简单的防盗链过滤器

简单的防盗链过滤器代码,保护cwb目录和dir2目录下的zip文件不被盗链。
一、web.xml文件

<? xml version="1.0" encoding="ISO-8859-1" ?>
< web-app  xmlns ="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi
="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation
="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version
="2.4" >

< display-name > Welcome to Tomcat </ display-name >
< description >
  Welcome to Tomcat
</ description >
< filter >
  
< filter-name > SecurityFilter </ filter-name >
  
< filter-class > example.SecurityFilter </ filter-class >
</ filter >

< filter-mapping >
  
< filter-name > SecurityFilter </ filter-name >
  
< url-pattern > /dir2/* </ url-pattern >
</ filter-mapping >  
< filter-mapping >
  
< filter-name > SecurityFilter </ filter-name >
  
< url-pattern > /cwb/* </ url-pattern >
</ filter-mapping >  

< servlet >  
  
< servlet-name > log4j-init </ servlet-name >  
  
< servlet-class > example.Log4jInit </ servlet-class >  
  
< init-param >  
    
< param-name > log4j </ param-name >  
    
< param-value > WEB-INF/log4j.properties </ param-value >  
  
</ init-param >  
< load-on-startup > 1 </ load-on-startup >  
</ servlet >  

</ web-app >


二、过滤器代码

package  example;

import  javax.servlet.Filter;
import  javax.servlet.FilterConfig;
import  javax.servlet.ServletRequest;
import  javax.servlet.ServletResponse;
import  javax.servlet.FilterChain;
import  javax.servlet.ServletException;
import  javax.servlet.http. * ;
import  java.io.IOException;
import  java.util.Iterator;
import  java.util.Set;
import  java.util.HashSet;
import  org.apache.log4j. * ;


public   class  SecurityFilter  implements  Filter  {
    
    
private static final String JAVA3Z_URL = "http://www.java3z.com/cwbwebhome/index.html";
        
private static final String K_URL="http://www.xxx.com/index.html";
    
    
      
private Logger logger = Logger.getLogger("this.SecurityFilter");
    
    
    
    
/** *//**
     * Initializes the Filter.
     
*/

    
public void init(FilterConfig filterConfig) throws ServletException {
        
        
    }

    
    
/** *//**
     * Standard doFilter object.
     
*/

    
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
            
throws IOException, ServletException {
      
//logger.info("doFilter");
         HttpServletRequest req1=(HttpServletRequest)req;
         HttpServletResponse res1
=(HttpServletResponse)res;
      String contextPath 
= req1.getContextPath();    
      String requestUri 
= req1.getRequestURI();
      
//logger.info("requestUri = " + requestUri);

         String referer
=req1.getHeader("Referer");
         
         
if(referer!=null&&referer.indexOf("www.java3z.com"< 0&&referer.indexOf("www.xxx.com"< 0){
            
        
if(requestUri.indexOf("cwb")!=-1){
                 res1.sendRedirect(JAVA3Z_URL);
              }
else{
                  res1.sendRedirect(K_URL);
              }

         }
else{
                   chain.doFilter(req, res);
        }

    }

    
    
public void destroy() {} 
    
    }


你可能感兴趣的:(java,tomcat,log4j,Web,servlet)