| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111 |
- package cn.com.goldenwater.dcproj.intercepter;
- import cn.com.goldenwater.dcproj.constValue.SplitValue;
- import cn.com.goldenwater.dcproj.utils.RequestUtils;
- import cn.com.goldenwater.dcproj.utils.ReturnUtils;
- import org.apache.commons.lang3.StringUtils;
- import org.springframework.beans.factory.annotation.Value;
- import org.springframework.stereotype.Component;
- import org.springframework.web.context.request.NativeWebRequest;
- import org.springframework.web.context.request.RequestAttributes;
- import org.springframework.web.context.request.ServletWebRequest;
- import org.springframework.web.multipart.MultipartFile;
- import org.springframework.web.multipart.MultipartHttpServletRequest;
- import org.springframework.web.servlet.HandlerInterceptor;
- import org.springframework.web.servlet.HandlerMapping;
- import org.springframework.web.servlet.ModelAndView;
- import org.springframework.web.servlet.View;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- import java.io.PrintWriter;
- import java.util.Iterator;
- import java.util.Map;
- @Component
- public class FileCheckInterceptor implements HandlerInterceptor {
- @Value("${notFileAllow}")
- private String notFileAllow;
- @Override
- public boolean preHandle(HttpServletRequest request,
- HttpServletResponse response, Object handler) throws Exception {
- /* NativeWebRequest webRequest = new ServletWebRequest(request);
- Map<String, String> map = (Map<String, String>) webRequest.getAttribute(HandlerMapping.URI_TEMPLATE_VARIABLES_ATTRIBUTE, RequestAttributes.SCOPE_REQUEST);
- if(map!=null && !map.isEmpty()){
- for(String key:map.keySet()){
- String value=map.get(key);
- String content=RequestUtils.cleanScript(value);
- if(content.contains("error-333:")){
- ReturnUtils.responseFail(response,"参数存在异常,请仔细检查",5555);
- return false;
- }
- }
- }*/
- // 判断是否为文件上传请求
- if (request != null && request instanceof MultipartHttpServletRequest) {
- MultipartHttpServletRequest multipartRequest = (MultipartHttpServletRequest) request;
- Map<String, MultipartFile> files = multipartRequest.getFileMap();
- Iterator<String> iterator = files.keySet().iterator();
- if (StringUtils.isBlank(notFileAllow)) {
- //无约束
- return true;
- }
- String[] notArrays = notFileAllow.split(SplitValue.FENHAO_SPLIT);
- if (notArrays.length == 0) {
- //无约束
- return true;
- }
- String filename = "";
- MultipartFile multipartFile = null;
- while (iterator.hasNext()) {
- String formKey = (String) iterator.next();
- multipartFile = multipartRequest.getFile(formKey);
- filename = multipartFile.getOriginalFilename();
- int lastIndexOf = filename.lastIndexOf(".");
- filename = filename.substring(lastIndexOf);
- boolean isFound = false;
- for (String str : notArrays) {
- if (StringUtils.isBlank(str)) {
- continue;
- }
- if (filename.equals(str) || filename.trim().equals(str)) {
- isFound = true;
- break;
- }
- }
- if (isFound) {
- response.setCharacterEncoding("UTF-8");
- response.setContentType("application/json;charset=utf-8");
- PrintWriter printWriter = response.getWriter();
- printWriter.write("上传文件有异常,已被系统禁止!");
- return false;
- }
- multipartFile = null;
- }
- }
- return true;
- }
- @Override
- public void postHandle(HttpServletRequest request,
- HttpServletResponse response, Object handler,
- ModelAndView modelAndView) throws Exception {
- // TODO Auto-generated method stub
- }
- @Override
- public void afterCompletion(HttpServletRequest request,
- HttpServletResponse response, Object handler, Exception ex)
- throws Exception {
- // TODO Auto-generated method stub
- }
- }
|
