| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214 |
- package cn.com.goldenwater.dcproj.filter;
- import net.sf.json.JSONArray;
- import net.sf.json.JSONObject;
- import org.apache.commons.lang3.StringUtils;
- import org.slf4j.LoggerFactory;
- import javax.servlet.ReadListener;
- import javax.servlet.ServletInputStream;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- import java.io.*;
- import java.nio.charset.StandardCharsets;
- import java.util.ArrayList;
- import java.util.HashMap;
- import java.util.List;
- import java.util.Map;
- /**
- * @author 81229
- * 防xss攻击方案
- */
- public class XssHttpServletRequestWrapper extends BodyReaderHttpServletRequestWrapper {
- private final String badStr = "'|and|exec|execute|insert|select|delete|update|count|drop|" +
- "char|declare|sitename|net user|xp_cmdshell|;|or|+|like'|and|create|" +
- "table|from|grant|use|group_concat|column_name" +
- "information_schema.columns|table_schema|union|where|" +
- "chr|mid|master|truncate|--|,|like|//|/|%|frame|style|script|DBMS_PIPE|**/";
- private org.slf4j.Logger logger = LoggerFactory.getLogger(getClass());
- /**
- * Constructs a request object wrapping the given request.
- *
- * @param request The request to wrap
- * @throws IllegalArgumentException if the request is null
- */
- HttpServletRequest request;
- HttpServletResponse response;
- public XssHttpServletRequestWrapper(HttpServletRequest request, HttpServletResponse response) {
- super(request);
- this.request = request;
- this.response = response;
- }
- @Override
- public String getHeader(String name) {
- String value = super.getHeader(name);
- if (StringUtils.isEmpty(value)) {
- return value;
- } else {
- return cleanXSS(value);
- }
- }
- @Override
- public String getParameter(String name) {
- String value = super.getParameter(name);
- if (StringUtils.isEmpty(value)) {
- return value;
- } else {
- return cleanXSS(value);
- }
- }
- @Override
- public Object getAttribute(String name) {
- Object object = super.getAttribute(name);
- if (object instanceof Map) {
- return getParams((Map<String, Object>) object);
- }
- if (object instanceof String) {
- return cleanXSS(object + "");
- }
- return object;
- }
- @Override
- public String[] getParameterValues(String name) {
- String[] values = super.getParameterValues(name);
- if (values != null) {
- int length = values.length;
- String[] escapseValues = new String[length];
- for (int i = 0; i < length; i++) {
- escapseValues[i] = cleanXSS(values[i]);
- }
- return escapseValues;
- }
- return super.getParameterValues(name);
- }
- private Map<String, Object> getParams(Map<String, Object> map) {
- Map<String, Object> resultMap = new HashMap<>();
- for (String key : map.keySet()) {
- Object val = map.get(key);
- if (map.get(key) instanceof String) {
- resultMap.put(key, cleanXSS(val.toString()));
- } else {
- resultMap.put(key, val);
- }
- }
- return resultMap;
- }
- @Override
- public ServletInputStream getInputStream() throws IOException {
- String str = getRequestBody(super.getInputStream());
- if (StringUtils.isNotBlank(str)) {
- if (str.startsWith("{")) {
- JSONObject jsonObject = JSONObject.fromObject(str);
- Map<String, Object> map = (Map<String, Object>) JSONObject.toBean(jsonObject, Map.class);
- str = JSONObject.fromObject(getParams(map)).toString();
- } else if (str.startsWith("[")) {
- JSONArray jsonArray = JSONArray.fromObject(str);
- List<Map<String, Object>> paramsList = new ArrayList<>();
- if (jsonArray != null && jsonArray.size() > 0) {
- if (jsonArray.get(0) instanceof JSONArray) {
- for (int i = 0; i < jsonArray.size(); i++) {
- JSONObject jsonObject = jsonArray.getJSONObject(i);
- Map<String, Object> map = (Map<String, Object>) JSONObject.toBean(jsonObject, Map.class);
- paramsList.add(getParams(map));
- }
- str = JSONArray.fromObject(paramsList).toString();
- }
- }
- }
- }
- final ByteArrayInputStream bais = new ByteArrayInputStream(str.getBytes());
- return new ServletInputStream() {
- @Override
- public int read() {
- return bais.read();
- }
- @Override
- public boolean isFinished() {
- return false;
- }
- @Override
- public boolean isReady() {
- return false;
- }
- @Override
- public void setReadListener(ReadListener listener) {
- }
- };
- }
- private String cleanXSS(String value) {
- // value = RequestUtils.cleanScript(value);
- // if (value.contains("error-333:")){
- // try {
- // ReturnUtils.responseFail(response, "路径存在异常,请仔细检查", 5555);
- // } catch (Exception e) {
- // e.printStackTrace();
- // }
- // return "";
- // }
- /* value = value.replaceAll("'", "& #39;");
- value = value.replaceAll("eval\\((.*)\\)", "");
- value = value.replaceAll("[\\\"\\\'][\\s]*javascript:(.*)[\\\"\\\']", "\"\"");
- value = value.replaceAll("script", "");
- // value = value.replaceAll("[*]","["+"*]");
- value = value.replaceAll("[?]","["+"?]");
- String[] values = value.split(" ");
- String[] badStrs = badStr.split("\\|");
- for (int i = 0;i<badStrs.length;i++){
- for (int j = 0;j<values.length;j++){
- if (values[j].equalsIgnoreCase(badStrs[i])){
- values[j] = "forbid";
- }
- }
- }
- StringBuilder sb = new StringBuilder();
- for (int i = 0;i<values.length;i++){
- if (i == values.length-1){
- sb.append(values[i]);
- } else {
- sb.append(values[i]+" ");
- }
- }
- value = sb.toString();*/
- // System.out.println("outer-->"+value);
- return value;
- }
- public static String getRequestBody(InputStream stream) {
- String line = "";
- StringBuilder body = new StringBuilder();
- // 读取POST提交的数据内容
- BufferedReader reader = new BufferedReader(new InputStreamReader(stream, StandardCharsets.UTF_8));
- try {
- while ((line = reader.readLine()) != null) {
- body.append(line);
- }
- } catch (IOException e) {
- e.printStackTrace();
- }
- return body.toString();
- }
- }
|