主要的知識點:
1、headers頭的設定 resp.setHeader("content-disposition", "attachment; fileName=" + URLEncoder.encode(filename,"UTF-8"));
2、io流的使用
public class DownServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String DownPath = req.getSession().getServletContext().getRealPath("/") + req.getParameter("file");
String filename = DownPath.substring(DownPath.lastIndexOf("\\") +1);
resp.setHeader("content-disposition", "attachment; fileName=" + URLEncoder.encode(filename,"UTF-8"));
System.out.println(DownPath);
FileInputStream fileInputStream = new FileInputStream(DownPath);
ServletOutputStream servletOutputStream = resp.getOutputStream();
byte[] bytes = new byte[1024];
int iReadSize;
while((iReadSize = fileInputStream.read(bytes)) != -1){
servletOutputStream.write(bytes, 0, iReadSize);
}
fileInputStream.close();
servletOutputStream.close();
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
<!--下載Servlet-->
<servlet-mapping>
<servlet-name>DownServlet</servlet-name>
<url-pattern>/download</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>DownServlet</servlet-name>
<servlet-class>com.zpchcbd.servlet.DownServlet</servlet-class>
</servlet>
模擬真實環境,將其打包為war包,然后部署到tomcat中,當tomcat啟動,會自動解壓war包為相同名稱的文件夾,如下所示
直接訪問:http://127.0.0.1:8080/smbms/download?file=1.jpg
一般來說war包都會在上一層目錄,所以我們在得到了相關的網站目錄名稱之后,可以直接訪問上一層目錄來對war進行下載分析
訪問:http://127.0.0.1:8080/s1/myresp?file=../smbms.war
然后可以通過反編譯工具直接進行編譯了!
