一个简单的带登陆拦截的登陆注销java-web项目,登陆注销之后再直接访问本来不该能访问的登陆成功页面,发现可以访问。F5刷新之后又正常了。调试发现没手动刷新之前访问绕开了过滤器fi...
一个简单的带登陆拦截的登陆注销java-web项目,登陆注销之后再直接访问本来不该能访问的登陆成功页面,发现可以访问。F5刷新之后又正常了。调试发现没手动刷新之前访问绕开了过滤器filter没执行。这什么情况?
附过滤器:
//一些初始化操作
public class loginFilter implements Filter{
public void init(FilterConfig request) throws ServletException {}
public void destroy() {}
public void doFilter(ServletRequest request, ServletResponse response,FilterChain chain) throws IOException, ServletException {
HttpServletRequest httprequest = (HttpServletRequest)request;
HttpServletResponse httpresponse =(HttpServletResponse)response;
HttpSession session = httprequest.getSession();
String path = httprequest.getRequestURI();
//过滤拦截操作,在项目里这里代码逻辑上是对的
String psw = (String)session.getAttribute("psw");
if ((psw==null)&&(path.equals(httprequest.getContextPath()+"/Pinxixi.html")))
httpresponse.sendRedirect(httprequest.getContextPath()+"/Aug9_1.html");
else
chain.doFilter(request, response);
}
}
展开