案例1. 利用Servlet的过滤器Filter进行完成脏话过滤
package cn.javabs.filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequestWrapper; import javax.servlet.http.HttpServletResponse; public class DirtyWordsFilterDemo implements Filter { public void init(FilterConfig filterConfig) throws ServletException { } public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException { HttpServletRequest request; HttpServletResponse response; try{ request = (HttpServletRequest)req; response = (HttpServletResponse)resp; }catch(Exception e){ throw new RuntimeException("non-http request"); } DirtyWordHttpServletRequest dwrequest = new DirtyWordHttpServletRequest(request); chain.doFilter(dwrequest, response); } public void destroy() { } } class DirtyWordHttpServletRequest extends HttpServletRequestWrapper{ private String strs[] = {"傻逼","畜生","我去年买了个包"}; private HttpServletRequest request; public DirtyWordHttpServletRequest(HttpServletRequest request){ super(request); this.request = request; } @Override public String getParameter(String name) { String value = request.getParameter(name); if(value==null) return null; for(String s:strs){ if(value.contains(s)){ value = value.replace(s, "**"); } } return value; } }
案例2. 利用Servlet的过滤器Filter进行完成Html编码过滤
package cn.javabs.filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequestWrapper; import javax.servlet.http.HttpServletResponse; public class HtmlFilterDemo implements Filter { public void init(FilterConfig filterConfig) throws ServletException { } public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException { HttpServletRequest request; HttpServletResponse response; try{ request = (HttpServletRequest)req; response = (HttpServletResponse)resp; }catch(Exception e){ throw new RuntimeException("non-http request"); } HtmlHttpServletRequest hrequest = new HtmlHttpServletRequest(request); chain.doFilter(hrequest, response); } public void destroy() { } } class HtmlHttpServletRequest extends HttpServletRequestWrapper{ private HttpServletRequest request; public HtmlHttpServletRequest(HttpServletRequest request){ super(request); this.request = request; } @Override public String getParameter(String name) { String value = request.getParameter(name); if(value==null) return null; value = htmlFilter(value); return value; } private String htmlFilter(String message) { if (message == null) return (null); char content[] = new char[message.length()]; message.getChars(0, message.length(), content, 0); StringBuffer result = new StringBuffer(content.length + 50); for (int i = 0; i < content.length; i++) { switch (content[i]) { case '<': result.append("<"); break; case '>': result.append(">"); break; case '&': result.append("&"); break; case '"': result.append("""); break; default: result.append(content[i]); } } return (result.toString()); } }
案例3. 利用Servlet的过滤器Filter进行完成字符编码过滤(Get及Post方式)
package cn.javabs.filter; import java.io.IOException; import java.io.UnsupportedEncodingException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequestWrapper; import javax.servlet.http.HttpServletResponse; /** * 同时解决GET及POST请求参数和响应输出的编码过滤器 */ public class SetAllEncodingFilterDemo implements Filter { private FilterConfig filterConfig; public void init(FilterConfig filterConfig) throws ServletException { this.filterConfig = filterConfig; } public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException { HttpServletRequest request; HttpServletResponse response; try{ request = (HttpServletRequest)req; response = (HttpServletResponse)resp; }catch(Exception e){ throw new RuntimeException("non-http request"); } String encoding = "UTF-8"; String value = filterConfig.getInitParameter("encoding"); if(value!=null){ encoding = value; } request.setCharacterEncoding(encoding);//POST请求方式 response.setContentType("text/html;charset="+encoding); MyHttpServletRequest mrequest = new MyHttpServletRequest(request); chain.doFilter(mrequest, response); } public void destroy() { } } class MyHttpServletRequest extends HttpServletRequestWrapper{ private HttpServletRequest request; public MyHttpServletRequest(HttpServletRequest request){ super(request); this.request = request; } public String getParameter(String name) { String value = request.getParameter(name); if(value==null) return value; try { if("get".equalsIgnoreCase(request.getMethod())) value = new String(value.getBytes("ISO-8859-1"),request.getCharacterEncoding()); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } return value; } }
