Servlet 1 http请求,响应消息头,状态码 盗链机制

目录:

设置响应消息头:refresh,实现5秒后 自动跳转 index.html

设置响应消息头状态码302,实现请求 重定向

判断请求消息头,referer,实现防盗链

利用URL对象,伪造referer消息头,破解防盗链机制

*注:Servlet在web.xml文件中有配置,注意查看

设置响应消息头:refresh,实现5秒后 自动跳转 index.html

package cn.itcast.servlet;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
 * 5秒后 自动跳转 index.html
 * @author seawind
 *
 */
public class RefreshServlet extends HttpServlet {

    public void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        // 设置refresh
        response.setHeader("refresh", "5;url=index.html");
        
        // 显示提示信息
        response.setContentType("text/html;charset=utf-8");
        response.getWriter().println("网页会在5秒后 跳转 index.html");
    }

    public void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }

}

设置响应消息头状态码302,实现请求 重定向

package cn.itcast.servlet;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
 * 完成请求 重定向
 * @author seawind
 *
 */
public class RedirectServlet extends HttpServlet {

    public void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        // 设置状态码 302 
        response.setStatus(302);
        // 指定 重定向页面地址
        response.setHeader("Location", "img.html");
    }

    public void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }

}

判断请求消息头,referer,实现防盗链

html

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
<a href="referer">特价商品</a>
</body>
</html>

Servlet

package cn.itcast.servlet;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
 * 通过/referer 访问程序
 * @author seawind
 *
 */
public class RefererServlet extends HttpServlet {

    // 处理get方式请求
    public void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        // 判断请求中referer是否存在,有效  --- 防止盗链
        String referer = request.getHeader("referer");
        if(referer!=null && referer.equals("http://localhost/day4/index.html")){
            // 有效
            response.setContentType("text/html;charset=gbk");
            response.getWriter().println("笔记本1000元");
        }else{
            // 无效
            response.setContentType("text/html;charset=gbk");
            response.getWriter().println("盗链真无耻!");
        }
    }

    // 处理post方式请求
    public void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }

}

利用URL对象,伪造referer消息头,破解防盗链机制

package cn.itcast.client;

import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLConnection;

public class URLClient {
    public static void main(String[] args) throws IOException {
        // 建立访问目标URL对象
        URL url = new URL("http://localhost/day4/referer");
        // 建立目标URL连接
        URLConnection urlConnection = url.openConnection();
        // 伪造referer
        urlConnection.addRequestProperty("referer", "http://localhost/day4/index.html");
        
        // 抓取响应内容
        byte[] buf = new byte[8192];
        int len = urlConnection.getInputStream().read(buf);
        
        // 输出内容
        System.out.println(new String(buf,0,len));
    }
}

 

posted @ 2014-08-20 16:56  vaer  阅读(527)  评论(0编辑  收藏  举报