1、重新对request进行包装,需要继承HttpServletRequestWrapper
package com.topcheer.common;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import org.apache.commons.lang.StringUtils;
public class ParameterRequestWrapper extends HttpServletRequestWrapper {
public ParameterRequestWrapper(HttpServletRequest request) {
super(request);
}
@Override
public String getParameter(String name) {
//Constants.MY_LOG.debug("getParameter----->转义处理");
//return clearXss(super.getParameter(name));// 保留勿删
String parameter = null;
parameter = xssEncode(super.getParameter(name));
//过滤sql注入
parameter = filterContent(parameter);
return parameter;
}
@Override
public String getHeader(String name) {
//Constants.MY_LOG.debug("getHeader----->转义处理");
//return clearXss(super.getHeader(name)); // 保留勿删
return xssEncode(super.getParameter(name));
}
@Override
public String[] getParameterValues(String name) {
//Constants.MY_LOG.debug("getParameterValues----->转义处理");
if(!StringUtils.isEmpty(name)){
String[] values = super.getParameterValues(name);
if(values != null && values.length > 0){
String[] newValues = new String[values.length];
for(int i =0; i< values.length; i++){
//newValues[i] = clearXss(values[i]);// 保留勿删
newValues[i] = xssEncode(values[i]);
//过滤sql注入
newValues[i] = filterContent(newValues[i]);
}
return newValues;
}
}
return null;
}
/**
<