import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
导入javax.servlet.filter;
导入javax.servlet.filter chain;
导入javax.servlet.filter config;
导入javax.servlet.servlet exception;
导入javax.servlet.servlet request;
导入javax.servlet.servlet response;
import javax.servlet.http.http servlet请求;import javax.servlet.http.HttpServletRequestWrapper; (wrapper:包装器,封装器)
importorg.Apache.com mons.text.stringescapeutils;
publicclassxssfilterimplementsfilter {
@Override
公共void init (过滤器配置文件配置) throws ServletException {
}
@Override
public void doFilter (焦芹菜,真正的马里奥,过滤器通道) ) throws IOException,ServletException { )。
chain.do filter (newxsshttpservletrequestwrapper ) (httpservletrequest ),response );
}
@Override
公共语音目录
}
//自定义内部类
publicclassxsshttpservletrequestwrapperextendshttpservletrequestwrapper {
publicxsshttpservletrequestwrapper {
super (请求;
}
@Override
公共字符串获取头(字符串名称)。
returnstringescapeutils.escape html4(super.get header (name ) );
}
@Override
公共字符串获取查询字符串(
returnstringescapeutils.escape html4(super.get query string ();
}
@Override
公共字符串获取参数(字符串名称) {
returnstringescapeutils.escape html4(super.getparameter (name ) );
}
@Override
公共地图获取参数地图
MapString,string [ ] map1=super.getparameter map (;
MapString,string[] escapsemap=newhashmapstring,string [ ];
SetString keys=map1.keySet (;
for(stringkey:keys ) {
string[]valarr=map1.get(key );
if(Valarr!=null valArr.length 0) {
string [ ] escapsevalarr=new string [ valarr.length ];
for(intI=0; i valArr.length; I ) {
stringescapseval=stringescapeutils.escape html4(valarr [ I ];
escapseValArr[i]=escapseVal;
}
escapsemap.put(key,escapseValArr;
}
}
返回速度映射;
}
@Override
公共字符串[ ] getparameter values {
string [ ] values=super.getparameter values (name;
if (值!=空) {
int length=values.length;
string [ ] escapsevalues=new string [ length ];
for(intI=0; i length; I ) {
escapsevalues [ I ]=stringescapeutils.escape html4(values [ I ];
}
返回封装值;
}
return super.getparameter values (name;
}
}
}