一、背景
1.接着上一篇的内容继续研究了下http请求的反盗链技术,请参考我的上一篇博文:https://blog.csdn.net/chenmingxu438521/article/details/90641052,在这里我讲解了http协议的基础知识,希望能帮助到你们。
2.起初我用的是idea演示的项目,死活出不来结果,最终我选择了esclipse来研究反盗链,最终把结果演示了出来,困扰了两天的问题终于解决了,用习惯了idea就回不去了的esclipse,好了,下面我们就来讲讲我们今天的内容吧。
二、项目结构图
三、项目demotesta详解
1.pom.xml
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.ysfj</groupId>
<artifactId>demotesta</artifactId>
<version>0.0.1-SNAPSHOT</version>
<packaging>war</packaging>
<dependencies>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>3.0.1</version>
<scope>provided</scope>
</dependency>
</dependencies>
</project>2.web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
id="WebApp_ID" version="3.1">
<display-name>web</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
</web-app>3.index.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>A网站</title>
</head>
<body>
小叮当
<img alt="" src="imgs/log.png?t=2017-10-10">
<img alt="" src="imgs/log.png?t=2017-10-10">
<img alt="" src="imgs/log.png?t=2017-10-11">
<img alt="" src="imgs/log.png?t=2017-10-10">
<img alt="" src="imgs/log.png?t=2017-10-28">
<img alt="" src="imgs/log.png?t=2017-10-10">
</body>
</html>四、项目demotestb
1.pom.xml
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.ysfj</groupId>
<artifactId>demotestb</artifactId>
<version>0.0.1-SNAPSHOT</version>
<packaging>war</packaging>
<dependencies>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>3.0.1</version>
<scope>provided</scope>
</dependency>
</dependencies>
</project>2.web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
id="WebApp_ID" version="3.1">
<display-name>web</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>b.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
</web-app>3.b.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>B网站访问</title>
</head>
<body>
<img alt="" src="http://a.a.com/a/imgs/log.png">
</body>
</html>总结:这样就可以模拟demotesta项目被demotestb盗用图片的信息了,下面就可以测试了,测试之前为了方便我们还是想这么配置下,其实配置不配置都无所谓了,就是只写域名,也不用写端口号了,这样可能测试的时候方便点,下面我就去讲讲。
五、配置自定义域名和不写端口号的操作
1.本地电脑hosts文件,cd \Windows\System32\drivers\etc,找到hosts文件,就这么配置下(DNS)
2.tomcat目录下的conf/server.xml的配置(这样访问的时候就不用谢端口号了)
3.esclipse中还需要修改下(改写成8080)
六、访问demotesta项目
七、访问demotestb项目
这样就产生了b项目盗用a项目的图片了,这时候就产生了反盗链技术,下面我们讲解下怎么解决这个问题(java)。
八、解决问题
1.在demotesta项目中(新建com.ysfj.filter包)
public class ImgFilter implements Filter {
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("过滤器初始化...");
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
System.out.println("doFilter...");
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
String referer = req.getHeader("referer");
// 请求服务名称 http://a.a.com
String serverName = req.getServerName();
System.out.println("referer:" + referer + ",serverName:" + serverName);
if (referer == null || !(referer.contains(serverName))) {
//
req.getRequestDispatcher("error.png").forward(req, res);
return ;
}
//放行
chain.doFilter(req, res);
}
public void destroy() {
}
}2.web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
id="WebApp_ID" version="3.1">
<display-name>web</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>b.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
<!--添加-->
<filter>
<filter-name>ImgFilter</filter-name>
<filter-class>com.ysfj.filter.ImgFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ImgFilter</filter-name>
<url-pattern>/imgs/*</url-pattern>
</filter-mapping>
</web-app>九、启动项目访问
1.后台打印结果
doFilter...
doFilter...
referer:http://a.a.com/a/,serverName:a.a.com
referer:http://a.a.com/a/,serverName:a.a.com
doFilter...
referer:http://a.a.com/a/,serverName:a.a.com
doFilter...
referer:http://b.b.com/b/b.jsp,serverName:a.a.com2.浏览器访问结果
3.上面的简单的一个例子就解决了问题,这个就是反盗链
十、总结
希望能帮助你们,共勉!!!
270
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
