Filter过滤器----敏感字符过滤,描述是不可能描述的,没时间搞。
package cn.yunhe;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* @author Ray
* date:@2021/1/1
* time:@19:09
*/
@WebServlet("/servletDemo")
public class ServletDemo extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String name = request.getParameter("uname");
String pwd = request.getParameter("pwd");
}
}
过滤器中的proxy用的是动态代理模式(提示就这些)。
package cn.yunhe.filter;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import java.io.BufferedReader;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
import java.util.ArrayList;
import java.util.List;
/**
* @author Ray
* date:@2021/1/11
* time:@19:28
*/
@WebFilter("/servletDemo")
public class ServletFilter implements Filter {
private List<String> stringList = new ArrayList<>();
@Override
public void init(FilterConfig filterConfig){
String realPath = filterConfig.getServletContext().getRealPath("/敏感词汇.txt");
try {
BufferedReader br = new BufferedReader(new FileReader(realPath));
String line = null;
while((line=br.readLine())!=null){
stringList.add(line);
}
br.close();
System.out.println(stringList);
} catch (FileNotFoundException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
servletRequest.setCharacterEncoding("utf-8");
servletResponse.setCharacterEncoding("utf-8");
ServletRequest proxy_sr = (ServletRequest) Proxy.newProxyInstance(servletRequest.getClass().getClassLoader(), servletRequest.getClass().getInterfaces(), new InvocationHandler() {
@Override
public Object invoke(Object proxy, Method method, Object[] args) throws Throwable {
if(method.getName().equals("getParameter")){
String value = (String) method.invoke(servletRequest, args);
if(value!=null){
for (String str : stringList) {
if(value.contains(str)){
value = value.replaceAll(str,"***");
}
}
}
return value;
}
return method.invoke(servletRequest,args);
}
});
filterChain.doFilter(proxy_sr,servletResponse);
}
@Override
public void destroy() {
}
}
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
<form action="/servletDemo" method="post">
<input type="text" name="uname" placeholder="请输入用户名">
<input type="text" name="pwd" placeholder="请输入密码">
<input type="submit" value="登录">
</form>
</body>
</html>
运行
控制台输出