filter过滤器实现过滤非法文字

1.首先创建一个java web工程,目录如下:

  说明:   WorldFilter.java -> 过滤非法字符的过滤器 IllegalText.properties - >需要过滤的非法字符

2.  WorldFilter.java 代码

       package com; import java.io.FileNotFoundException; import java.io.IOException; import java.io.InputStream; import java.util.Collection; import java.util.Iterator; import java.util.Properties; import java.util.Random; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequestWrapper; public class WorldFilter implements Filter{   Properties ps = new Properties(); //properties 属性文件  Collection con = null; //非法文字集合(从properties属性文件中读取出来)  private String encoding; //字符编码  private String[] charWorld = new String[]{"~","@","#","$","%","^","&","*"}; //将非法文字替换成 随机字符  Random input = new Random(); //随机产生器(为上面的随机字符提供下标)   public void init(FilterConfig filterConfig) throws ServletException {   //获取字符编码字符串,需要web.xml文件中配置   encoding = filterConfig.getInitParameter("encoding");   try {    //读取properties配置文件    InputStream in = filterConfig.getServletContext().getResourceAsStream("/WEB-INF/IllegalText.properties");    ps.load(in);    con = ps.values(); //得到properties中的所有value值,存入collection集合中   } catch (FileNotFoundException e) {    // TODO Auto-generated catch block    e.printStackTrace();   } catch (IOException e) {    // TODO Auto-generated catch block    e.printStackTrace();   }  }  public void doFilter(ServletRequest request, ServletResponse response,    FilterChain chain) throws IOException, ServletException {   // TODO Auto-generated method stub   if(encoding != null){    request.setCharacterEncoding(encoding); //设置 request字符编码    request = new Request((HttpServletRequest)request);     response.setContentType("text/html;charset=" + encoding); //设置response字符编码   }   chain.doFilter(request, response);  }  public void destroy() {   // TODO Auto-generated method stub    }  //内部类 为了重写request的getParameter 和 getParameterValues  class Request extends HttpServletRequestWrapper{    public Request(HttpServletRequest request) {    super(request);   }    @Override   public String getParameter(String name) {//返回值之前 先进行过滤    return filter(super.getParameter(name));    }    @Override   public String[] getParameterValues(String name) { //返回值之前 先进行过滤    // TODO Auto-generated method stub    String[] values = super.getParameterValues(name);      for (int i = 0; i < values.length; i++) {     values[i] = filter(values[i]);    }    return values;   }        }   public String filter(String param){ //过滤非法字符的方法   try {    if(param != null && param.length()>0){ //保证传入的字符串不为空和空字符串     Iterator it = con.iterator(); //迭代器 可以 把collection中的值一条一条的读出来     if(con != null ){ //集合要被初始化      while (it.hasNext()) { //判断集合里是否还有值       String value = (String)it.next(); //取出该值       if(param.indexOf(value) != -1){        param = param.replace(value, charWorld[input.nextInt(8)]); //对非法字符词语进行替换       }      }      }        }   } catch (Exception e) {    // TODO Auto-generated catch block    e.printStackTrace();   }   return param;  } } 说明:   本人纯属新手,所以某些注释可能一点都不专业,不过我觉得挺简单易懂的 呵呵 3.  IllegalText.properties (三个非法文字为 靠 混蛋 fuck 自己可随意添加) 1=/u9760 2=/u6DF7/u86CB 3=fuck 4.  web.xml <?xml version="1.0" encoding="UTF-8"?> <web-app version="2.5"   xmlns="http://java.sun.com/xml/ns/javaee"   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"   xsi:schemaLocation="http://java.sun.com/xml/ns/javaee   http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">  <welcome-file-list>    <welcome-file>index.jsp</welcome-file>  </welcome-file-list>    <filter>    <filter-name>worldFilter</filter-name>    <filter-class>com.WorldFilter</filter-class>    <init-param>     <param-name>encoding</param-name>     <param-value>UTF-8</param-value>    </init-param>  </filter>  <filter-mapping>    <filter-name>worldFilter</filter-name>    <url-pattern>/*</url-pattern>  </filter-mapping> </web-app> 5.  index.jsp      <%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <html>  <head></head>  <body>    <form action="result.jsp" method="post">      <textarea cols="30" rows="10" name="message">      </textarea>      <input type="submit" value="提交">     </form>  </body> </html>  5.  index.jsp <%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <html>  <head></head>  <body>    <%      String message = request.getParameter("message");     %>     你刚刚输入的东东为: <%=message %>  </body> </html>

 说明:   这里为了方便测试 所以加上了<% %> 呵呵!