敏感词过滤器 filter
public class SensitiveWordsFilter implements Filter {
private String[] list;
public static final String SENSITIVE_WORDS_ERROR_RETURN_JSON = "{\"isSuccess\":false,\"sensitiveWordsStatus\":1,\"msg\":\"您填写的信息涉及到敏感信息,请重新填写\"}";
@Override
public void init(FilterConfig filterConfig) throws ServletException {
String article = "敏感词1|敏感词2|敏感词3";
list = article.split("\\|");
}
@Override
public void doFilter(final ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
String[] urls = {"/front/url1.do","/front/url2.do"};
String servletPath = request.getServletPath();
if (servletPath!=null){
Set<String> set = new HashSet<>(Arrays.asList(urls));
if(set.contains(servletPath)){
try{
Enumeration enu=request.getParameterNames();
while(enu.hasMoreElements()){
String paraName=(String)enu.nextElement();
String parameter = request.getParameter(paraName);
if (!isReplaceParam(paraName)) {
continue;
}
boolean b = replaceString(parameter);
if (!b){
log.info("--------------->敏感词:"+paraName+": "+ parameter);
response.setCharacterEncoding("UTF-8");
response.getWriter().append(SENSITIVE_WORDS_ERROR_RETURN_JSON);
return;
}
if ("linkman".equals(paraName) || "responseText".equals(paraName)) {
log.info("-----------------》paraName:"+paraName);
log.info("-----------------》parameter:"+parameter);
parameter = Sm2Utils.decrypt(parameter);
log.info("-----------------》解密后:parameter:"+parameter);
if (!replaceString(parameter)) {
log.info("--------------->敏感词:"+paraName+": "+ parameter);
response.setCharacterEncoding("UTF-8");
response.getWriter().append(SENSITIVE_WORDS_ERROR_RETURN_JSON);
return;
}
}
}
}catch (Exception e){
log.error(e);
}
}
}
filterChain.doFilter(request, response);
}
public boolean replaceString(String str){
for (String string : list) {
if (str.contains(string)) {
log.info("----------->敏感词:"+string);
log.info("----------->输入词:"+str);
return false;
}
}
return true;
}
public boolean isReplaceParam (String paramName) {
String str = "ziduan1,ziduan2,ziduan3";
return str.contains(paramName);
}
@Override
public void destroy() {
}
}