--------------------------------------------------------------------------------
一个关健词文件keywords.properties:
<=* >=* '=*
--------------------------------------------------------------------------------
RequestWrapper
import java.util.Enumeration; import java.util.Iterator; import java.util.Map; import java.util.Properties; import java.util.Set; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequestWrapper; import org.apache.cxf.common.util.StringUtils; public class KeyWordRequestWrapper extends HttpServletRequestWrapper { private Properties props; public KeyWordRequestWrapper(HttpServletRequest request, Properties props) { super(request); this.props = props; } @Override public Map getParameterMap() { super.getContextPath(); Map<String, String[]> map = super.getParameterMap(); if (!map.isEmpty()) { Set<String> keySet = map.keySet(); Iterator<String> keyIt = keySet.iterator(); while (keyIt.hasNext()) { String key = keyIt.next(); String[] values = map.get(key); for (int i = 0; i < values.length; i++) { map.get(key)[i] = this.replaceParam(values[i]); } } } return map; } @Override public String getParameter(String str) { String s = super.getParameter(str); return replaceParam(s); } @Override public String[] getParameterValues(String str) { String[] ss = super.getParameterValues(str); if (ss == null || ss.length == 0) { return ss; } String[] ss2 = new String[ss.length]; for (int i = 0; i < ss2.length; i++) { ss2[i] = replaceParam(ss[i]); } return ss2; } private String replaceParam(String string) { if (StringUtils.isEmpty(string)) { return string; } String sb = new String(string); Enumeration en = props.propertyNames(); while (en.hasMoreElements()) { String s = en.nextElement().toString(); if (string.contains(s)) { sb = sb.replaceAll(s, props.getProperty(s)); } } return sb; } }
--------------------------------------------------------------------------------
filter:
import java.io.IOException; import java.io.InputStream; import java.util.Properties; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import org.slf4j.Logger; import org.slf4j.LoggerFactory; public class CharacterReplaceFilter implements Filter { private final Logger LOG = LoggerFactory.getLogger(CharacterReplaceFilter.class); private final static String KEY = "filePath"; private FilterConfig filterConfig = null; private static Properties props = new Properties(); public void init(FilterConfig filterConfig) throws ServletException { this.filterConfig = filterConfig; String value = this.filterConfig.getInitParameter(KEY); InputStream ins = CharacterReplaceFilter.class.getClassLoader().getResourceAsStream(value); try { props.load(ins); LOG.info("敏感词文件加载成功"); } catch (IOException e) { LOG.error("加载敏感词文件时发生错误", e); } } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpReq = (HttpServletRequest) request; final String method = httpReq.getMethod(); if (method.equalsIgnoreCase("POST") || method.equalsIgnoreCase("PUT")) { KeyWordRequestWrapper wrapper = new KeyWordRequestWrapper((HttpServletRequest) request, props); chain.doFilter(wrapper, response); } else { chain.doFilter(request, response); } } public void destroy() { filterConfig = null; props = null; } }
--------------------------------------------------------------------------------
web.xml:
<!-- 处理敏感字符 --> <filter> <filter-name>keywordFilter</filter-name> <filter-class>com.xxx.wdss.web.filter.CharacterReplaceFilter</filter-class> <init-param> <param-name>filePath</param-name> <param-value>properties/keywords.properties</param-value> </init-param> </filter> <filter-mapping> <filter-name>keywordFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <!-- / 处理敏感字符 -->