You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
72 lines
2.3 KiB
72 lines
2.3 KiB
2 years ago
|
package com.fr.plugin;
|
||
|
|
||
|
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
|
||
|
import com.fr.log.FineLoggerFactory;
|
||
|
import com.fr.plugin.transform.ExecuteFunctionRecord;
|
||
|
import com.fr.plugin.transform.FunctionRecorder;
|
||
|
|
||
|
import javax.servlet.FilterChain;
|
||
|
import javax.servlet.FilterConfig;
|
||
|
import javax.servlet.ServletException;
|
||
|
import javax.servlet.http.HttpServletRequest;
|
||
|
import javax.servlet.http.HttpServletResponse;
|
||
|
import java.io.IOException;
|
||
|
import java.io.PrintWriter;
|
||
|
import java.io.StringWriter;
|
||
|
|
||
|
@FunctionRecorder(localeKey = "ffff")
|
||
|
public class SafedFilter extends AbstractGlobalRequestFilterProvider {
|
||
|
@Override
|
||
|
public String filterName() {
|
||
|
return "hfLogin";
|
||
|
}
|
||
|
|
||
|
@Override
|
||
|
public String[] urlPatterns() {
|
||
|
return new String[]{
|
||
|
"/*"
|
||
|
};
|
||
|
}
|
||
|
|
||
|
@Override
|
||
|
public void init(FilterConfig filterConfig) {
|
||
|
SafedConfig.getInstance();
|
||
|
FineLoggerFactory.getLogger().info("安全过滤支持插件初始化");
|
||
|
super.init(filterConfig);
|
||
|
}
|
||
|
|
||
|
@Override
|
||
|
@ExecuteFunctionRecord
|
||
|
public void doFilter(HttpServletRequest request, HttpServletResponse httpServletResponse, FilterChain filterChain) {
|
||
|
try {
|
||
|
if (SafedConfig.getInstance().getOpenFlag()) {
|
||
|
if (!isMultipartContent(request)) {
|
||
|
filterChain.doFilter(new XssFilterWrapper(request), httpServletResponse);
|
||
|
return;
|
||
|
}
|
||
|
}
|
||
|
filterChain.doFilter(request, httpServletResponse);
|
||
|
} catch (IOException | ServletException e) {
|
||
|
printException2FrLog(e);
|
||
|
} catch (Exception e) {
|
||
|
printException2FrLog(e);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
private boolean isMultipartContent(HttpServletRequest request) {
|
||
|
if (!"post".equalsIgnoreCase(request.getMethod())) {
|
||
|
return false;
|
||
|
}
|
||
|
String contentType = request.getContentType(); //获取Content-Type
|
||
|
return (contentType != null) && (contentType.toLowerCase().startsWith("multipart/"));
|
||
|
}
|
||
|
|
||
|
public static void printException2FrLog(Throwable e) {
|
||
|
StringWriter writer = new StringWriter();
|
||
|
e.printStackTrace(new PrintWriter(writer));
|
||
|
String s = writer.toString();
|
||
|
FineLoggerFactory.getLogger().error("错误:{}", s);
|
||
|
}
|
||
|
|
||
|
}
|