点击查看代码
package servlet.filter;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import java.io.BufferedReader;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
import java.util.ArrayList;
@WebFilter("/*")
public class FilterDemo3 implements Filter {
ArrayList<String> arrayList = new ArrayList<>();
@Override
public void init(FilterConfig filterConfig) throws ServletException {
try {
//获取真实路径
ServletContext context = filterConfig.getServletContext();
String realPath = context.getRealPath("/sensitiveWords.txt");
BufferedReader br = new BufferedReader(new FileReader(realPath));
String line = null;
while((line=br.readLine())!=null){
arrayList.add(line);
}
br.close();
} catch (Exception e) {
e.printStackTrace();
}
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
//进行代理
ServletRequest Proxy_req=(ServletRequest) Proxy.newProxyInstance(servletRequest.getClass().getClassLoader(), servletRequest.getClass().getInterfaces(), new InvocationHandler() {
@Override
public Object invoke(Object proxy, Method method, Object[] args) throws Throwable {
//增强getParameter方法
if(method.getName().equals("getParameter")){
String value = (String) method.invoke(servletRequest, args);
if(value!=null){
for (String s : arrayList) {
if(s.equals(value)){
value= value.replaceAll(s,"***");
}
}
}
return value;
}
return method.invoke(servletRequest,args);
}
});
filterChain.doFilter(Proxy_req,servletResponse);
}
@Override
public void destroy() {
}
}
浙公网安备 33010602011771号