编写过滤器:
package com.suryani.map.filter;
import java.io.IOException;
import java.util.List;
import java.util.Map;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import org.apache.commons.lang.StringUtils;
import com.suryani.map.util.WordsUtil;
public class WordFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
request.setCharacterEncoding("utf-8");
// 在过滤器中用装饰模式把 原装request的功能增强了
// ---拦截后台调用的getParamter()方法
MyRequest req = new MyRequest((HttpServletRequest) request);
chain.doFilter(req, response);// 放行
}
@Override
public void destroy() {
}
}
class MyRequest extends HttpServletRequestWrapper {
public MyRequest(HttpServletRequest request) {
super(request);
}
@Override
public String getParameter(String name) {
String str = super.getParameter(name);
List<String> list = WordsUtil.getWords();
for (String word : list) {
if (!StringUtils.isEmpty(str)) {
str = str.replaceAll(word, "*");
}
}
return str;
}
}
编写敏感词汇的集合类:
package com.suryani.map.util;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Properties;
import java.util.Set;
public class WordsUtil {
private static List<String> list = new ArrayList<>();
/**
* 读取txt文件
*
* @param path
* @return
*/
public static String readtxt(String path) {
String result = "";
File file = new File(path);
try {
InputStreamReader reader = new InputStreamReader(new FileInputStream(file), "gbk");
BufferedReader br = new BufferedReader(reader);
String s = null;
while ((s = br.readLine()) != null) {
result = result + s;
}
} catch (UnsupportedEncodingException | FileNotFoundException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
return result;
}
static {
Properties p = new Properties();
//获取敏感词汇集合所在的路径 C://words.txt
String path = Thread.currentThread().getContextClassLoader().getResource("//file.properties").getPath();
String initfilePath = "";
try {
p.load(new FileInputStream(path));// 读取.preperties中的信息
initfilePath = p.getProperty("file.initfilePath");
} catch (FileNotFoundException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
String str = WordsUtil.readtxt(initfilePath);
String strs[] = str.split("#");
List<String> tempList = new ArrayList();
for (String data : strs) {
tempList.add(data.trim());
}
Set set = new HashSet();
for (String cd : tempList) {
if (set.add(cd)) {
list.add(cd);
}
}
}
public static List<String> getWords() {
return list;
}
}
在web.XML中添加一下过滤器的配置
<filter> <filter-name>wordFilter</filter-name> <filter-class>com.suryani.map.filter.WordFilter</filter-class>
</filter> <filter-mapping> <filter-name>wordFilter</filter-name> <url-pattern>/*</url-pattern>
</filter-mapping>
以上的过滤器过滤 String param=request.getParameter("param");
当你有用该写法写的时候会跳到过滤器中处理,然后替换敏感字符
敏感字符集合下载地址为:https://pan.baidu.com/s/1g-9PjZk-IDjN_Dcii25DEA