跨站点请求伪造漏洞

原创

v512345 2015-03-23 23:49:08 博主文章分类：开发中漏洞总结6 ©著作权

©著作权归作者所有：来自51CTO博客作者v512345的原创作品，请联系作者获取转载授权，否则将追究法律责任

解决办法：写一个filter进行拦截

package frameWork.common.core.filter;

import java.io.IOException;
import java.util.ArrayList;
import java.util.List;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class FilterHttpServlertRequest implements Filter {
   private List<String> list = new ArrayList<String>(); //这些链接要进行登录检查

   @Override
   public void destroy() {
       // TODO Auto-generated method stub

   }

   @Override
   public void doFilter(ServletRequest arg0, ServletResponse arg1,
           FilterChain chain) throws IOException, ServletException {
       HttpServletRequest request = (HttpServletRequest) arg0;
       HttpServletResponse response = (HttpServletResponse) arg1;
       HttpSession session = request.getSession();
       String customerNo = (String) session.getAttribute("customerno");
       StringBuffer url = request.getRequestURL();
//解决跨站点请求伪造
       String referer = request.getHeader("Referer");
       if ((referer != null)
               && !(referer.trim().startsWith("http://www.51huoniu.com")
                       || referer.trim().startsWith("http://51huoniu.com")
                       || referer.trim().startsWith("http://www.huoniu18.com")
                       || referer.trim().startsWith("http://localhost:8080") || referer
                       .trim().startsWith("http://121.41.112.100:8888"))) {
           response.sendRedirect("/webpage/index.jsp");
       }

       if (customerNo == null || "".equals(customerNo)) {
           for (String u : list) {
               if (url.toString().indexOf(u) > 0) {
                   response.sendRedirect("/webpage/index.jsp");
               }
           }
       }
       chain.doFilter(request, response);

   }

   @Override
   public void init(FilterConfig arg0) throws ServletException {
       String byDay = arg0.getInitParameter("byDay");
       String byMonth = arg0.getInitParameter("byMonth");
       String myForce = arg0.getInitParameter("myForce");
       String myFance = arg0.getInitParameter("myFance");
       String myPackage = arg0.getInitParameter("myPackage");
       String smrz = arg0.getInitParameter("smrz");
       list.add(smrz);
       list.add(myPackage);
       list.add(byDay);
       list.add(byMonth);
       list.add(myForce);
       list.add(myFance);
   }

}

<filter>
    <filter-name>jsp</filter-name>
    <filter-class>frameWork.common.core.filter.FilterHttpServlertRequest</filter-class>
    <init-param>
      <param-name>byDay</param-name>
      <param-value>/webpage/personalCenter/byDay</param-value>
    </init-param>
     <init-param>
      <param-name>byMonth</param-name>
      <param-value>/webpage/personalCenter/byMonth</param-value>
    </init-param>
     <init-param>
      <param-name>myForce</param-name>
      <param-value>/personalCenter/myGZ</param-value>
    </init-param>
    <init-param>
      <param-name>myFance</param-name>
      <param-value>/personalCenter/myFans</param-value>
    </init-param>
      <init-param>
      <param-name>myPackage</param-name>
      <param-value>/webpage/personalCenter/p_redpackage</param-value>
    </init-param>
     <init-param>
      <param-name>smrz</param-name>
      <param-value>/webpage/customerInfo/smrz</param-value>
    </init-param>
</filter>
   <filter-mapping>
    <filter-name>jsp</filter-name>
    <url-pattern>*.jsp</url-pattern>
</filter-mapping>

<filter-mapping>
    <filter-name>jsp</filter-name>
    <url-pattern>*.do</url-pattern>
</filter-mapping>