This seriesArticleGuidance:
Sessionfilter)
Set a non-Cache Filter)
Set the filter of the site blacklist (bannedaccessfilter)
Compressionfilter)
Stopwordsfilter)
Function Description
You cannot access the current application from a disabled site (IP address) or link to the current application from a disabled site.
For the sake of simplicity, wildcards are not currently supported when the site is disabled. It's just a reference.
For example, to prohibit other websites from referencing image resources on this site, you only need to make some modifications on this basis.
Usage
Add the following content to the Web. xml file of the Java Web project:Code.
<! -- Start to configure the filter for the site blacklist --> <filter-Name> bannedaccessfilter </filter-Name> <filter-class> COM. HMW. filter. bannedaccessfilter </filter-class> <init-param> <description> the site to be disabled, one site occupies one </description> <param-Name> bannedsites </param-Name> <param-value> 192.168.1.101 192.168.1.102 www.csdn.net </param-value> </init-param> </filter> <filter-mapping> <filter-Name> bannedaccessfilter </filter-Name> <URL-patt Ern>/* </url-pattern> </filter-mapping> <! -- The configuration of the filter for setting the site blacklist is complete -->
Filter source code
Package COM. HMW. filter; import Java. io. ioexception; import Java. io. printwriter; import java.net. malformedurlexception; import java.net. URL; import Java. util. hashset; import Java. util. stringtokenizer; import javax. servlet. filter; import javax. servlet. filterchain; import javax. servlet. filterconfig; import javax. servlet. servletexception; import javax. servlet. servletrequest; import javax. servlet. servletresponse; Im Port javax. servlet. HTTP. httpservletrequest; import Org. apache. commons. lang3.stringutils; import Org. apache. log4j. logger;/*** set the filter to disable the site (blacklist) * @ author he mingwang */public class bannedaccessfilter implements filter {static final logger = logger. getlogger (bannedaccessfilter. class); Private hashset bannedsitetable;/*** initialize the configured disabled site list to a hashset */@ overridepublic void Init (filterconfig config) Throw S servletexception {bannedsitetable = new hashset (); string bannedsites = config. getinitparameter ("bannedsites"); // default token set: white space. stringtokenizer Tok = new stringtokenizer (bannedsites); While (Tok. hasmoretokens () {string bannedsite = Tok. nexttoken (); bannedsitetable. add (bannedsite); logger.info ("banned" + bannedsite) ;}}/*** if the request comes from a disabled site or from a link to the disabled site, access is denied. * // @ Overridepublic void dofilter (servletrequest request, servletresponse response, filterchain chain) throws servletexception, ioexception {logger. debug ("bannedaccessfilter: filtering the request... "); httpservletrequest Req = (httpservletrequest) request; string requestinghost = req. getremotehost (); string referringhost = getreferringhost (req. getheader ("Referer"); string bannedsite = NULL; Boolean isbanned = false; If (bannedsitetable. contains (requestinghost) {bannedsite = requestinghost; isbanned = true;} else if (bannedsitetable. contains (referringhost) {bannedsite = referringhost; isbanned = true;} If (isbanned) {showwarning (response, bannedsite);} else {chain. dofilter (request, response);} logger. debug ("bannedaccessfilter: filtering the response... ") ;}@ overridepublic void destroy () {}/ *** Based on the URL, the site where the URL is obtained * @ Param refererringurlstring URL link address * @ return the site where the URL link address is located. If the input parameter is not a URL-compliant string, the system returns null
*/Private string getreferringhost (string refererringurlstring) {If (stringutils. isblank (refererringurlstring) return NULL; try {URL referringurl = new URL (refererringurlstring); Return referringurl. gethost ();} catch (malformedurlexception mue) {// malformedreturn NULL;}/*** if the user is accessing the application from a disabled site, or, you can call this method to display the warning information to the user. * @ Param response HTTP Request Response object * @ Param bannedsite prohibited site * @ throws servletexception * @ throws ioexception * @ author he mingwang */private void showwarning (servletresponse response, string bannedsite) throws servletexception, ioexception {string htmlcode = ""; htmlcode + = "<! Doctype HTML public \ "-// W3C // dtd xhtml 1.0 transitional // en \" \ "http://www.w3.org/tr/xhtml1/dtd/xhtml1-transitional.dtd\"> "; htmlcode + = "<HTML xmlns = \" http://www.w3.org/5o/xhtml\ ">"; htmlcode + = "