public class SpecialCharacterFilter {
protected Log log = LogFactory.getLog(getClass());
@Override
protected void doFilterInternal(HttpServletRequest req,
HttpServletResponse res, FilterChain chain)
throws ServletException, IOException {
req.setCharacterEncoding("utf-8");
Map map = req.getParameterMap();
Set set = map.entrySet();
if (map != null) {
for (Iterator it = set.iterator(); it.hasNext();) {
Map.Entry entry = (Entry) it.next();
if (entry.getValue() instanceof String[]) {
String[] values = (String[]) entry.getValue();
for (int i = 0; i < values.length; i++) {
//html特殊字符转义
//values[i] = HtmlUtils.htmlEscape(values[i]);
//Sql转义
values[i]=StringEscapeUtils.escapeSql(values[i]);
//javascript特殊字符转义
//values[i] = JavaScriptUtils.javaScriptEscape(values[i]);
entry.setValue(values);
}
}
}
chain.doFilter(req, res);
}
}
}