URL重写例子

编程语言 2018-05-09 23:57:06 阅读次数: 2
URL重写例子


使Session更安全的方法:
1.分配给用户 Session ID 时,同时探明用户使用的浏览器和 IP 地址、端口号,作为验证依据,使非法用户不能进行 Session ID 欺骗。
2.登陆时Session重置,也是一个有效的方法。//request.getSession().invalidate();


encodeURL在附加jsessionid之前还对url做了判断处理:如果url为空字符串(长度为0的字符串),则将url转换为完整的URL(http或https开头的);如果url是完整的URL,但不含任何路径(即只包含协议、主机名、端口,例如http://127.0.0.1),则在末尾加上根路径符号/。
也就是encodeURL如果进行了编码,则返回的URL一定是完整URL而不是相对路径;而encodeRedirectURL则不对URL本身进行处理,只专注于添加jsessionid参数(如果需要)。 


package com.cesmart.controller;

import java.lang.ProcessBuilder.Redirect;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@Controller
public class WebTestUrl {
	@Autowired
	protected HttpServletResponse response;
	@Autowired
	protected HttpServletRequest request;

	@RequestMapping("/WebTestUrl")
	public String webTest() {
		System.out.println("WebTestUrl");

		// System.out.println("getCookies == " + request.getCookies());
		System.out.println("getRemoteAddr == " + request.getRemoteAddr());
		System.out.println("getRemoteHost == " + request.getRemoteHost());
		System.out.println("getRemotePort == " + request.getRemotePort());

		System.out.println("hashCode == " + request.getSession().hashCode());
		String encodeRedirectUrl = response.encodeURL("/001.html");
		System.out.println("encodeRedirectUrl == " + encodeRedirectUrl);
		// Session重置,就是清空Session
		request.getSession().invalidate();
		System.out.println("getSession == " + request.getSession());
		System.out.println("hashCode == " + request.getSession().hashCode());
		encodeRedirectUrl = response.encodeURL("/001.html");
		System.out.println("encodeRedirectUrl == " + encodeRedirectUrl);

		encodeRedirectUrl = response.encodeRedirectURL("/WebTestUrl2");
		System.out.println("encodeRedirectUrl == " + encodeRedirectUrl);

		String returnString = "redirect:" + encodeRedirectUrl;
		return returnString;
	}
}



package com.cesmart.controller;

import java.lang.ProcessBuilder.Redirect;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class WebTestUrl2 {
	@Autowired
	protected HttpServletResponse response;
	@Autowired
	protected HttpServletRequest request;

	@RequestMapping("/WebTestUrl2")
	public String webTest2() {
		System.out.println("WebTestUrl2");

		System.out.println("getCookies == " + request.getCookies());

		System.out.println("getSession == " + request.getSession());
		System.out.println("getSession == " + request.getSession().hashCode());

//		String encodeRedirectUrl = response.encodeURL("/001.html");

		 String encodeRedirectUrl = response.encodeRedirectURL("/001.html");

		System.out.println("encodeRedirectUrl == " + encodeRedirectUrl);

		String returnString = "<a href='" + encodeRedirectUrl + "'>购买</a>";

		System.out.println("returnString == " + returnString);

		return returnString;
	}
}



package com.cesmart;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;

import com.cesmart.entity.TestBean;
import com.cesmart.entity.TestBean2;

//@Configuration
@EnableAutoConfiguration
// @ComponentScan(basePackages = "com.cesmart.config") //扫描那些包得到bean
@ComponentScan(basePackages = "com.cesmart") // 扫描那些包得到bean.@ComponentScan({"com.teradata.notification","com.teradata.dal"})
public class Application {
	public static void main(String[] args) {
		ApplicationContext applicationContext = SpringApplication.run(Application.class, args);

		TestBean testBean = (TestBean) applicationContext.getBean("testBean");
		System.out.println("TestBean == " + testBean.toString());

		TestBean2 testBean2 = (TestBean2) applicationContext.getBean("testBean2");
		System.out.println("TestBean2 == " + testBean2.toString());

		TestBean2 testBean3 = (TestBean2) applicationContext.getBean("testBean3");
		System.out.println("TestBean3 == " + testBean2.toString());
	}
}


猜你喜欢

转载自huangyongxing310.iteye.com/blog/2346054
今日推荐
《美国对全球网络空间安全与发展的威胁和破坏》报告发布
火速冲上 GitHub 热榜 —— 开源编程语言、框架哪有这么可爱?
北京人形机器人创新中心发布全球首个纯电驱拟人奔跑的全尺寸人形机器人“天工”
LFOSSA 源来如此公开课 | 掌握云原生未来:CNCF 认证全面攻略与备考秘籍
周排行
让自己的头脑极度开放
CentOS 6.5(x64) 和Redhat6.5操作系误删libc
高可用注册中心
【日记】12.28/【题解】AtCoder AGC041
XML(5)_XML 约束_DTD
Java集合Map(四)
树梅派安装桌面环境教程
pipenv 的 使用和安装
小程序白屏问题和内存研究
C语言简单选择排序
每日归档
更多
2024-05-02(0)
2024-05-01(4)
2024-04-30(1)
2024-04-29(40)
2024-04-28(0)
2024-04-27(56)
2024-04-26(39)
2024-04-25(22)
2024-04-24(36)
2024-04-23(26)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022