jsp-leak Check

Translated JSP, inheriting httpjspbase implements Jspsourcedependent interface

_jspinit ()
_jspdestroy ()
_jspservice ()

1. Javax.servlet.jsp.PageContext PageContext
2. Application = Pagecontext.getservletcontext ();
3. config = Pagecontext.getservletconfig ();
4. Session = Pagecontext.getsession ();
5. Out = Pagecontext.getout ();
6. Java.lang.Object page = this;
7. Javax.servlet.http.HttpServletRequest response
8. Javax.servlet.http.HttpServletResponse Request
9 exception

Pagecontex Application config session out
Page Request Responce exception

JSP directive include Taglib page

The include directive is a static inclusion, and all of the multiple JSP pages it contains are compiled into a servlet file

And the opposite is

Reques.getrequestdispatcher ("x.jsp"). Include (REQUEST,RESPONCSE);

It contains all the multiple JSP pages that are compiled into multiple servlet files. The execution of the time in the dynamic inclusion of content comes in.

Interview questions: The difference between static inclusions and dynamic inclusions:

Static include: Compile-time contains, all of the multiple JSP pages included compiled into a servlet file, high efficiency
Dynamic inclusion: Runtime contains, all multiple JSP pages compiled into multiple servlet files, when executed in the dynamic inclusion of content in.

Pagecontext.forword (); Actually this is Reques.ggetrequestdispatcher (). ForWord ()
Pagecontext.include (); This is actually reques.ggetrequestdispatcher (). Include ()

Pagecontext.getattribute ("", scope)//Find page request session application from the four domains

JSP operating principle:
When the JSP page is accessed for the first time, the Web server requests the JSP engine to process it.
The JSP engine first translates the JSP paging file into a Java file, which is a JSP that is translated into a servlet,
The server compiles the former Java file into a bytecode file and executes the bytecode file in response to the client's request.
When the JSP page is requested again, the JSP engine calls the loaded servlet directly as long as the JSP file is not altered.

Out
The type of Out is Jspwrite
The jspwrite is equivalent to a printwrite with a cache function amount.
The Buffer property of the page directive can adjust the cache size or close

Only if the content is written to an out object, and if any of the following conditions are met. The Out object will not call the Servletresponse.getwrite method
The Printwrite object of the method actually writes the buffer contents of the Out object to the buffer provided by the servlet engine.
1. Setting the Buffer property specified by page closes the cache function for an Out object
The buffer for the 2.out object is full
3. End of entire JSP page

Interview question: How an out implicit object works.

Calls the data written by the Out object method, first stored in the buffer of the Jspwrite object
When the buffer of the Jspwrite object is full or the entire JSP page ends
The Jspwrite object calls the Write () method of the Printwrite object returned by the Servletresponse.getwrite () method to write the data to the response buffer.

<jsp:include>---> Dynamic inclusion, run-time contains
<jsp:forward>---> Home adjustment. Home Page Cannot configure servlet,

<jsp:param> How to use the page pass parameter to forward

Map jsp--> Map servlet

<Setvlet>
<servlet-name>xxx</servlet-name>
<jsp-file>/14.jsp</jsp-file>
</Setvlet>
<Servlet-mapping>
<Servlet-name>xxx</Setvlet-name>
<url-pattern>/index.html</url-pattern>
</Servlet-mapping>

jsp-leak Check