多学习。

过滤敏感词汇

要点:

  如果是通过getParameter()获取值,可直接修改值,利用代理模式返回过滤敏感词汇的值

  如果是通过getParameterMap()获取的map不能修改原map,否则抛出异常:java.lang.IllegalStateException: 不允许修改锁定的参数映射,需要一个新的map。

代码:

    

package com.czy.web.filter;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import java.io.*;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;

@WebFilter("/*")
public class SensitiveWordsFilter implements Filter {
    ArrayList<String> words = new ArrayList<>();

    public void destroy() {
    }

    public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
        ServletRequest request = (ServletRequest)Proxy.newProxyInstance(req.getClass().getClassLoader(), req.getClass().getInterfaces(), new InvocationHandler() {
            @Override
            public Object invoke(Object proxy, Method method, Object[] args) throws Throwable {
                if(method.getName().equals("getParameterMap")){
                    Map<String,String[]> map = (Map<String,String[]>)method.invoke(req,args);
                    HashMap<String,String[]> re_map = new HashMap<>();
                    for(String key : map.keySet()){
                        String[] values = map.get(key);
                        for(String word : words) {
                          values[0] = values[0].replaceAll(word,"***");
                        }
                        re_map.put(key,values);
                    }
                    return re_map;
                }else if(method.getName().equals("getParameter")){
                    String value = (String)method.invoke(req,args);
                    for(String word : words)
                        value = value.replaceAll(word,"***");
                    return value;
                }
                return  method.invoke(req,args);
            }
        });

        chain.doFilter(request,resp);
    }

    public void init(FilterConfig config) throws ServletException {
        ServletContext servletContext = config.getServletContext();
        String path = servletContext.getRealPath("/WEB-INF/classes/SensitiveWords.txt");

        try {
            BufferedReader reader = new BufferedReader(new InputStreamReader(new FileInputStream(path),"utf-8"));
            String line;
            while( (line = reader.readLine()) != null )
                words.add(line);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

}

 

posted @ 2021-12-21 10:08  czyaaa  阅读(87)  评论(0)    收藏  举报