1.思维导图
2.代码部分
过滤器:屏蔽敏感词
@WebFilter(
filterName = "SensitiveWordsFilter" ,
urlPatterns = "/*",
initParams = {
@WebInitParam(name = "word1",value = "山寨"),
@WebInitParam(name = "word2" ,value = "水货"),
@WebInitParam(name = "word3" ,value = "盗版"),
@WebInitParam(name = "word4",value = "刻录")
})
public class SensitiveWordsFilter implements Filter {
//敏感词
List<String> sensitiveWords = new ArrayList<>();
public void init(FilterConfig config) throws ServletException {
Enumeration<String> parameterNames = config.getInitParameterNames();
while (parameterNames.hasMoreElements()) {
String sensitiveWord = config.getInitParameter(parameterNames.nextElement());
sensitiveWords.add(sensitiveWord);
}
}
public void destroy() {
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
System.out.println("SensitiveWordsFilter doFilter");
HttpServletRequest request = (HttpServletRequest) req;
//增强request下的getParameter方法
HttpServletRequest requestPrxoy = (HttpServletRequest) Proxy.newProxyInstance(
request.getClass().getClassLoader(),
request.getClass().getInterfaces(),
new InvocationHandler() {
@Override
public Object invoke(Object proxy, Method method, Object[] args) throws Throwable {
//增强getParameter方法
Object returnValue = null;
String methodName = method.getName();
if ("getParameter".equals(methodName)) {
//returnValue就是getParameter方法的返回值,可能会存在敏感词
String returnValue1 = (String)method.invoke(request, args);
//开始处理敏感词
for (String sensitiveWord : sensitiveWords) {
if (returnValue1.contains(sensitiveWord)) {
//getParameter方法的返回值包含敏感词
returnValue1 = returnValue1.replace(sensitiveWord,"***");
}
}
return returnValue1;
} else {
returnValue = method.invoke(request, args);
}
return returnValue;
}
});
chain.doFilter(requestPrxoy, resp);
}
}
一类监听器
public class MyListener01 implements ServletContextListener {
@Override
public void contextInitialized(ServletContextEvent sce) {
//监听ServletContext域的初始化,随着服务器的启动
System.out.println("ServletContext初始化");
}
@Override
public void contextDestroyed(ServletContextEvent sce) {
//监听ServletContext域的销毁,随着服务器的关闭
System.out.println("ServletContext销毁");
}
}
<listener>
<listener-class>com.qfedu.listener.MyListener01</listener-class>
</listener>
二类监听器
public class MyServletContextAttributeListener implements ServletContextAttributeListener {
@Override
public void attributeAdded(ServletContextAttributeEvent scae) {
//监听ServletContext域对象中属性添加
System.out.println("ServletContext added");
}
@Override
public void attributeReplaced(ServletContextAttributeEvent scae) {
//监听ServletContext域对象中属性值被替换
System.out.println("ServletContext replaced");
}
@Override
public void attributeRemoved(ServletContextAttributeEvent scae) {
//监听ServletContext域对象中属性值移除
System.out.println("ServletContext removed");
}
}
<listener>
<listener-class>com.qfedu.listener.MyServletContextAttributeListener</listener-class>
</listener>
三类监听器
public class User implements HttpSessionBindingListener {
@Override
public void valueBound(HttpSessionBindingEvent event) {
System.out.println("User绑定");
}
@Override
public void valueUnbound(HttpSessionBindingEvent event) {
System.out.println("User解绑");
}
}
- 注:HttpSessionBindingListener 不需要配置web.xml
