一、过滤请求参数首先要创建一个过滤器
1.实现 javax.servlet.Filter接口
2.如有必要可重写过滤器的初始化方法和销毁方法
3.配置过滤器使其生效,这里使用SpringBoot注解的方式配置
@javax.servlet.annotation.WebFilter
和@org.springframework.core.annotation.Order()
详情见下面示例
4.重写 doFilter 过滤方法实现过滤
5.在启动类添加扫描过滤器的注解
@ServletComponentScan(“com.example.demo.filter”)
@SpringBootApplication
public class DemoApplication {
二、实现参数过滤
1. 继承HttpServletRequestWrapper
2. 通过构造方法获取K-V格式的参数,见示例
3. 对于请求参数是K=V格式的通过HttpServletRequest.getParameterMap就可以直接获取。但是对于JSON格式的参数,我们需要从request的inputStream中读取。但是流读完就消失了,所以需要重写getInputStream()方法
4. 创建一个类继承ServletInputStream类返回请求流
示例:
引入依赖:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<!--io工具类-->
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.5</version>
</dependency>
过滤器类:
import org.springframework.core.annotation.Order;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import java.io.IOException;
@Order(1) //过滤器的顺序,假设我们有多个过滤器,这个注解就是规定过滤器的顺序。
@WebFilter(urlPatterns = "/*", filterName = "ParamsFilter") //urlPatterns = "/*" 表示为所有请求实现过滤,filterName = "ParamsFilter" 表示为过滤器起名为“ParamsFilter”
public class ParamsFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
//filter对象只会创建一次,init方法也只会执行一次。
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
request.setCharacterEncoding("UTF-8");
System.out.println("过滤器开始过滤请求");
ParamsWrapper requestWrapper = new ParamsWrapper((HttpServletRequest) request);
filterChain.doFilter(requestWrapper,response);
response.setCharacterEncoding("UTF-8");
}
@Override
public void destroy() {
}
}
过滤参数类(Wrapper类):
import org.apache.commons.io.IOUtils;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.util.Map;
public class ParamsWrapper extends HttpServletRequestWrapper {
public ParamsWrapper(HttpServletRequest request) {
super(request);
Map<String, String[]> parameterMap = request.getParameterMap();
//对 parameterMap 进行操作
}
/**
* 对于请求参数是K=V格式的通过HttpServletRequest.getParameterMap就可以直接获取。
* 但是对于JSON格式的参数,我们需要从request的inputStream中读取。
*/
@Override
public ServletInputStream getInputStream() throws IOException {
ServletInputStream inputStream = super.getInputStream();
//获取JSON字符串
String s = IOUtils.toString(inputStream, "UTF-8");
//操作
//返回:由于流读取完后就消失了,需要再将流写出去
ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(s.getBytes("UTF-8"));
return new RequestCachingInputStream(byteArrayInputStream);
}
}
返回流类:
import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import java.io.ByteArrayInputStream;
import java.io.IOException;
public class RequestCachingInputStream extends ServletInputStream {
private final ByteArrayInputStream inputStream;
public RequestCachingInputStream(ByteArrayInputStream byteArrayInputStream) {
this.inputStream = byteArrayInputStream;
}
@Override
public boolean isFinished() {
return inputStream.available() == 0;
}
@Override
public boolean isReady() {
return true;
}
@Override
public void setReadListener(ReadListener listener) {
}
@Override
public int read() throws IOException {
return inputStream.read();
}
}