HTML特殊字符过滤器

原创

太虚古龙 2023-05-18 14:13:34 博主文章分类：java web ©著作权

文章标签 html filter string class null 文章分类 Python 后端开发

©著作权归作者所有：来自51CTO博客作者太虚古龙的原创作品，请联系作者获取转载授权，否则将追究法律责任

package com.pdsu.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;

/**
 * 类说明：HTML特殊字符过滤器
 * 
 * @author 作者: LiuJunGuang
 * @version 创建时间：2011-11-18 下午07:36:44
 */
public class HTMLCharacterFilter implements Filter {

	public void init(FilterConfig filterConfig) throws ServletException {

	}

	public void doFilter(ServletRequest req, ServletResponse resp,
			FilterChain chain) throws IOException, ServletException {
		HttpServletRequest request = (HttpServletRequest) req;
		HttpServletResponse response = (HttpServletResponse) resp;
		chain.doFilter(new HTMLCharacterRequest(request), response);
	}

	public void destroy() {

	}
}

// html特殊字符处理类
class HTMLCharacterRequest extends HttpServletRequestWrapper {

	public HTMLCharacterRequest(HttpServletRequest request) {
		super(request);
	}

	@Override
	public String getParameter(String name) {
		return filter(super.getParameter(name));
	}
	@Override
	public String[] getParameterValues(String name) {
		String[] values = super.getParameterValues(name);
		if (values == null || values.length == 0)
			return values;
		for (int i = 0; i < values.length; i++) {
			String str = values[i];
			values[i] = filter(str);
		}
		return values;
	}
	/**
	 * 对特殊的html字符进行编码
	 * 
	 * @param message
	 * @return
	 */
	private String filter(String message) {

		if (message == null)
			return (null);

		char content[] = new char[message.length()];
		message.getChars(0, message.length(), content, 0);
		StringBuilder result = new StringBuilder(content.length + 50);
		for (int i = 0; i < content.length; i++) {
			switch (content[i]) {
			case '<':
				result.append("<");
				break;
			case '>':
				result.append(">");
				break;
			case '&':
				result.append("&");
				break;
			case '"':
				result.append(""");
				break;
			default:
				result.append(content[i]);
			}
		}
		return (result.toString());

	}
}

在web.xml中添加如下内容：

<!-- HTML特殊字符过滤器 -->
  <filter>
  	<filter-name>HTMLFiter</filter-name>
  	<filter-class>com.pdsu.filter.HTMLCharacterFilter</filter-class>
  </filter>
  <filter-mapping>
  	<filter-name>HTMLFiter</filter-name>
  	<url-pattern>/*</url-pattern>
  </filter-mapping>