package cn.itcast.web.filter;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import java.io.*;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
import java.util.*;
/**
* 敏感词汇过滤器
*/
@WebFilter(value = "/*")
public class SensitiveWordsFilter implements Filter {
//定义集合保存敏感词汇
private Properties pro = new Properties();
public void init(FilterConfig config) throws ServletException {
try {
//获取文件真实路径输入流
InputStream is = config.getServletContext().getResourceAsStream("/WEB-INF/classes/sensitiveWords.properties");
//解码(gbk)
InputStreamReader read = new InputStreamReader(is, "gbk");
//加载
pro.load(read);
} catch (IOException e) {
e.printStackTrace();
}
//System.out.println(pro);
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
//编码
req.setCharacterEncoding("utf-8");
//获取req代理对象
ServletRequest proxy_req = (ServletRequest) Proxy.newProxyInstance(req.getClass().getClassLoader(), req.getClass().getInterfaces(), new InvocationHandler() {
@Override
public Object invoke(Object proxy, Method method, Object[] args) throws Throwable {
//增强getParameter方法
if (method.getName().equals("getParameter")) {
//获取方法的返回值(明确知道方法的返回值为String)
String value = (String) method.invoke(req, args);
if (value!=null) {
//获取敏感词汇的键集合
Set<String> keys = pro.stringPropertyNames();
//遍历敏感词汇集合
for (String key : keys) {
//返回值包含敏感词汇
if (value.contains(pro.getProperty(key))) {
//替换敏感词汇
value = value.replaceAll(pro.getProperty(key), "***");
}
}
}
//返回替换后的值
return value;
//增强getParameterValues
} else if (method.getName().equals("getParameterValues")) {
//获取方法的返回值
//method.invoke返回值为obj类型
String[] values = (String[]) method.invoke(req, args);
//System.out.println(Arrays.toString(values));
//定义一个集合来存储替换敏感词后的返回值
List<String> list = new ArrayList<String>();
if (values!=null) {
//获取敏感词汇的键集合
Set<String> keys = pro.stringPropertyNames();
//遍历返回值
for (String value : values) {
//遍历敏感词汇键集合
for (String key : keys) {
//返回值包含敏感词汇
if (value.contains(pro.getProperty(key))) {
//替换敏感词汇
value = value.replaceAll(pro.getProperty(key), "***");
}
}
//保存替换后的value
list.add(value);
}
//System.out.println(list);
}
//返回替换后的值
//强转数组类型,强转元素类型
String[] array = list.toArray(new String[0]);
return array;
//增强getParameterMap
}else if (method.getName().equals("getParameterMap")) {
//获取方法的返回值
Map<String, String[]> map = (Map<String, String[]>) method.invoke(req, args);
Set<String> keys = map.keySet();
//定义一个map集合,存储替换敏感词汇后的键值对
Map hash=new HashMap();
if (map!=null) {
//获取敏感词汇的所有键
Set<String> sw_keys = pro.stringPropertyNames();
//遍历返回值的所键
for (String key : keys) {
String[] values = map.get(key);
//定义一个集合,储存每个键的所有值
List<String> list=new LinkedList<String>();
//遍历每个键的所有值
for (String value : values) {
//遍历所有敏感词汇
for (String sw_key : sw_keys) {
//返回值包含敏感词汇
if (value.contains(pro.getProperty(sw_key))) {
//替换敏感词汇
value=value.replaceAll(pro.getProperty(sw_key),"***");
}
}
list.add(value);
}
//添加替换敏感词后的键值对
hash.put(key,list.toArray(new String[0]));
}
//返回值
return hash;
}
}
//不是上述方法,返回值原样返回
return method.invoke(req, args);
}
});
//放行(传入代理对象)
chain.doFilter(proxy_req, resp);
}
public void destroy() {
}
}
|
|
收藏
淘帖
踩
