io.leopard.web.mvc.AbstractView Maven / Gradle / Ivy
The newest version!
package io.leopard.web.mvc;
import io.leopard.web.security.xss.XssException;
import io.leopard.web.security.xss.XssFilter;
import io.leopard.web.security.xss.XssFilterImpl;
import java.io.Writer;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.view.AbstractUrlBasedView;
/**
* 抽象视图
*
* @author 阿海
*
*/
public abstract class AbstractView extends ModelAndView {
protected static Log logger2 = LogFactory.getLog(AbstractView.class);
private static XssFilter xssFilter = new XssFilterImpl();
private boolean xssChecked = false;
public void setXssChecked(boolean xssChecked) {
this.xssChecked = xssChecked;
}
public static void setXssFilter(XssFilter xssFilter) {
AbstractView.xssFilter = xssFilter;
}
private AbstractUrlBasedView view = new AbstractUrlBasedView() {
@Override
protected void renderMergedOutputModel(Map model, HttpServletRequest request, HttpServletResponse response) throws Exception {
String body = null;
try {
body = AbstractView.this.getBody(request, response);
}
catch (XssException e) {
logger2.error(e.getMessage(), e);
body = e.getMessage();
}
if (body == null) {
return;
}
// System.err.println("body:" + body);
if (!xssChecked) {
xssFilter.filter(logger, body);
}
response.setContentType(AbstractView.this.getContentType());
response.setContentLength(body.getBytes().length);
// Flush byte array to servlet output stream.
Writer out = response.getWriter();
out.write(body);
out.flush();
}
};
public AbstractView() {
super.setView(view);
}
public abstract String getContentType();
public abstract String getBody(HttpServletRequest request, HttpServletResponse response);
}