i += 5; 
} 
sbuf.append((char) cint); 
} else { 
sbuf.append((char) ch); 
} 
i++; 
} 
return sbuf.toString(); 
} 
return null; 
} 

} 




0
0
查看评论

Java中的escape,unescape方法

Java中的escape,unescape方法,类似JavaScript中的escape() 和unescape() 转码方法
  • hujingn
  • hujingn
  • 2010-08-05 17:06
  • 12364

JS和JAVA中常用的编码转码函数

js中escape,encodeURI,encodeURIComponent函数和unescape,decodeURI和decodeURIComponent函数的功能 1.escape方法对String对象编码,escape方法返回一个包含了charstring内容的字符串值(Unicode格式)。...
  • kkdelta
  • kkdelta
  • 2013-12-17 16:42
  • 13734

在Java中正确解码用Javascript:escape()编码的中文字符

       做页面开发时使用了Javascript的escape()函数进行URL编码,如果url中有中文,结果在JSP或Servlet中用request.getParameter()时取不到参数,只返回一个空值。经过Baidu...
  • hbzyaxiu520
  • hbzyaxiu520
  • 2010-05-19 15:19
  • 26405

js获取url中的中文参数出现乱码解决

js获取url中的中文参数出现乱码解决方法在项目开发中,我们有时往往需要向地址栏传递参数,有时也需要获取地址栏里的参数,今天分享下关于地址栏传递的中文参数,获取出现乱码的解决方法。
  • Willerfu
  • Willerfu
  • 2016-09-16 13:47
  • 4412

Java式实现JS的Escape以及Unescape

http://www.blogjava.net/xiaoyi/articles/298203.html public class EscapeUnescape {     public static...
  • az44yao
  • az44yao
  • 2014-02-10 08:42
  • 4219

Java实现JavaScript的escape()函数

最近在工作中遇到一个问题,有一个包含有空格以及汉字的url在页面中被js的escape()函数处理后,向后台请求资源,我需要在java中实现这一功能,并使用处理后的url向服务器请求。     这个URL如果不处理后台会返回拒绝访问的错误,所以原封不动发...
  • zhaifengmin
  • zhaifengmin
  • 2015-04-21 09:58
  • 1250

java字符转码:三种方法

原文地址:http://thetopofqingshan.iteye.com/blog/1502731 java字符转码:三种方法 转码成功的前提:解码后无乱码 转码流程:文件(gbk)-->解码-->编码--->文件(utf-8)   注:如有问题请留言 ...
  • zhengqiqiqinqin
  • zhengqiqiqinqin
  • 2013-10-11 17:42
  • 85180

javascript中escape编码,后台解码出错的解决办法。

javascript在前台escape的时候,一部分字符不会被编码,到了后台DotNet解码的时候会出错,如“+”会变成空格,对此,我们在前台将这些字符先替换过,再解码就没问题了。////////特殊字符处理function myEscape(sStr){    ret...
  • wszhoho
  • wszhoho
  • 2009-01-06 17:19
  • 1235

Java Escape加密解密

package com.venustech.tsoc.cupid.risk.util; import java.io.BufferedReader; import java.io.File; import java.io.FileReader; public class EscapeUtil...
  • csdn1125
  • csdn1125
  • 2016-07-07 14:01
  • 553

利用StringEscapeUtils对字符串进行各种转义与反转义(Java)

apache工具包common-lang中有一个很有用的处理字符串的工具类,其中之一就是StringEscapeUtils,这个工具类是在2.3版本以上加上的去的,利用它能很方便的进行html,xml,java等的转义与反转义,而且还能对关键字符串进行处理预防SQL注入,不过好像common-lan...
  • chenleixing
  • chenleixing
  • 2015-02-03 20:51
  • 104055
    个人资料
    • 访问:13777次
    • 积分:324
    • 等级:
    • 排名:千里之外
    • 原创:18篇
    • 转载:0篇
    • 译文:0篇
    • 评论:1条
    文章分类
    最新评论