String requestURI = request.getQueryString();
if(requestURI!=null && !"".equalsIgnoreCase(requestURI))
{
if(requestURI.indexOf("<")>0 || requestURI.indexOf(">")>0 || requestURI.indexOf("/"/"") >0 || requestURI.indexOf("'")>0)
{
response.getWriter().println("bad url");
response.getWriter().flush();
return;
}
}