在一次实践中需要进行外部提交,目标地址为ASP格式的网页,其防止外部提交的代码大概如下:
<%
server_v1=Cstr(Request.ServerVariables("HTTP_REFERER"))
server_v2=Cstr(Request.ServerVariables("SERVER_NAME"))
if mid(server_v1,8,len(server_v2))<>server_v2 then
%>
警告!你正在从外部提交数据!!请立即终止!!
<%
Response.Redirect "index.asp"
end if
%>
其实是比较提交的地址和网页本身是否相同,因此只要在Header中加入相应的refer即可,完整代码如下:
<%@ page contentType="text/html; charset=gb2312" language="java" errorPage="" %>
<%@ page import="java.io.*, java.util.*, javax.servlet.ServletException, javax.servlet.http.*,
org.apache.commons.httpclient.HttpClient, org.apache.commons.httpclient.HttpStatus,
org.apache.commons.httpclient.methods.PostMethod, org.apache.commons.httpclient.NameValuePair"
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>Jianzhi Post</title>
</head>
<body>
<%
try
{
//定义需要用到的变量值
int num = 0;//计数
String strFull = null;
String url = "POST的目标地址"处理地址
String select_Title = "";//标题类型
String Title = null;//标题内容
String Content = null;//要贴的内容
//用来建立链接
HttpClient httpClient = new HttpClient();
PostMethod postMethod = null;
//用来从数据文件读取数据
BufferedReader fileReader = new BufferedReader(
new FileReader("D:/Josen/myweb/jianzhi/data.txt"));
//循环提交
while((strFull = fileReader.readLine())!=null)
{
//从文件中获取相关信息
StringTokenizer tokenizer = new StringTokenizer(strFull, "#");
Title = tokenizer.nextToken();
Content = "电话: "+ tokenizer.nextToken() + "<br />" + tokenizer.nextToken();
//在本网页上显示要提交的信息
out.println(Title + "<br />");
out.println(Content + "<br />");
out.flush();
//改变编码格式以便在网上传送,防止乱码
Title = new String(Title.getBytes("GB2312"),"ISO-8859-1");
Content = new String(Content.getBytes("GB2312"),"ISO-8859-1");
//设定要传送的数据的格式
NameValuePair[] postData = {
new NameValuePair("select_Title", select_Title),
new NameValuePair("Title", Title),
new NameValuePair("Content", Content)
};
//根据相应的网址建立链接
postMethod = new PostMethod(url);
//给方法设定要传送的数据
postMethod.setRequestBody(postData);
postMethod.addRequestHeader("referer", "目标地址");
//执行传递
httpClient.executeMethod(postMethod);
//给自己提示状态
num++;
out.println(num + "-->" + postMethod.getStatusLine() + ".<br /><br />");
out.flush();
}// end while
//释放该方法的连接
postMethod.releaseConnection();
}catch(Exception e){
out.println("Error, please check!");
out.flush();
}finally{
//任务结束
out.println("<p>Task finished!</p>");
}
%>
</body>
</html>
以上就是完整的代码.