java对特殊字符串的过滤(URL)
public static String filterURL(String value) {
if (value == null) {
return null;
}
StringBuffer result = new StringBuffer(value.length());
for (int i = 0; i < value.length(); ++i) {
switch (value.charAt(i)) {
case '<':
result.append("<");
break;
case '>':
result.append(">");
break;
case '"':
result.append(""");
break;
case '\'':
result.append("'");
break;
case '%':
result.append("%");
break;
case ';':
result.append(";");
break;
case '(':
result.append("(");
break;
case ')':
result.append(")");
break;
case '&':
result.append("&");
break;
case '+':
result.append("+");
break;
default:
result.append(value.charAt(i));
break;
}
}
String s="<script>";
String s0="</script>";
String s1="<frame";
String s2="http://";
String s3="<img";
String s4="src=";
String s5=".html";
String s6="\"+";//=
String s7="alert";
String s8="|| '' ||";
String s9="<iframe";
String strD=result.toString();
if(result!=null){
strD = strD.replaceAll("(?i)" + s, "");
strD = strD.replaceAll("(?i)" + s0, "");
strD = strD.replaceAll("(?i)" + s1, "");
strD = strD.replaceAll("(?i)" + s2, "");
strD = strD.replaceAll("(?i)" + s3, "");
strD = strD.replaceAll("(?i)" + s4, "");
strD = strD.replaceAll("(?i)" + s5, "");
strD = strD.replaceAll("(?i)" + s6, "");
strD = strD.replaceAll("(?i)" + s7, "");
strD = strD.replaceAll("(?i)" + s8, "");
strD = strD.replaceAll("(?i)" + s9, "");
strD = strD.replaceAll("(?i)" + s10, "");
strD = strD.replaceAll("(?i)" + s11, "");
strD=strD.replaceAll(".net","");
strD=strD.replaceAll(".com","");
strD=strD.replaceAll(".cn","");
}
return strD;
}