曾经一度流行sql注入,由于现在技术的更新,已经看不到这问题了,但是又出来新的安全问题,XSS攻击,他的原理就是在前端提交表单的时候,在input标签当中输入js脚本,通过js脚本注入后台,请看下图.
这里用用原生servlet做说明,帮助大家理解。
以下是我项目的路径
以上是我的项目结构。首先需要配置pom.xml把jar下载,第二步新建,XSSFilete.java这是一个过滤器。然后新建XSSRequest,这是相当于HttpServlet的子类,重写getParmeter方法。DoFromServlet主要是用来测试的,通过前端传js脚本避免出现XSS攻击。
1.配置pom.xml
<project xmlns=
"http://maven.apache.org/POM/4.0.0"
xmlns:xsi=
"http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation=
"http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"
>
<modelVersion>4.0.0</modelVersion>
<groupId>com.itmayideu.xss</groupId>
<artifactId>
xssfilter
</artifactId>
<version>0.0.1-SNAPSHOT</version>
<packaging>war</packaging>
<build/>
<dependencies>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.4</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-
api
</artifactId>
<version>3.0.1</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>javax.servlet.jsp</groupId>
<artifactId>
jsp
-
api
</artifactId>
<version>2.1</version>
<scope>provided</scope>
</dependency>
</dependencies>
</project>
第二步:
编写XSSFilete过滤器
package com.sunjian.xssfilter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
public class XSSFilete implements Filter{
@Override
public void init(FilterConfig arg0) throws ServletException {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
//解决XSS攻击手段思路,将表单提交的参数全部转换成html语言进行保存
HttpServletRequest req = (HttpServletRequest) request;
XSSRequest httpServletRequestWrapper = new XSSRequest(req);
chain.doFilter(httpServletRequestWrapper, response);
}
@Override
public void destroy() {
}
}
第三步:XSSRequest继承HttpServletRequestWrapper
package com.sunjian.xssfilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import org.apache.commons.lang3.StringEscapeUtils;
import org.apache.commons.lang3.StringUtils;
public class XSSRequest extends HttpServletRequestWrapper{
HttpServletRequest request;
public XSSRequest(HttpServletRequest request) {
super(request);
this.request = request;
}
/**
* 重写方法
*/
@Override
public String getParameter(String name) {
String value = request.getParameter(name);
if(!StringUtils.isEmpty(value)){
System.out.println("转换前value:"+value);
// 将value转换成html,就是会将一些脚本元素转换成html进行返回。
value = StringEscapeUtils.escapeHtml4(value);
System.out.println("转换后value:"+value);
}
return value;
}
}
第四部编写DoFromServlet接口
package com.sunjian.xssfilter;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@WebServlet("/DoFromServlet")
public class DoFromServlet extends HttpServlet{
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
System.out.println("DoFromServlet");
String userName = req.getParameter("userName");
req.setAttribute("userName", userName);
//将参数转发到另一个页面进行展示。
req.getRequestDispatcher("showUserName.jsp").forward(req, resp);
}
}
第五步:配置web.xml,配置过滤器
<?xml version=
"1.0"
encoding=
"UTF-8"
?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN" "http://java.sun.com/j2ee/dtds/web-app_2_2.dtd">
<web-app id=
"WebApp_ID"
>
<display-name>
xssfilter
</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
<filter>
<filter-class>com.sunjian.xssfilter.XSSFilete</filter-class>
<filter-name>XSSFilete</filter-name>
</filter>
<filter-mapping>
<filter-name>XSSFilete</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
第六步:编写前端form.jsp
<%@ page language=
"java"
contentType=
"text/html; charset=UTF-8"
pageEncoding=
"UTF-8"
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv=
"Content-Type"
content=
"text/html; charset=UTF-8"
>
<title>Insert title here</title>
</head>
<body>
<form action=
"DoFromServlet"
method=
"post"
>
用户名是<input type=
"text"
name=
"userName"
>
<input type=
"submit"
value=
"提交"
>
</form>
</body>
</html>
第七部:showUserName.jsp
<%@ page language=
"java"
contentType=
"text/html; charset=UTF-8"
pageEncoding=
"UTF-8"
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<%@ page isELIgnored=
"false"
%>
<html>
<head>
<meta http-equiv=
"Content-Type"
content=
"text/html; charset=UTF-8"
>
<title>Insert title here</title>
</head>
<body>
<h1>测试index.jsp</h1>
用户名是::${userName}
>
</body>
</html>
最终的效果:
以上是相关代码。其实XSS攻击就是通过前端input将js脚本注入到后台,解决原理是将<script>中的>转换成> 来解决XSS攻击
如果喜欢就给个赞吧。
关注我的公众号,都是满满的干货!
孙坚.gif
