我的漫漫程序之旅

专注于JavaWeb开发
随笔 - 39, 文章 - 310, 评论 - 411, 引用 - 0
数据加载中……

简单的防盗链过滤器

简单的防盗链过滤器代码,保护cwb目录和dir2目录下的zip文件不被盗链。
一、web.xml文件
<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">

<display-name>Welcome to Tomcat</display-name>
<description>
  Welcome to Tomcat
</description>
<filter>
  <filter-name>SecurityFilter</filter-name>
  <filter-class>example.SecurityFilter</filter-class>
</filter>

<filter-mapping>
  <filter-name>SecurityFilter</filter-name>
  <url-pattern>/dir2/*</url-pattern>
</filter-mapping> 
<filter-mapping>
  <filter-name>SecurityFilter</filter-name>
  <url-pattern>/cwb/*</url-pattern>
</filter-mapping> 

<servlet> 
  <servlet-name>log4j-init</servlet-name> 
  <servlet-class>example.Log4jInit</servlet-class> 
  <init-param> 
    <param-name>log4j</param-name> 
    <param-value>WEB-INF/log4j.properties</param-value> 
  </init-param> 
<load-on-startup>1</load-on-startup> 
</servlet> 

</web-app>


二、过滤器代码
package example;

import javax.servlet.Filter;
import javax.servlet.FilterConfig;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.*;
import java.io.IOException;
import java.util.Iterator;
import java.util.Set;
import java.util.HashSet;
import org.apache.log4j.*;


public class SecurityFilter implements Filter {
    
    private static final String JAVA3Z_URL = "http://www.java3z.com/cwbwebhome/index.html";
        private static final String K_URL="http://www.xxx.com/index.html";
    
    
      private Logger logger = Logger.getLogger("this.SecurityFilter");
    
    
    
    /**
     * Initializes the Filter.
     */
    public void init(FilterConfig filterConfig) throws ServletException {
        
        
    }
    
    /**
     * Standard doFilter object.
     */
    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
            throws IOException, ServletException {
      //logger.info("doFilter");
         HttpServletRequest req1=(HttpServletRequest)req;
         HttpServletResponse res1=(HttpServletResponse)res;
      String contextPath = req1.getContextPath();    
      String requestUri = req1.getRequestURI();
      //logger.info("requestUri = " + requestUri);

         String referer=req1.getHeader("Referer");
         
         if(referer!=null&&referer.indexOf("www.java3z.com"< 0&&referer.indexOf("www.xxx.com"< 0){
            
        if(requestUri.indexOf("cwb")!=-1){
                 res1.sendRedirect(JAVA3Z_URL);
              }else{
                  res1.sendRedirect(K_URL);
              }
         }else{
                   chain.doFilter(req, res);
        }
    }
    
    public void destroy() {} 
    
    }



posted on 2008-02-17 22:14 々上善若水々 阅读(2044) 评论(0)  编辑  收藏 所属分类: JavaWeb


只有注册用户登录后才能发表评论。
网站导航: