import org.apache.sanselan.Sanselan; //导入方法依赖的package包/类
/**
* We don't actually rewrite the image we just ensure that it is in fact a valid
* and known image type.
*/
private boolean rewriteProxiedImage(HttpRequest request, HttpResponse resp,
MutableContent content) {
boolean imageIsSafe = false;
try {
String contentType = resp.getHeader("Content-Type");
if (contentType == null || contentType.toLowerCase().startsWith("image/")) {
// Unspecified or unknown image mime type.
try {
ImageFormat imageFormat = Sanselan
.guessFormat(new ByteSourceInputStream(resp.getResponse(),
request.getUri().getPath()));
if (imageFormat == ImageFormat.IMAGE_FORMAT_UNKNOWN) {
logger.log(Level.INFO, "Unable to sanitize unknown image type "
+ request.getUri().toString());
return true;
}
imageIsSafe = true;
// Return false to indicate that no rewriting occurred
return false;
} catch (IOException ioe) {
throw new RuntimeException(ioe);
} catch (ImageReadException ire) {
// Unable to read the image so its not safe
logger.log(Level.INFO, "Unable to detect image type for " +request.getUri().toString() +
" for sanitized content", ire);
return true;
}
} else {
return true;
}
} finally {
if (!imageIsSafe) {
content.setContent("");
}
}
}