request 增强(html转义 ,中文乱码,过滤敏感字符) package me.gacl.web.filter;import java.io.BufferedReader;import java.io.IOException;import java.io.InputStream;import java.io.InputStreamReader;import java.io.UnsupportedEn
package me.gacl.web.filter;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
/**
* @ClassName: AdvancedFilter
* @Description: 这个过滤器是用来解决中文乱码,转义内容中的html标签,过滤内容中的敏感字符的
* @author: 孤傲苍狼
* @date: 2014-9-6 下午6:17:37
*
*/
public class AdvancedFilter implements Filter {
private FilterConfig filterConfig = null;
//设置默认的字符编码
private String defaultCharset = "UTF-8";
@Override
public void init(FilterConfig filterConfig) throws ServletException {
//得到过滤器的初始化配置信息
this.filterConfig = filterConfig;
}
@Override
public void doFilter(ServletRequest req, ServletResponse resp,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
//得到在web.xml中配置的字符编码
String charset = filterConfig.getInitParameter("charset");
if(charset==null){
charset = defaultCharset;
}
request.setCharacterEncoding(charset);
response.setCharacterEncoding(charset);
response.setContentType("text/html;charset="+charset);
AdvancedRequest requestWrapper = new AdvancedRequest(request);
chain.doFilter(requestWrapper, response);
}
@Override
public void destroy() {
}
class AdvancedRequest extends HttpServletRequestWrapper{
private List
dirtyWords = getDirtyWords();
//定义一个变量记住被增强对象(request对象是需要被增强的对象)
private HttpServletRequest request;
//定义一个构造函数,接收被增强对象
public AdvancedRequest(HttpServletRequest request) {
super(request);
this.request = request;
}
/* 覆盖需要增强的getParameter方法
* @see javax.servlet.ServletRequestWrapper#getParameter(java.lang.String)
*/
@Override
public String getParameter(String name) {
try{
//获取参数的值
String value= this.request.getParameter(name);
if(value==null){
return null;
}
//如果不是以get方式提交数据的,就直接返回获取到的值
if(!this.request.getMethod().equalsIgnoreCase("get")) {
//调用filter转义value中的html标签
value= filter(value);
}else{
//如果是以get方式提交数据的,就对获取到的值进行转码处理
value = new String(value.getBytes("ISO8859-1"),this.request.getCharacterEncoding());
//调用filter转义value中的html标签
value= filter(value);
}
for(String dirtyWord : dirtyWords){
if(value.contains(dirtyWord)){
System.out.println("内容中包含敏感词:"+dirtyWord+",将会被替换成****");
//替换敏感字符
value = value.replace(dirtyWord, "****");
}
}
return value;
}catch (Exception e) {
throw new RuntimeException(e);
}
}
}
/**
* @Method: filter
* @Description: 过滤内容中的html标签
* @Anthor:孤傲苍狼
* @param value
* @return
*/
public String filter(String value) {
if (value == null){
return null;
}
char content[] = new char[value.length()];
value.getChars(0, value.length(), content, 0);
StringBuffer result = new StringBuffer(content.length + 50);
for (int i = 0; i < content.length; i++) {
switch (content[i]) {
case '<':
result.append("<");
break;
case '>':
result.append(">");
break;
case '&':
result.append("&");
break;
case '"':
result.append(""");
break;
default:
result.append(content[i]);
}
}
return (result.toString());
}
/**
* @Method: getDirtyWords
* @Description: 获取敏感字符
* @Anthor:孤傲苍狼
*
* @return
*/
private List
getDirtyWords(){ List
dirtyWords = new ArrayList
(); String dirtyWordPath = filterConfig.getInitParameter("dirtyWord"); InputStream inputStream = filterConfig.getServletContext().getResourceAsStream(dirtyWordPath); InputStreamReader is = null; try { is = new InputStreamReader(inputStream,defaultCharset); } catch (UnsupportedEncodingException e2) { e2.printStackTrace(); } BufferedReader reader = new BufferedReader(is); String line; try { while ((line = reader.readLine())!= null) {//如果 line为空说明读完了 dirtyWords.add(line); } } catch (IOException e) { e.printStackTrace(); } return dirtyWords; } }
AdvancedFilter
me.gacl.web.filter.AdvancedFilter
charset
UTF-8
//中文乱码解决
dirtyWord
/WEB-INF/DirtyWord.txt
//敏感字符路径
AdvancedFilter
/*
response 增强过滤压缩
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import java.util.zip.GZIPOutputStream;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
/**
* @ClassName: GzipFilter
* @Description: 压缩过滤器,将web应用中的文本都经过压缩后再输出到浏览器
* @author: 孤傲苍狼
* @date: 2014-9-7 上午10:52:42
*
*/
public class GzipFilter implements Filter {
public void doFilter(ServletRequest req, ServletResponse resp,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
BufferResponse myresponse = new BufferResponse(response);
chain.doFilter(request, myresponse);
//拿出缓存中的数据,压缩后再打给浏览器
byte out[] = myresponse.getBuffer();
System.out.println("原始大小:" + out.length);
ByteArrayOutputStream bout = new ByteArrayOutputStream();
//压缩输出流中的数据
GZIPOutputStream gout = new GZIPOutputStream(bout);
gout.write(out);
gout.close();
byte gzip[] = bout.toByteArray();
System.out.println("压缩后的大小:" + gzip.length);
response.setHeader("content-encoding", "gzip");
response.setContentLength(gzip.length);
response.getOutputStream().write(gzip);
}
public void destroy() {
}
public void init(FilterConfig filterConfig) throws ServletException {
}
}
class BufferResponse extends HttpServletResponseWrapper{
private ByteArrayOutputStream bout = new ByteArrayOutputStream();
private PrintWriter pw;
private HttpServletResponse response;
public BufferResponse(HttpServletResponse response) {
super(response);
this.response = response;
}
@Override
public ServletOutputStream getOutputStream() throws IOException {
return new MyServletOutputStream(bout);
}
@Override
public PrintWriter getWriter() throws IOException {
pw = new PrintWriter(new OutputStreamWriter(bout,this.response.getCharacterEncoding()));
return pw;
}
public byte[] getBuffer(){
try{
if(pw!=null){
pw.close();
}
if(bout!=null){
bout.flush();
return bout.toByteArray();
}
return null;
}catch (Exception e) {
throw new RuntimeException(e);
}
}
}
class MyServletOutputStream extends ServletOutputStream{
private ByteArrayOutputStream bout;
public MyServletOutputStream(ByteArrayOutputStream bout){
this.bout = bout;
}
@Override
public void write(int b) throws IOException {
this.bout.write(b);
}
}
配置压缩过滤器
GzipFilter
me.gacl.web.filter.GzipFilter
GzipFilter
*.jsp
FORWARD
REQUEST
GzipFilter
*.js
GzipFilter
*.css
GzipFilter
*.html
response 增强缓存
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
/**
* @ClassName: WebResourceCachedFilter
* @Description: Web资源缓存过滤器
* @author: 孤傲苍狼
* @date: 2014-9-8 上午12:20:16
*
*/
public class WebResourceCachedFilter implements Filter {
/**
* @Field: map
* 缓存Web资源的Map容器
*/
private Map
map = new HashMap
(); @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = (HttpServletResponse) resp; //1.得到用户请求的uri String uri = request.getRequestURI(); //2.看缓存中有没有uri对应的数据 byte b[] = map.get(uri); //3.如果缓存中有,直接拿缓存的数据打给浏览器,程序返回 if(b!=null){ //根据字节数组和指定的字符编码构建字符串 String webResourceHtmlStr = new String(b,response.getCharacterEncoding()); System.out.println(webResourceHtmlStr); response.getOutputStream().write(b); return; } //4.如果缓存没有,让目标资源执行,并捕获目标资源的输出 BufferResponse myresponse = new BufferResponse(response); chain.doFilter(request, myresponse); //获取缓冲流中的内容的字节数组 byte out[] = myresponse.getBuffer(); //5.把资源的数据以用户请求的uri为关键字保存到缓存中 map.put(uri, out); //6.把数据打给浏览器 response.getOutputStream().write(out); } @Override public void destroy() { } class BufferResponse extends HttpServletResponseWrapper{ private ByteArrayOutputStream bout = new ByteArrayOutputStream(); //捕获输出的缓存 private PrintWriter pw; private HttpServletResponse response; public BufferResponse(HttpServletResponse response) { super(response); this.response = response; } @Override public ServletOutputStream getOutputStream() throws IOException { return new MyServletOutputStream(bout); } @Override public PrintWriter getWriter() throws IOException { pw = new PrintWriter(new OutputStreamWriter(bout,this.response.getCharacterEncoding())); return pw; } public byte[] getBuffer(){ try{ if(pw!=null){ pw.close(); } return bout.toByteArray(); }catch (Exception e) { throw new RuntimeException(e); } } } class MyServletOutputStream extends ServletOutputStream{ private ByteArrayOutputStream bout; public MyServletOutputStream(ByteArrayOutputStream bout){ //接收数据写到哪里 this.bout = bout; } @Override public void write(int b) throws IOException { bout.write(b); } } }
Web资源缓存过滤器
WebResourceCachedFilter
me.gacl.web.filter.WebResourceCachedFilter
WebResourceCachedFilter
/login.jsp
/test.jsp
/test2.jsp