简单的防盗链过滤器代码,保护cwb目录和dir2目录下的zip文件不被盗链。
一、web.xml文件
二、过滤器代码
一、web.xml文件
<?
xml version="1.0" encoding="ISO-8859-1"
?>
< web-app xmlns ="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi ="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation ="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version ="2.4" >
< display-name > Welcome to Tomcat </ display-name >
< description >
Welcome to Tomcat
</ description >
< filter >
< filter-name > SecurityFilter </ filter-name >
< filter-class > example.SecurityFilter </ filter-class >
</ filter >
< filter-mapping >
< filter-name > SecurityFilter </ filter-name >
< url-pattern > /dir2/* </ url-pattern >
</ filter-mapping >
< filter-mapping >
< filter-name > SecurityFilter </ filter-name >
< url-pattern > /cwb/* </ url-pattern >
</ filter-mapping >
< servlet >
< servlet-name > log4j-init </ servlet-name >
< servlet-class > example.Log4jInit </ servlet-class >
< init-param >
< param-name > log4j </ param-name >
< param-value > WEB-INF/log4j.properties </ param-value >
</ init-param >
< load-on-startup > 1 </ load-on-startup >
</ servlet >
</ web-app >
< web-app xmlns ="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi ="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation ="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version ="2.4" >
< display-name > Welcome to Tomcat </ display-name >
< description >
Welcome to Tomcat
</ description >
< filter >
< filter-name > SecurityFilter </ filter-name >
< filter-class > example.SecurityFilter </ filter-class >
</ filter >
< filter-mapping >
< filter-name > SecurityFilter </ filter-name >
< url-pattern > /dir2/* </ url-pattern >
</ filter-mapping >
< filter-mapping >
< filter-name > SecurityFilter </ filter-name >
< url-pattern > /cwb/* </ url-pattern >
</ filter-mapping >
< servlet >
< servlet-name > log4j-init </ servlet-name >
< servlet-class > example.Log4jInit </ servlet-class >
< init-param >
< param-name > log4j </ param-name >
< param-value > WEB-INF/log4j.properties </ param-value >
</ init-param >
< load-on-startup > 1 </ load-on-startup >
</ servlet >
</ web-app >
二、过滤器代码
package
example;
import javax.servlet.Filter;
import javax.servlet.FilterConfig;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http. * ;
import java.io.IOException;
import java.util.Iterator;
import java.util.Set;
import java.util.HashSet;
import org.apache.log4j. * ;
public class SecurityFilter implements Filter {
private static final String JAVA3Z_URL = "http://www.java3z.com/cwbwebhome/index.html";
private static final String K_URL="http://www.xxx.com/index.html";
private Logger logger = Logger.getLogger("this.SecurityFilter");
/** *//**
* Initializes the Filter.
*/
public void init(FilterConfig filterConfig) throws ServletException {
}
/** *//**
* Standard doFilter object.
*/
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
throws IOException, ServletException {
//logger.info("doFilter");
HttpServletRequest req1=(HttpServletRequest)req;
HttpServletResponse res1=(HttpServletResponse)res;
String contextPath = req1.getContextPath();
String requestUri = req1.getRequestURI();
//logger.info("requestUri = " + requestUri);
String referer=req1.getHeader("Referer");
if(referer!=null&&referer.indexOf("www.java3z.com") < 0&&referer.indexOf("www.xxx.com") < 0){
if(requestUri.indexOf("cwb")!=-1){
res1.sendRedirect(JAVA3Z_URL);
}else{
res1.sendRedirect(K_URL);
}
}else{
chain.doFilter(req, res);
}
}
public void destroy() {}
}
import javax.servlet.Filter;
import javax.servlet.FilterConfig;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http. * ;
import java.io.IOException;
import java.util.Iterator;
import java.util.Set;
import java.util.HashSet;
import org.apache.log4j. * ;
public class SecurityFilter implements Filter {
private static final String JAVA3Z_URL = "http://www.java3z.com/cwbwebhome/index.html";
private static final String K_URL="http://www.xxx.com/index.html";
private Logger logger = Logger.getLogger("this.SecurityFilter");
/** *//**
* Initializes the Filter.
*/
public void init(FilterConfig filterConfig) throws ServletException {
}
/** *//**
* Standard doFilter object.
*/
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
throws IOException, ServletException {
//logger.info("doFilter");
HttpServletRequest req1=(HttpServletRequest)req;
HttpServletResponse res1=(HttpServletResponse)res;
String contextPath = req1.getContextPath();
String requestUri = req1.getRequestURI();
//logger.info("requestUri = " + requestUri);
String referer=req1.getHeader("Referer");
if(referer!=null&&referer.indexOf("www.java3z.com") < 0&&referer.indexOf("www.xxx.com") < 0){
if(requestUri.indexOf("cwb")!=-1){
res1.sendRedirect(JAVA3Z_URL);
}else{
res1.sendRedirect(K_URL);
}
}else{
chain.doFilter(req, res);
}
}
public void destroy() {}
}