• Home
• com.github.hiwepy
• shiro-biz
• 2.0.0.RELEASE
• source code
• HttpServletEscapeHtml4RequestWrapper.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.apache.shiro.biz.web.servlet.http.HttpServletEscapeHtml4RequestWrapper Maven / Gradle / Ivy

package org.apache.shiro.biz.web.servlet.http;

import org.apache.commons.text.StringEscapeUtils;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Map;
import java.util.Map.Entry;


/**
 * 使用 StringEscapeUtils.escapeHtml4()对Http请求中的  Parameter，Header 进行统一的转码处理
 * @author 		： hiwepy
 */
public class HttpServletEscapeHtml4RequestWrapper extends HttpServletRequestWrapper {
	
	public HttpServletEscapeHtml4RequestWrapper(HttpServletRequest request) {
		super(request);
	}
	
	@Override
	public Map getParameterMap() {
		Map request_map = super.getParameterMap();
		Iterator> iterator = request_map.entrySet().iterator();
		while (iterator.hasNext()) {
			Entry me = iterator.next();
			String[] values = (String[]) me.getValue();
			for (int i = 0; i < values.length; i++) {
				// /System.out.println(values[i]);
				values[i] = xssClean(values[i]);
			}
		}
		return request_map;
	}

	@Override
	public String[] getParameterValues(String name) {
		String[] rawValues = super.getParameterValues(name);
		if (rawValues == null){
			return null;
		}
		String[] cleanedValues = new String[rawValues.length];
		for (int i = 0; i < rawValues.length; i++) {
			cleanedValues[i] = xssClean(rawValues[i]);
		}
		return cleanedValues;
	}

	@Override
	public String getParameter(String name) {
		String str = super.getParameter(name);
		if (str == null){
			return null;
		}
		return xssClean(str);
	}

	@Override
	public Enumeration getHeaders(String name) {
        return new EscapeHtml4Enumeration(super.getHeaders(name));
    }
	
	@Override
	public String getHeader(String name) {
		String str = super.getHeader(name);
		if (str == null){
			return null;
		}
		return xssClean(str);
	}
	
	@Override
	public Cookie[] getCookies() {
		Cookie[] existingCookies = super.getCookies();
		if (existingCookies != null) {
			for (int i = 0; i < existingCookies.length; ++i) {
				Cookie cookie = existingCookies[i];
				cookie.setValue(xssClean(cookie.getValue()));
			}
		}
		return existingCookies;
	}

	@Override
	public String getQueryString() {
		return xssClean(super.getQueryString());
	}

	public String xssClean(String taintedHTML) {
		return StringEscapeUtils.escapeHtml4(taintedHTML);
	}
	
	protected HttpServletRequest getHttpServletRequest() {
		 return (HttpServletRequest) super.getRequest();
    }

}