public class HTTPWebAuthFilter implements Filter { @Autowired private CommonConfig commonConfig; @Autowired private HttpSession session; @Override public void init(FilterConfig filterConfig) throws ServletException { SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this, filterConfig.getServletContext()); } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpRequest = (HttpServletRequest) request; // 防盗链 String refer = httpRequest.getHeader("Referer"); if(!WebTool1.isNull(refer) && refer.indexOf(commonConfig.getLocalServerName()) < 0){ String str = "<script language='javascript'>alert('您的违规操作将被中止、记录并保留追溯权利!');" + "window.top.location.href='" + httpRequest.getContextPath()+"/bi/init" + "';</script>"; response.setContentType("text/html;charset=UTF-8");// 解决中文乱码 PrintWriter writer = response.getWriter(); try { writer.write(str); writer.flush(); writer.close(); } catch (Exception e) { e.printStackTrace(); }finally{ writer.close(); } return; } if(httpRequest.getRequestURI().endsWith("/login") ){ if(WebTool1.isNull(session.getAttribute(commonConfig.getAccHeader()))){ chain.doFilter(request, response); }else{ if(!WebTool1.isNull(httpRequest.getParameterMap().get("account")) && httpRequest.getParameterMap().get("account").length > 0){ chain.doFilter(request, response); }else{ request.setAttribute("roleModels", session.getAttribute("roleModels")); request.setAttribute("username", session.getAttribute("username")); request.getRequestDispatcher("/WEB-INF/jsp/welcome.jsp").forward(request, response); return; } } }else{ chain.doFilter(request, response); } } @Override public void destroy() { } }
Java 防盗链 Referer
猜你喜欢
转载自xinjiatao.iteye.com/blog/2406758
今日推荐
周排行