可以新建一個過濾器的類,在類中書寫如下代碼:
public
static
String filterEmoji(String source) {
if
(source !=
null
)
{
Pattern emoji = Pattern.compile (
"[\ud83c\udc00-\ud83c\udfff]|[\ud83d\udc00-\ud83d\udfff]|[\u2600-\u27ff]"
,Pattern.UNICODE_CASE | Pattern . CASE_INSENSITIVE ) ;
Matcher emojiMatcher = emoji.matcher(source);
if
( emojiMatcher.find())
{
source = emojiMatcher.replaceAll(
"*"
);
return
source ;
}
return
source;
}
return
source;
}
如果沒有改變的話,可以在該類中書寫以下代碼:
private static final long serialVersionUID = -5916500037685553487L;
public void destroy() {
// TODO Auto-generated method stub
}
@SuppressWarnings("unchecked")
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain arg2) throws IOException, ServletException {
HttpServletRequest servletrequest = (HttpServletRequest) request;
//新加代碼http://www.2cto.com/kf/201512/455191.html
HttpServletResponse servletresponse = (HttpServletResponse) response;
String param = "";
String paramValue = "";
servletresponse.setContentType("text/html");
servletresponse.setCharacterEncoding("UTF-8");
servletrequest.setCharacterEncoding("UTF-8");
java.util.Enumeration params = request.getParameterNames();
while (params.hasMoreElements()) {
param = (String) params.nextElement();
String[] values = servletrequest.getParameterValues(param);//獲得每個參數的value
for (int i = 0; i < values.length; i++) {
paramValue = values[i];
paramValue = paramValue.replaceAll("<script>", "(*");
paramValue = paramValue.replaceAll("</script>", ")");
paramValue = paramValue.replaceAll("[\ud83c\udc00-\ud83c\udfff]|[\ud83d\udc00-\ud83d\udfff]|[\u2600-\u27ff]", ""); //過濾emoji表情
//這里還可以增加,如領導人 自動轉義成****,可以從數據庫中讀取非法關鍵字。
values[i] = paramValue;
}
//把轉義后的參數重新放回request中
request.setAttribute(param, paramValue);
}
//繼續向下
arg2.doFilter(request, response);
}
public void init(FilterConfig arg0) throws ServletException {
// 初始化
}
}
public void destroy() {
// TODO Auto-generated method stub
}
@SuppressWarnings("unchecked")
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain arg2) throws IOException, ServletException {
HttpServletRequest servletrequest = (HttpServletRequest) request;
//新加代碼http://www.2cto.com/kf/201512/455191.html
HttpServletResponse servletresponse = (HttpServletResponse) response;
String param = "";
String paramValue = "";
servletresponse.setContentType("text/html");
servletresponse.setCharacterEncoding("UTF-8");
servletrequest.setCharacterEncoding("UTF-8");
java.util.Enumeration params = request.getParameterNames();
while (params.hasMoreElements()) {
param = (String) params.nextElement();
String[] values = servletrequest.getParameterValues(param);//獲得每個參數的value
for (int i = 0; i < values.length; i++) {
paramValue = values[i];
paramValue = paramValue.replaceAll("<script>", "(*");
paramValue = paramValue.replaceAll("</script>", ")");
paramValue = paramValue.replaceAll("[\ud83c\udc00-\ud83c\udfff]|[\ud83d\udc00-\ud83d\udfff]|[\u2600-\u27ff]", ""); //過濾emoji表情
//這里還可以增加,如領導人 自動轉義成****,可以從數據庫中讀取非法關鍵字。
values[i] = paramValue;
}
//把轉義后的參數重新放回request中
request.setAttribute(param, paramValue);
}
//繼續向下
arg2.doFilter(request, response);
}
public void init(FilterConfig arg0) throws ServletException {
// 初始化
}
}