package servlet;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.Reader;
import java.sql.Array;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.Map;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
public class StrServlet implements Filter{
public void destroy() {
// TODO Auto-generated method stub
}
public void doFilter(ServletRequest arg0, ServletResponse arg1,
FilterChain arg2) throws IOException, ServletException {
// TODO Auto-generated method stub
HttpServletRequest req=(HttpServletRequest)arg0;
Map map=req.getParameterMap();
Collection cs=map.values();
Iterator it=cs.iterator();
while(it.hasNext()){
Object obj=it.next();
String[] ss=(String[])obj;
for (int i = 0; i < ss.length; i++) {
// 得到输入页面的文本
String temp=ss[i];
System.out.println("before"+temp);
// 替换非法字符
for (int j = 0; j <list.size(); j++) {
temp=temp.replaceAll(list.get(i).toString(), "*");
}
System.out.println("after"+temp);
// 把替换成功的字符再赋值给字符串
ss[i]=temp;
}
}
// 过滤器开门
arg2.doFilter(arg0, arg1);
}
//非法字符串的集合
private ArrayList list=new ArrayList();
public void init(FilterConfig arg0) throws ServletException {
// TODO Auto-generated method stub
// 读取非法字符的文档
InputStream in=arg0.getServletContext().getResourceAsStream("WEB-INF/Str.txt");
Reader r=new InputStreamReader(in);
BufferedReader bf=new BufferedReader(r);
try {
// 把非法字符肤质给变量temp
String temp=bf.readLine();
// 一行一行读取
while(temp!=null){
list.add(temp);
temp=bf.readLine();
}
bf.close();
r.close();
in.close();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
配置文件:
<filter>
<filter-name>str</filter-name>
<filter-class>servlet.StrServlet</filter-class>
</filter>
<filter-mapping>
<filter-name>str</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
同时要在WEB-INF目录下创建一个txt文档,内容为非法字符