Set the filter of the site blacklist (bannedaccessfilter)

Source: Internet
Author: User

This seriesArticleGuidance:

Sessionfilter)

Set a non-Cache Filter)

Set the filter of the site blacklist (bannedaccessfilter)

Compressionfilter)

Stopwordsfilter)

Function Description

You cannot access the current application from a disabled site (IP address) or link to the current application from a disabled site.
For the sake of simplicity, wildcards are not currently supported when the site is disabled. It's just a reference.
For example, to prohibit other websites from referencing image resources on this site, you only need to make some modifications on this basis.

Usage

Add the following content to the Web. xml file of the Java Web project:Code.

<! -- Start to configure the filter for the site blacklist --> <filter-Name> bannedaccessfilter </filter-Name> <filter-class> COM. HMW. filter. bannedaccessfilter </filter-class> <init-param> <description> the site to be disabled, one site occupies one </description> <param-Name> bannedsites </param-Name> <param-value> 192.168.1.101 192.168.1.102 www.csdn.net </param-value> </init-param> </filter> <filter-mapping> <filter-Name> bannedaccessfilter </filter-Name> <URL-patt Ern>/* </url-pattern> </filter-mapping> <! -- The configuration of the filter for setting the site blacklist is complete -->
Filter source code
Package COM. HMW. filter; import Java. io. ioexception; import Java. io. printwriter; import java.net. malformedurlexception; import java.net. URL; import Java. util. hashset; import Java. util. stringtokenizer; import javax. servlet. filter; import javax. servlet. filterchain; import javax. servlet. filterconfig; import javax. servlet. servletexception; import javax. servlet. servletrequest; import javax. servlet. servletresponse; Im Port javax. servlet. HTTP. httpservletrequest; import Org. apache. commons. lang3.stringutils; import Org. apache. log4j. logger;/*** set the filter to disable the site (blacklist) * @ author he mingwang */public class bannedaccessfilter implements filter {static final logger = logger. getlogger (bannedaccessfilter. class); Private hashset bannedsitetable;/*** initialize the configured disabled site list to a hashset */@ overridepublic void Init (filterconfig config) Throw S servletexception {bannedsitetable = new hashset (); string bannedsites = config. getinitparameter ("bannedsites"); // default token set: white space. stringtokenizer Tok = new stringtokenizer (bannedsites); While (Tok. hasmoretokens () {string bannedsite = Tok. nexttoken (); bannedsitetable. add (bannedsite); logger.info ("banned" + bannedsite) ;}}/*** if the request comes from a disabled site or from a link to the disabled site, access is denied. * // @ Overridepublic void dofilter (servletrequest request, servletresponse response, filterchain chain) throws servletexception, ioexception {logger. debug ("bannedaccessfilter: filtering the request... "); httpservletrequest Req = (httpservletrequest) request; string requestinghost = req. getremotehost (); string referringhost = getreferringhost (req. getheader ("Referer"); string bannedsite = NULL; Boolean isbanned = false; If (bannedsitetable. contains (requestinghost) {bannedsite = requestinghost; isbanned = true;} else if (bannedsitetable. contains (referringhost) {bannedsite = referringhost; isbanned = true;} If (isbanned) {showwarning (response, bannedsite);} else {chain. dofilter (request, response);} logger. debug ("bannedaccessfilter: filtering the response... ") ;}@ overridepublic void destroy () {}/ *** Based on the URL, the site where the URL is obtained * @ Param refererringurlstring URL link address * @ return the site where the URL link address is located. If the input parameter is not a URL-compliant string, the system returns null */Private string getreferringhost (string refererringurlstring) {If (stringutils. isblank (refererringurlstring) return NULL; try {URL referringurl = new URL (refererringurlstring); Return referringurl. gethost ();} catch (malformedurlexception mue) {// malformedreturn NULL;}/*** if the user is accessing the application from a disabled site, or, you can call this method to display the warning information to the user. * @ Param response HTTP Request Response object * @ Param bannedsite prohibited site * @ throws servletexception * @ throws ioexception * @ author he mingwang */private void showwarning (servletresponse response, string bannedsite) throws servletexception, ioexception {string htmlcode = ""; htmlcode + = "<! Doctype HTML public \ "-// W3C // dtd xhtml 1.0 transitional // en \" \ "http://www.w3.org/tr/xhtml1/dtd/xhtml1-transitional.dtd\"> "; htmlcode + = "<HTML xmlns = \" http://www.w3.org/5o/xhtml\ ">"; htmlcode + = "

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.