下面是一个例子滤波器的实现:
public class HotLinkFilter implements Filter{
private final Map PATTERNS =
new ConcurrentHashMap();
private void addPatterns(final String targetPattern,
final String referrerPattern){
PATTERNS.put(Pattern.compile(targetPattern),
Pattern.compile(referrerPattern));
}
@Override
public void init(final FilterConfig config) throws ServletException{
@SuppressWarnings("unchecked")
final Enumeration parameterNames =
config.getInitParameterNames();
while(parameterNames.hasMoreElements()){
final String nextParam = parameterNames.nextElement();
if(nextParam.startsWith("pattern")){
final String[] patterns =
config.getInitParameter(nextParam).split("\\s+");
if(patterns.length == 2){
addPatterns(patterns[0], patterns[1]);
}
}
}
}
@Override
public void doFilter(final ServletRequest request,
final ServletResponse response,
final FilterChain chain) throws IOException, ServletException{
if(request instanceof HttpServletRequest){
final HttpServletRequest hsr = (HttpServletRequest) request;
final String referrer = hsr.getHeader("Referer");
boolean valid = true;
if(referrer != null){
final String requestUrl = hsr.getRequestURL().toString();
for(final Entry entry : PATTERNS.entrySet()){
if(entry.getKey().matcher(requestUrl).matches()
&& !entry.getValue().matcher(referrer).matches()){
valid = false;
break;
}
}
}
if(valid){
chain.doFilter(request, response);
} else{
// this is probably not the correct thing to do
throw new ServletException("Hotlinking not allowed");
}
}
}
@Override
public void destroy(){
}
}
它使用地图正则表达式模式。如果请求与左侧的模式相匹配,并且存在引用链接,则我们检查引荐链接是否匹配右侧的模式。您可以在web.xml配置此:
Hotlink-Filter
com.yourcompany.HotLinkFilter
pattern1
http://.*\.mysite.com/.*\.(jpe?g|gif|png)
http://.*\.mysite.com/.*