XSSFilter.java 文件源码

java
阅读 29 收藏 0 点赞 0 评论 0
项目:unitimes 作者: 
/**
   * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest,
   *      javax.servlet.ServletResponse, javax.servlet.FilterChain)
   */
  public void doFilter( ServletRequest request, 
                      ServletResponse response,
                      FilterChain chain ) throws IOException, ServletException {

      // Get Filter Init Parameters
      String replaceStrParam = filterConfig.getInitParameter("replace_string");
      String addlCharsParam = filterConfig.getInitParameter("additional_chars");

      // Set variables
      if(replaceStrParam!=null)
          replaceStr = replaceStrParam;
      if(addlCharsParam!=null)
          addlChars = addlCharsParam;

      // Construct allowed characters pattern
      String charPattern = "([^" + charsAllowed + addlChars + "]+)(%0A)";        

      // Instantiate actual filter
      RequestXSSFilter rxs = new RequestXSSFilter( 
              (HttpServletRequest) request, replaceStr, charPattern);

// Process request
chain.doFilter(rxs,response);

  }
您未登录,请先登录后再评论
评论列表
文章目录


问题


面经


文章

微信
公众号

扫码关注公众号