我有一个简单的JSON清理过滤器/ RequestWrapper(内容类型为application/json
)。但是,在我的包装器中没有调用任何重要的覆盖(getReader(), getInputStream(), getParameter*()
)。
这是我的过滤器:
public class MyFilter implements Filter
{
public MyFilter()
{
//Empty
}
@Override
public void init(final FilterConfig filterConfig) throws ServletException
{
//Empty
}
@Override
public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain)
throws IOException, ServletException
{
HttpServletRequest httpRequest = (HttpServletRequest)request;
HttpServletResponse httpResponse = (HttpServletResponse)response;
MyRequestWrapper wrappedRequest = new MyRequestWrapper(httpRequest);
chain.doFilter(wrappedRequest, httpResponse);
}
@Override
public void destroy()
{
// TODO Auto-generated method stub
}
}
这是我的包装器:
public class MyRequestWrapper extends HttpServletRequestWrapper
{
private HttpServletRequest servletRequest;
public MyRequestWrapper(HttpServletRequest servletRequest)
{
super(servletRequest);
this.servletRequest = servletRequest;
}
@Override
public String[] getParameterValues(String parameter)
{
String[] values = super.getParameterValues(parameter);
if (values == null)
{
return null;
}
int count = values.length;
String[] sanitizedValues = new String[count];
for (int i = 0; i < count; i++)
{
sanitizedValues[i] = sanitizeUserInput(values[i]);
}
return sanitizedValues;
}
@Override
public String getParameter(String parameter)
{
String value = super.getParameter(parameter);
return sanitizeUserInput(value);
}
@Override
public ServletInputStream getInputStream() throws IOException
{
return this.servletRequest.getInputStream();
}
@Override
public BufferedReader getReader() throws IOException
{
return new BufferedReader(new InputStreamReader(this.getInputStream()));
}
private String sanitizeUserInput(String input)
{
// ...
return input;
}
}
我也尝试过覆盖getParameterMap(),getHeaders()等。有些覆盖被调用 - 但是当我的json被发布到servlet时却没有。过滤链中的另一个过滤器是否可能吞下柱体? 任何想法如何我可以调试这个或有没有人知道什么可能出错?
感谢