分析:
1.對request對象進行增強。增強獲取參數相關方法。對過濾的敏感詞彙我們將其放到一個txt文本中,通過init加載。如果txt過濾的敏感詞彙中有中文,要把編碼格式轉換爲GBK.
package cn.easyArch.web.filter;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import java.io.BufferedReader;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
import java.util.ArrayList;
import java.util.List;
@WebFilter("/testServlet")
public class SensitiveWordsFilter implements Filter {
public void destroy() {
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
//創建代理對象,增強getPatameter方法
ServletRequest proxy_req= (ServletRequest) Proxy.newProxyInstance(req.getClass().getClassLoader(), req.getClass().getInterfaces(), new InvocationHandler() {
@Override
public Object invoke(Object proxy, Method method, Object[] args) throws Throwable {
//增強getParameter方法
//判斷是否是getParameter方法
if (method.getName().equals("getParameter")){
//增強返回值
//獲取返回值
String value= (String) method.invoke(req,args);
if (value!=null){
for (String str:sensitive){
if (value.contains(str)){
value=value.replaceAll(str,"***");
}
}
}
return value;
}
return method.invoke(req,args);
}
});
//放行
chain.doFilter(proxy_req, resp);
}
//敏感詞彙集合
private List<String> sensitive =new ArrayList<String>();
public void init(FilterConfig config) throws ServletException {
try {
//加載文件
//獲取文件真實路徑
ServletContext servletContext=config.getServletContext();
String realPath=servletContext.getRealPath("/WEB-INF/classes/敏感詞彙.txt");
//讀取文件
BufferedReader br =new BufferedReader(new FileReader(realPath));
//將文件的每一行數據添加到list中
String line=null;
while ((line=br.readLine())!=null){
sensitive.add(line);
}
br.close();
System.out.println(sensitive);
} catch (Exception e) {
e.printStackTrace();
}
}
}