package web.itcast.filter;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import java.io.BufferedReader;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
import java.util.ArrayList;
import java.util.List;
@WebFilter("/*")
//动态代理,对getParameter方法进行增强
public class FilterServletProxy implements Filter {
public void destroy() {
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
//目标对象req,动态代理
ServletRequest req1= (ServletRequest)Proxy.newProxyInstance(req.getClass().getClassLoader(), req.getClass().getInterfaces(), new InvocationHandler() {
@Override
public Object invoke(Object proxy, Method method, Object[] args) throws Throwable {
//增强req的getParameter,逻辑语句
//进行对方法名判断
if(method.getName().equals("getParameter")){
//通过反射调用方法输出
String s = (String)method.invoke(req, args);
//遍历集合里的敏感词
for (String str : list) {
if(s.contains(str)){
s = s.replaceAll(str, "***");
}
}
return s;
}
//调用其他方法直接使用不增强的原来方法
return method.invoke(req,args);
}
});
//对当前一次请求进行增强处理后放行
chain.doFilter(req1, resp);
}
//创建集合存储读的数据
private List<String> list= new ArrayList<>();
//加载配置为件,只执行一次
public void init(FilterConfig config) throws ServletException {
//获取真实路径
String realPath = config.getServletContext().getRealPath("/WEB-INF/classes/敏感词汇.txt");
//创建流
BufferedReader bf=null;
try {
bf = new BufferedReader(new FileReader(realPath));
String line=null;
while ((line=bf.readLine())!=null){
list.add(line);
}
System.out.println(list);
} catch (FileNotFoundException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}finally {
try {
bf.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
}