編寫過濾器控制類

package cn.csservice.cssdj.action.filter;import java.io.IOException;import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse;/*** 自定義過濾器:* 解決struts2重定向開放漏洞* @author shenqz**/ public class MyFilter implements Filter{@Overridepublic void init(FilterConfig filterConfig) throws ServletException {}@Overridepublic void doFilter(ServletRequest requ, ServletResponse resp,FilterChain chain) throws IOException, ServletException {HttpServletRequest request = (HttpServletRequest) requ;HttpServletResponse response = (HttpServletResponse) resp;//獲取urlStringBuffer url = request.getRequestURL();//獲取參數String param = request.getQueryString();if(request.getQueryString() != null){String path = null;int index = param.indexOf("redirect");if(index > 0){path = url.append("?"+param.substring(0, index)).toString();int index2 = path.lastIndexOf("&");if(index2 != -1){response.sendRedirect(path.substring(0, path.length()-1));return;}else{response.sendRedirect(path);return;}}else if(index == 0){response.sendRedirect(url.toString());return;}}chain.doFilter(request, response);}@Overridepublic void destroy() {}}

在web.xml中配置過濾器

<!-- 解決struts2重定向開放漏洞 --><filter><filter-name>myfilter</filter-name><filter-class>cn.csservice.cssdj.action.filter.MyFilter</filter-class></filter><filter-mapping><filter-name>myfilter</filter-name><url-pattern>*.action</url-pattern></filter-mapping>

?

轉載于:https://www.cnblogs.com/shenqz/p/7232455.html

《新程序員》：云原生和全面數字化實踐50位技術專家共同創作，文字、視頻、音頻交互閱讀

總結

以上是生活随笔為你收集整理的过滤器解决Struts2重定向漏洞的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。