Servlet 1 http请求,响应消息头,状态码 盗链机制
目录:
设置响应消息头:refresh,实现5秒后 自动跳转 index.html
设置响应消息头状态码302,实现请求 重定向
判断请求消息头,referer,实现防盗链
利用URL对象,伪造referer消息头,破解防盗链机制
*注:Servlet在web.xml文件中有配置,注意查看
设置响应消息头:refresh,实现5秒后 自动跳转 index.html
package cn.itcast.servlet; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * 5秒后 自动跳转 index.html * @author seawind * */ public class RefreshServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // 设置refresh response.setHeader("refresh", "5;url=index.html"); // 显示提示信息 response.setContentType("text/html;charset=utf-8"); response.getWriter().println("网页会在5秒后 跳转 index.html"); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); } }
设置响应消息头状态码302,实现请求 重定向
package cn.itcast.servlet; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * 完成请求 重定向 * @author seawind * */ public class RedirectServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // 设置状态码 302 response.setStatus(302); // 指定 重定向页面地址 response.setHeader("Location", "img.html"); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); } }
判断请求消息头,referer,实现防盗链
html
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Insert title here</title> </head> <body> <a href="referer">特价商品</a> </body> </html>
Servlet
package cn.itcast.servlet; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * 通过/referer 访问程序 * @author seawind * */ public class RefererServlet extends HttpServlet { // 处理get方式请求 public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // 判断请求中referer是否存在,有效 --- 防止盗链 String referer = request.getHeader("referer"); if(referer!=null && referer.equals("http://localhost/day4/index.html")){ // 有效 response.setContentType("text/html;charset=gbk"); response.getWriter().println("笔记本1000元"); }else{ // 无效 response.setContentType("text/html;charset=gbk"); response.getWriter().println("盗链真无耻!"); } } // 处理post方式请求 public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); } }
利用URL对象,伪造referer消息头,破解防盗链机制
package cn.itcast.client; import java.io.IOException; import java.net.MalformedURLException; import java.net.URL; import java.net.URLConnection; public class URLClient { public static void main(String[] args) throws IOException { // 建立访问目标URL对象 URL url = new URL("http://localhost/day4/referer"); // 建立目标URL连接 URLConnection urlConnection = url.openConnection(); // 伪造referer urlConnection.addRequestProperty("referer", "http://localhost/day4/index.html"); // 抓取响应内容 byte[] buf = new byte[8192]; int len = urlConnection.getInputStream().read(buf); // 输出内容 System.out.println(new String(buf,0,len)); } }