1.
class="java" name="code">
/**
* 过滤器
*/
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain)
throws IOException, ServletException
{
HttpServletRequest request = (HttpServletRequest)req;
String url = request.getQueryString();
if (StringUtils.isEmpty(url) || !pattern.matcher(URLDecoder.decode(url, "utf-8")).matches())
{
chain.doFilter(req, resp);
}
else
{
HttpServletResponse res = (HttpServletResponse)resp;
res.setStatus(403);
res.getOutputStream().write("403".getBytes());
res.getOutputStream().close();
return;
}
}
// 初始化
public void init(FilterConfig cfg)
throws ServletException
{
String redirects= (new StringBuilder(".*(")).append(cfg.getInitParameter("redirects"))
.append(").*")
.toString();
pattern = Pattern.compile(redirects);
}
private Pattern pattern;
2.web.xml
<filter>
<filter-name>SafeFilter</filter-name>
<filter-class>com.SafeFilter</filter-class>
<init-param>
<param-name>redirects</param-name>
<param-value>redirect:|action:|redirectAction:</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>SafeFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>