我的漫漫程序之旅

专注于JavaWeb开发
随笔 - 39, 文章 - 310, 评论 - 411, 引用 - 0
数据加载中……

简单的防盗链过滤器

简单的防盗链过滤器代码,保护cwb目录和dir2目录下的zip文件不被盗链。
一、web.xml文件
<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi
="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation
="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version
="2.4">

<display-name>Welcome to Tomcat</display-name>
<description>
  Welcome to Tomcat
</description>
<filter>
  
<filter-name>SecurityFilter</filter-name>
  
<filter-class>example.SecurityFilter</filter-class>
</filter>

<filter-mapping>
  
<filter-name>SecurityFilter</filter-name>
  
<url-pattern>/dir2/*</url-pattern>
</filter-mapping> 
<filter-mapping>
  
<filter-name>SecurityFilter</filter-name>
  
<url-pattern>/cwb/*</url-pattern>
</filter-mapping> 

<servlet> 
  
<servlet-name>log4j-init</servlet-name> 
  
<servlet-class>example.Log4jInit</servlet-class> 
  
<init-param> 
    
<param-name>log4j</param-name> 
    
<param-value>WEB-INF/log4j.properties</param-value> 
  
</init-param> 
<load-on-startup>1</load-on-startup> 
</servlet> 

</web-app>


二、过滤器代码
package example;

import javax.servlet.Filter;
import javax.servlet.FilterConfig;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.*;
import java.io.IOException;
import java.util.Iterator;
import java.util.Set;
import java.util.HashSet;
import org.apache.log4j.*;


public class SecurityFilter implements Filter {
    
    
private static final String JAVA3Z_URL = "http://www.java3z.com/cwbwebhome/index.html";
        
private static final String K_URL="http://www.xxx.com/index.html";
    
    
      
private Logger logger = Logger.getLogger("this.SecurityFilter");
    
    
    
    
/**
     * Initializes the Filter.
     
*/

    
public void init(FilterConfig filterConfig) throws ServletException {
        
        
    }

    
    
/**
     * Standard doFilter object.
     
*/

    
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
            
throws IOException, ServletException {
      
//logger.info("doFilter");
         HttpServletRequest req1=(HttpServletRequest)req;
         HttpServletResponse res1
=(HttpServletResponse)res;
      String contextPath 
= req1.getContextPath();    
      String requestUri 
= req1.getRequestURI();
      
//logger.info("requestUri = " + requestUri);

         String referer
=req1.getHeader("Referer");
         
         
if(referer!=null&&referer.indexOf("www.java3z.com"< 0&&referer.indexOf("www.xxx.com"< 0){
            
        
if(requestUri.indexOf("cwb")!=-1){
                 res1.sendRedirect(JAVA3Z_URL);
              }
else{
                  res1.sendRedirect(K_URL);
              }

         }
else{
                   chain.doFilter(req, res);
        }

    }

    
    
public void destroy() {} 
    
    }




posted on 2008-02-17 22:14 々上善若水々 阅读(2038) 评论(0)  编辑  收藏 所属分类: JavaWeb


只有注册用户登录后才能发表评论。


网站导航: