我有一个简单的 JSON 清理过滤器/RequestWrapper(内容类型是application/json)。getReader(), getInputStream(), getParameter*()但是,在我的包装器中没有调用任何重要的覆盖 ( )。
这是我的过滤器:
public class MyFilter implements Filter
{
public MyFilter()
{
//Empty
}
@Override
public void init(final FilterConfig filterConfig) throws ServletException
{
//Empty
}
@Override
public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain)
throws IOException, ServletException
{
HttpServletRequest httpRequest = (HttpServletRequest)request;
HttpServletResponse httpResponse = (HttpServletResponse)response;
MyRequestWrapper wrappedRequest = new MyRequestWrapper(httpRequest);
chain.doFilter(wrappedRequest, httpResponse);
}
@Override
public void destroy()
{
// TODO Auto-generated method stub
}
}
这是我的包装:
public class MyRequestWrapper extends HttpServletRequestWrapper
{
private HttpServletRequest servletRequest;
public MyRequestWrapper(HttpServletRequest servletRequest)
{
super(servletRequest);
this.servletRequest = servletRequest;
}
@Override
public String[] getParameterValues(String parameter)
{
String[] values = super.getParameterValues(parameter);
if (values == null)
{
return null;
}
int count = values.length;
String[] sanitizedValues = new String[count];
for (int i = 0; i < count; i++)
{
sanitizedValues[i] = sanitizeUserInput(values[i]);
}
return sanitizedValues;
}
@Override
public String getParameter(String parameter)
{
String value = super.getParameter(parameter);
return sanitizeUserInput(value);
}
@Override
public ServletInputStream getInputStream() throws IOException
{
return this.servletRequest.getInputStream();
}
@Override
public BufferedReader getReader() throws IOException
{
return new BufferedReader(new InputStreamReader(this.getInputStream()));
}
private String sanitizeUserInput(String input)
{
// ...
return input;
}
}
我也尝试过覆盖 getParameterMap()、getHeaders() 等。一些覆盖被调用 - 但是当我的 json 发布到 servlet 时不会。过滤器链中的另一个过滤器是否有可能吞下柱体?有什么想法可以调试这个,或者有人知道会出什么问题吗?
谢谢