如果没有从客户端进行编码-如果在Servlet中处理请求之前遵循以下任何策略通过编码,您仍然可以实现此目标:
- 使用Spring预处理器bean预处理控制器端点请求
- 使用Spring AspectJ预处理控制器端点请求
- 使用Spring Servlet过滤器预处理控制器端点请求
使用以上任何一种横切策略,您都可以对请求URL进行编码,然后传递回端点。
例如,以下是使用过滤器的一种实现。如果需要更好的性能,可以在此进行一些缓存。
@Componentpublic class SomeFilter implements Filter { private static final Logger LOGGER = LoggerFactory.getLogger(SomeFilter.class); @Override public void init(final FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, final FilterChain filterChain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletRequest modifiedRequest = new SomeHttpServletRequest(request); filterChain.doFilter(modifiedRequest, servletResponse); } @Override public void destroy() { } class SomeHttpServletRequest extends HttpServletRequestWrapper { HttpServletRequest request; SomeHttpServletRequest(final HttpServletRequest request) { super(request); this.request = request; } @Override public String getQueryString() { String queryString = request.getQueryString(); LOGGER.info("Original query string: " + queryString); try { // You need to escape all your non enpred special characters here String specialChar = URLEnprer.enpre("%", "UTF-8"); queryString = queryString.replaceAll("\%\%", specialChar + "%"); String depred = URLDeprer.depre(queryString, "UTF-8"); LOGGER.info("Modified query string: " + depred); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } return queryString; } @Override public String getParameter(final String name) { String[] params = getParameterMap().get(name); return params.length > 0 ? params[0] : null; } @Override public Map<String, String[]> getParameterMap() { String queryString = getQueryString(); return getParamsFromQueryString(queryString); } @Override public Enumeration<String> getParameterNames() { return Collections.enumeration(getParameterMap().keySet()); } @Override public String[] getParameterValues(final String name) { return getParameterMap().get(name); } private Map<String, String[]> getParamsFromQueryString(final String queryString) { String depred = ""; try { depred = URLDeprer.depre(queryString, "UTF-8"); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } String[] params = depred.split("&"); Map<String, List<String>> collect = Stream.of(params) .map(x -> x.split("=")) .collect(Collectors.groupingBy( x -> x[0], Collectors.mapping( x -> x.length > 1 ? x[1] : null, Collectors.toList()))); Map<String, String[]> result = collect.entrySet().stream() .collect(Collectors.toMap( x -> x.getKey(), x -> x.getValue() .stream() .toArray(String[]::new))); return result; } }}
