摘要:
“);}2.web.xmlImgFiltercom.szh.ImgFilterimg过滤器/img/*正常访问非法访问其他项目中的图片
1.过滤器
public class ImgFilter implementsFilter { @Override public void init(FilterConfig filterConfig) throwsServletException { System.out.println("过滤器开始!!!"); } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throwsIOException, ServletException { //获取当前请求的连接地址和上一个发送请求的地址 HttpServletRequest httprequest=(HttpServletRequest) request; HttpServletResponse httpresponse=(HttpServletResponse) response; //获取上一个发送请求的连接 String referer = httprequest.getHeader("Referer"); String serverName =httprequest.getServerName(); System.out.println(referer+" "+serverName); //||!referer.startsWith("http://www.aproject.com") if (referer==null ||!referer.contains(serverName)){ request.getRequestDispatcher("/img/ffqq.png").forward(request,response); return; } //放行 chain.doFilter(request,response); } @Override public voiddestroy() { System.out.println("过滤器销毁!!!"); } }
2.web.xml
<filter> <filter-name>ImgFilter</filter-name> <filter-class>com.szh.ImgFilter</filter-class> </filter> <filter-mapping> <filter-name>ImgFilter</filter-name> <url-pattern>/img/*</url-pattern> </filter-mapping>
正常访问
非法访问 从另一个项目中访问图片
