特殊文字フィルタの追加バックグラウンドに中国語の文字化けしの問題があります
特殊文字のフィルタリングを修復する問題で、バックグラウンドで受け取った中国語に文字化けしが発生したフィルタが追加された.
パラメータmapを取得するときに下トランスコードを行えばよい.上のクラスのgetParameterMapを以下のように書き換える.
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
public class XssFilter implements Filter{
@Override
public void destroy() {
// TODO Auto-generated method stub
}
@Override
public void doFilter(ServletRequest req, ServletResponse res,
FilterChain chain) throws IOException, ServletException {
// TODO Auto-generated method stub
HttpServletRequest request = (HttpServletRequest)req;
XssWrapper wrapRequest= new XssWrapper(request);
chain.doFilter(wrapRequest, res);
}
@Override
public void init(FilterConfig arg0) throws ServletException {
// TODO Auto-generated method stub
}
}import java.io.UnsupportedEncodingException;
import java.util.Enumeration;
import java.util.Map;
import java.util.Vector;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
public class XssWrapper extends HttpServletRequestWrapper {
private HttpServletRequest request;
private boolean flag=true;
public XssWrapper(HttpServletRequest request) {
super(request);
this.request = request;
}
public Map getParameterMap() {
return super.getParameterMap();
}
public Enumeration getParameterNames() {
Map params = getParameterMap();
Vector l = new Vector( params.keySet());
return l.elements();
}
public String[] getParameterValues(String name) {
Map params = getParameterMap();
Object v = params.get(name);
if (v == null ) {
return null ;
} else if (v instanceof String[]) {
String[] value = (String[]) v;
for (int i = 0; i < value.length; i++) {
value[i] = value[i].replaceAll( "", ">" );
}
return (String[]) value;
} else if (v instanceof String) {
String value = (String) v;
value = value.replaceAll( "", ">" );
return new String[] { (String) value };
} else {
return new String[] { v.toString() };
}
}
public String getParameter(String name) {
Map params = getParameterMap();
Object v = params.get(name);
if (v == null ) {
return null ;
} else if (v instanceof String[]) {
String[] strArr = (String[]) v;
if (strArr.length > 0) {
String value = strArr[0];
value = value.replaceAll( "", ">" );
return (String) value;
} else {
return v.toString();
}
}パラメータmapを取得するときに下トランスコードを行えばよい.上のクラスのgetParameterMapを以下のように書き換える.
//
public Map getParameterMap() {
/**
*
* post request.setchar...(utf-8)
* get map
*/
String method = request.getMethod();
if("post".equalsIgnoreCase(method)){
try {
request.setCharacterEncoding("utf-8");
return request.getParameterMap();
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}else if("get".equalsIgnoreCase(method)){
Map map = request.getParameterMap();
// map value
if(flag){
for (String key:map.keySet()) {
String[] arr = map.get(key);
//
for(int i=0;i