可能大家在写java服务端程序的时候,总会出现安全沙漏的问题.
现将我的服务端部分代码贴出来,供大家参考 .
public void run() {
ServerSocket ss;
String ip = "";
try {
ip = InetAddress.getLocalHost().getHostAddress();
} catch (UnknownHostException e1) {
e1.printStackTrace();
}
String xml = "<cross-domain-policy><site-control permitted-cross-domain-policies=\"all\"/>";
xml = xml + "<allow-access-from domain=\"" + ip + "\" to-ports=\"1234\" />";
xml = xml + "</cross-domain-policy>";
try {
ss = new ServerSocket(port);
while (!cancle) {
Socket s = ss.accept();
BufferedReader br = new BufferedReader(new InputStreamReader(s
.getInputStream(), "UTF-8"));
PrintWriter pw = new PrintWriter(s.getOutputStream());
char[] by = new char[22];
br.read(by, 0, 22);
String head = new String(by);
//判断是不是第一求请求连接的安全验证
//如果是返回xML信息
if (head.equals("<policy-file-request/>")) {
System.out.println("连接服务器");
pw.print(xml + "\0");
pw.flush();
br.close();
pw.close();
} else {
//你自己的正常请求处理逻辑
}
}
ss.close();
} catch (IOException e) {
e.printStackTrace();
}
}
现将我的服务端部分代码贴出来,供大家参考 .
public void run() {
ServerSocket ss;
String ip = "";
try {
ip = InetAddress.getLocalHost().getHostAddress();
} catch (UnknownHostException e1) {
e1.printStackTrace();
}
String xml = "<cross-domain-policy><site-control permitted-cross-domain-policies=\"all\"/>";
xml = xml + "<allow-access-from domain=\"" + ip + "\" to-ports=\"1234\" />";
xml = xml + "</cross-domain-policy>";
try {
ss = new ServerSocket(port);
while (!cancle) {
Socket s = ss.accept();
BufferedReader br = new BufferedReader(new InputStreamReader(s
.getInputStream(), "UTF-8"));
PrintWriter pw = new PrintWriter(s.getOutputStream());
char[] by = new char[22];
br.read(by, 0, 22);
String head = new String(by);
//判断是不是第一求请求连接的安全验证
//如果是返回xML信息
if (head.equals("<policy-file-request/>")) {
System.out.println("连接服务器");
pw.print(xml + "\0");
pw.flush();
br.close();
pw.close();
} else {
//你自己的正常请求处理逻辑
}
}
ss.close();
} catch (IOException e) {
e.printStackTrace();
}
}
912
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
