[原创]过滤器过滤特殊符号
首先,列出我用到的参考资料吧:
资料一来自:http://magicgod.javaeye.com/blog/146537
资料二来自:http://blog.sina.com.cn/s/blog_56000153010005iq.html
我就是根据上面的两个资料,写了一个FILTER和一个JAVA 类,具体如下:
FILTER: SpecialCharacterFilter
import java.io.IOException;
import java.util.Enumeration;
import java.util.HashMap;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
public class SpecialCharacterFilter extends HttpServlet implements Filter {
protected FilterConfig config;
public void destroy() {
}
public void doFilter(ServletRequest req, ServletResponse res,
FilterChain chain) throws IOException, ServletException {
System.out.println("[SpecialCharacterFilter] : doFilter *************");
HttpServletRequest request = (HttpServletRequest)req;
HashMap m = new HashMap(request.getParameterMap());
HashMap mm = new HashMap();
Enumeration enu = request.getParameterNames();
if(m.size() > 0 && processParameters(m, enu, mm)) {
ParameterRequestWrapper wrapRequest = new ParameterRequestWrapper(request, mm);
chain.doFilter(wrapRequest, res);
} else {
chain.doFilter(req, res);
}
}
public void init(FilterConfig arg0) throws ServletException {
this.config = arg0;
}
public boolean processParameters(HashMap m, Enumeration enu, HashMap mm) {
System.out.println("[SpecialCharacterFilter] : processParameters *************");
if (m != null && enu != null) {
while (enu.hasMoreElements()) {
String key = (String)enu.nextElement();
String [] values = (String [])m.get(key);
for(int i = 0; i < values.length; i ++) {
if (values[i] != null) {
values[i] = values[i].trim();
values[i] = values[i].replaceAll("&", "&");
values[i] = values[i].replaceAll("<", "<");
values[i] = values[i].replaceAll(">", ">");
values[i] = values[i].replaceAll("/t", " ");
values[i] = values[i].replaceAll("/r/n", "/n");
values[i] = values[i].replaceAll("/n", "
");
values[i] = values[i].replaceAll(" ", " ");
values[i] = values[i].replaceAll("'", "'");
values[i] = values[i].replaceAll("////", "/");
}
}
mm.put(key, values);
}
}
return true;
}
}
JAVA 类:ParameterRequestWrapper import java.util.Enumeration;
import java.util.Map;
import java.util.Vector;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
public class ParameterRequestWrapper extends HttpServletRequestWrapper {
private Map params;
public ParameterRequestWrapper(HttpServletRequest request, Map newParams) {
super(request);
this.params = newParams;
}
public Map getParameterMap() {
return params;
}
public Enumeration getParameterNames() {
Vector l = new Vector(params.keySet());
return l.elements();
}
public String[] getParameterValues(String name) {
Object v = params.get(name);
if (v == null) {
return null;
} else if (v instanceof String[]) {
return (String[]) v;
} else if (v instanceof String) {
return new String[] { (String) v };
} else {
return new String[] { v.toString() };
}
}
public String getParameter(String name) {
Object v = params.get(name);
if (v == null) {
return null;
} else if (v instanceof String[]) {
String[] strArr = (String[]) v;
if (strArr.length > 0) {
return strArr[0];
} else {
return null;
}
} else if (v instanceof String) {
return (String) v;
} else {
return v.toString();
}
}
}
最后,还是写一下WEB.XML的配置吧:
specialCharacterFilter
com.fhn.vismp.common.SpecialCharacterFilter
specialCharacterFilter
*.do
specialCharacterFilter
*.jsp