open-JSD-9719/src/main/java/com/fr/plugin/SafedFilter.java

package com.fr.plugin;

import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
import com.fr.log.FineLoggerFactory;
import com.fr.plugin.transform.ExecuteFunctionRecord;
import com.fr.plugin.transform.FunctionRecorder;

import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.StringWriter;

@FunctionRecorder(localeKey = "ffff")
public class SafedFilter extends AbstractGlobalRequestFilterProvider {
    @Override
    public String filterName() {
        return "hfLogin";
    }

    @Override
    public String[] urlPatterns() {
        return new String[]{
                "/*"
        };
    }

    @Override
    public void init(FilterConfig filterConfig) {
        SafedConfig.getInstance();
        FineLoggerFactory.getLogger().info("安全过滤支持插件初始化");
        super.init(filterConfig);
    }

    @Override
    @ExecuteFunctionRecord
    public void doFilter(HttpServletRequest request, HttpServletResponse httpServletResponse, FilterChain filterChain) {
        try {
            if (SafedConfig.getInstance().getOpenFlag()) {
                if (!isMultipartContent(request)) {
                    filterChain.doFilter(new XssFilterWrapper(request), httpServletResponse);
                    return;
                }
            }
            filterChain.doFilter(request, httpServletResponse);
        } catch (IOException | ServletException e) {
            printException2FrLog(e);
        } catch (Exception e) {
            printException2FrLog(e);
        }
    }

    private boolean isMultipartContent(HttpServletRequest request) {
        if (!"post".equalsIgnoreCase(request.getMethod())) {
            return false;
        }
        String contentType = request.getContentType();    //获取Content-Type
        return (contentType != null) && (contentType.toLowerCase().startsWith("multipart/"));
    }

    public static void printException2FrLog(Throwable e) {
        StringWriter writer = new StringWriter();
        e.printStackTrace(new PrintWriter(writer));
        String s = writer.toString();
        FineLoggerFactory.getLogger().error("错误：{}", s);
    }

}