SpringMVC处理脚本,SQL注入问题(写的不好勿喷,互相学习)

使用 Filter 来过滤浏览器发出的请求,对每个URI参数请求过滤些关键字,替换成安全的字符。所有请求的 getParameter 会被替换,如果参数里面含有敏感词会被替换掉。

对于类似:>"<script>alert('XSS');</script>


一、过滤些敏感的脚本



1、编写XssHttpServletRequestWrapper

import javax. servlet. http. HttpServletRequest;
import javax. servlet. http. HttpServletRequestWrapper; public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
public XssHttpServletRequestWrapper (HttpServletRequest servletRequest) {
super(servletRequest);
}
public String [] getParameterValues (String parameter) {
String [] values = super. getParameterValues(parameter);
if (values == null) {
return null;
}
int count = values. length;
String [] encodedValues = new String[count];
for (int i = 0; i < count; i++) {
encodedValues[i] = cleanXSS(values[i]);
}
return encodedValues;
}
public String getParameter (String parameter) {
String value = super. getParameter(parameter);
if (value == null) {
return null;
}
return cleanXSS(value);
}
public String getHeader (String name) {
String value = super. getHeader(name);
if (value == null)
return null;
return cleanXSS(value);
}
private String cleanXSS (String value) {
value = value. replaceAll ("<", "& lt;"). replaceAll (">", "& gt;");
value = value. replaceAll ("\\ (", "& #40;"). replaceAll ("\\)", "& #41;");
value = value. replaceAll ("'", "& #39;");
value = value. replaceAll ("eval\\ ((. *)\\)", "");
value = value. replaceAll ("[\\\"\\\’] [\\s] *javascript:(. *)[\\\"\\\']", "\"\"");
value = value. replaceAll ("script", "");
return value;

2、添加一个过滤器 XssFilter


import java.io.IOException;


import javax. servlet.Filter;


import javax. servlet.FilterChain;


import javax. servlet.FilterConfig;


import javax. servlet.ServletException;


import javax. servlet.ServletRequest;


import javax. servlet.ServletResponse;


import javax. servlet. http. HttpServletRequest;


publicclass XSSFilter implements Filter {


FilterConfig filterConfig = null;


publicvoid init (FilterConfig filterConfig) throws ServletException {


this. filterConfig = filterConfig;


}


publicvoid destroys () {


this. filterConfig = null;


}


publicvoid doFilter (ServletRequest request, ServletResponse response, FilterChain chain)


throws IOException, ServletException {


chain. doFilter (new
XssHttpServletRequestWrapper((HttpServletRequest) request), response);


}


}


3、在web中配置


<filter>


    <filter-name>XssSqlFilter</filter-name>


    <filter-class>com. Controller.XSSFilter</filter-class>


</filter>


<filter-mapping>


    <filter-name>XssSqlFilter</filter-name>


    <url-pattern>/*</url-pattern>


    <dispatcher>REQUEST</dispatcher>


</filter-mapping>


4、基于springMVC的配置使用


编写SqlInjectInterceptor


import org.springframework.web. servlet.HandlerInterceptor;


import org.springframework.web. servlet.ModelAndView;


import javax. servlet. http. HttpServletRequest;


import javax. servlet. http. HttpServletResponse;


import java. util. Enumeration;


/** * 防止SQL注入的拦截器  */


publicclass SqlInjectInterceptor implements HandlerInterceptor {


publicboolean preHandle(HttpServletRequest request,HttpServletResponse response, Object o) throws Exception {


Enumeration names = request.getParameterNames ();


while (names. hasMoreElements()) {


String name = (String) names.nextElement();


String[] values = request.getParameterValues(name);


for (String value: values) {


value = clearXss(value);


}


}


returntrue;


}


publicvoid postHandle(HttpServletRequest request,HttpServletResponse response, Object o, ModelAndView modelAndView) throws Exception {



}


publicvoidafterCompletion(HttpServletRequest request,HttpServletResponse response, Object o, Exception e)


throws Exception {


}


/** * 处理字符转义 * * @param value * @return */


private String clearXss (String value) {


if (value == null || "".equals(value)) {


returnvalue;


}


System.err.println("=========>:处理字符转义");


value = value. replaceAll ("<", "<"). replaceAll (">", ">");


value = value.replaceAll("\\(", "(").replace("\\)", ")");


value = value. replaceAll ("'", "'");


value = value.replaceAll("eval\\((.*)\\)", "");


value = value.replaceAll("[\\\"\\\'][\\s]*javascript:(.*)[\\\"\\\']", "\"\"");


value = value.replace("script", "");


returnvalue;


}


}


二、对含有敏感的脚本,直接处理掉。


1、编写SX_Filter


import java.io.IOException;


import java. util.Enumeration;


import javax. servlet.Filter;


import javax. servlet.FilterChain;


import javax. servlet.FilterConfig;


import javax. servlet.ServletException;


import javax. servlet.ServletRequest;


import javax. servlet.ServletResponse;


import javax. servlet.http. HttpServletRequest;


import javax. servlet. http. HttpServletResponse;


publicclass SX_Filterimplements Filter {


private FilterConfig config;


privatestatic String errorPath;// 出错跳转的目的地


privatestatic String[] excludePaths;// 不进行拦截的url


privatestatic String [] safeless = { // 需要拦截的字符关键字、url编码


"<script",


"</script",


"<iframe",


"</iframe",


"<frame",


"</frame",


"set-cookie",


"%3cscript",


"%3c/script",


"%3ciframe",


"%3c/iframe",


"%3cframe",


"%3c/frame",


"src=\"javascript:",


"<body",


        "</body",


"%3cbody",


"%3c/body",


"<", ">","</","/>","%3c","%3e","%3c/","/%3e"};


publicvoid doFilter(ServletRequest req, ServletResponse resp, FilterChain filterChain)


throws IOException, ServletException {


Enumeration params = req. getParameterNames ();


HttpServletRequest request = (HttpServletRequest) req;


HttpServletResponse response = (HttpServletResponse)resp;


booleanisSafe = true;


String requestUrl = request. getRequestURI ();


if (isSafe(requestUrl)) {


requestUrl = requestUrl.substring(requestUrl.indexOf("/"));


if (! excludeUrl(requestUrl)) {


while (params. hasMoreElements ()) {


String cache = req.getParameter((String) params.nextElement());


if (null != cache && cache.length() > 0) {


if (!isSafe(cache)) {


isSafe = false;


break;


}


}


}


}


}else{


isSafe = false;


}


if (! isSafe) {


request.setAttribute("error", "您输入的参数有非法字符!");


response. sendRedirect ("http://... ");


return;


}


filterChain.doFilter(req, resp);


}


privatestaticboolean isSafe (String str) {


if (null! = str && str. length () > 0) {


for (String s: safeless) {


if (str. toLowerCase ().contains(s)) {


returnfalse;


}


}


}


returntrue;


}


privateboolean excludeUrl (String url) {


if (excludePaths != null && excludePaths.length > 0) {


for (String path : excludePaths) {


if (url. toLowerCase (). equals(path)) {


returntrue;


}


}


}


returnfalse;


}


publicvoid destroy() {


}


publicvoid init(FilterConfig config) throws ServletException {


this.config = config;


errorPath = config. getInitParameter("errorPath");


String excludePath = config.getInitParameter("excludePaths");


if (null != excludePath && excludePath.length() > 0) {


excludePaths = excludePath.split(",");


}


}


}


2、在web中配置


<filter>


    <filter-name>XssSqlFilter</filter-name>


    <filter-class>com. Controller. SX_Filter </filter-class>


</filter>


<filter-mapping>


    <filter-name>XssSqlFilter</filter-name>


    <url-pattern>/*</url-pattern>


    <dispatcher>REQUEST</dispatcher>


</filter-mapping>



Spring MVC处理脚本和SQL注入

使用 Filter 来过滤浏览器发出的请求,对每个URI参数请求过滤些关键字,替换成安全的字符。所有请求的 getParameter 会被替换,如果参数里面含有敏感词会被替换掉。

对于类似:>"<script>alert('XSS');</script>

一、过滤些敏感的脚本

1、编写XssHttpServletRequestWrapper

import javax. servlet. http. HttpServletRequest;

import javax. servlet. http. HttpServletRequestWrapper;

publicclassXssHttpServletRequestWrapper extendsHttpServletRequestWrapper{

public XssHttpServletRequestWrapper (HttpServletRequest servletRequest) {

super(servletRequest);

}

public String [] getParameterValues (String parameter) {

String [] values = super. getParameterValues(parameter);

if (values == null) {

returnnull;

}

intcount = values. length;

String [] encodedValues = new String[count];

for (inti = 0; i < count; i++) {

encodedValues[i] = cleanXSS(values[i]);

}

returnencodedValues;

}

public String getParameter (String parameter) {

String value = super. getParameter(parameter);

if (value == null) {

returnnull;

}

return cleanXSS(value);

}

public String getHeader (String name) {

String value = super. getHeader(name);

if (value == null)

returnnull;

return cleanXSS(value);

}

private String cleanXSS (String value) {

value = value. replaceAll ("<", "& lt;"). replaceAll (">", "& gt;");

value = value. replaceAll ("\\ (", "& #40;"). replaceAll ("\\)", "& #41;");

value = value. replaceAll ("'", "& #39;");

value = value. replaceAll ("eval\\ ((. *)\\)", "");

value = value. replaceAll ("[\\\"\\\’] [\\s] *javascript:(. *)[\\\"\\\']", "\"\"");

value = value. replaceAll ("script", "");

returnvalue;

}

}

2、添加一个过滤器 XssFilter

import java.io. IOException;

import javax. servlet. Filter;

import javax. servlet. FilterChain;

import javax. servlet. FilterConfig;

import javax. servlet. ServletException;

import javax. servlet. ServletRequest;

import javax. servlet. ServletResponse;

import javax. servlet. http. HttpServletRequest;

publicclass XSSFilter implements Filter {

FilterConfig filterConfig = null;

publicvoid init (FilterConfig filterConfig) throws ServletException {

this. filterConfig = filterConfig;

}

publicvoid destroys () {

this. filterConfig = null;

}

publicvoid doFilter (ServletRequest request, ServletResponse response, FilterChain chain)

throws IOException, ServletException {

chain. doFilter (new XssHttpServletRequestWrapper((HttpServletRequest) request), response);

}

}

3、在web中配置

<filter>

    <filter-name>XssSqlFilter</filter-name>

    <filter-class>com. Controller.XSSFilter</filter-class>

</filter>

<filter-mapping>

    <filter-name>XssSqlFilter</filter-name>

    <url-pattern>/*</url-pattern>

    <dispatcher>REQUEST</dispatcher>

</filter-mapping>

 

 

4、基于springMVC的配置使用

编写SqlInjectInterceptor

import org.springframework.web. servlet. HandlerInterceptor;

import org.springframework.web. servlet. ModelAndView;

import javax. servlet. http. HttpServletRequest;

import javax. servlet. http. HttpServletResponse;

import java. util. Enumeration;

/** * 防止SQL注入的拦截器  */

publicclass SqlInjectInterceptor implements HandlerInterceptor {

publicboolean preHandle(HttpServletRequest request, HttpServletResponse response, Object o) throws Exception {

Enumeration names = request. getParameterNames ();

while (names. hasMoreElements ()) {

String name = (String) names.nextElement();

String[] values = request.getParameterValues(name);

for (String value: values) {

value = clearXss(value);

}

}

returntrue;

}

publicvoid postHandle(HttpServletRequest request, HttpServletResponse response, Object o,

ModelAndView modelAndView) throws Exception {

}

publicvoid afterCompletion(HttpServletRequest request, HttpServletResponse response, Object o, Exception e)

throws Exception {

}

/** * 处理字符转义 * * @param value * @return */

private String clearXss (String value) {

if (value == null || "".equals(value)) {

returnvalue;

}

System.err.println("=========>:处理字符转义");

value = value. replaceAll ("<", "<"). replaceAll (">", ">");

value = value.replaceAll("\\(", "(").replace("\\)", ")");

value = value. replaceAll ("'", "'");

value = value.replaceAll("eval\\((.*)\\)", "");

value = value.replaceAll("[\\\"\\\'][\\s]*javascript:(.*)[\\\"\\\']", "\"\"");

value = value.replace("script", "");

returnvalue;

}

}

在springMVC.xml文件中配置SqlInjectInterceptor

<! -- 拦截器:SQL注入拦截 -->

<mvc: interceptors>

        <mvc: interceptor>

             <mvc: mapping path="/**" />

             <bean class="com. Controller.SqlInjectInterceptor"></bean>

        </mvc: interceptor>

    </mvc: interceptors>

 

二、对含有敏感的脚本,直接处理掉。

1、编写SX_Filter

import java.io. IOException;

import java. util. Enumeration;

import javax. servlet. Filter;

import javax. servlet. FilterChain;

import javax. servlet. FilterConfig;

import javax. servlet. ServletException;

import javax. servlet. ServletRequest;

import javax. servlet. ServletResponse;

import javax. servlet. http. HttpServletRequest;

import javax. servlet. http. HttpServletResponse;

publicclass SX_Filter implements Filter {

private FilterConfig config;

privatestatic String errorPath;// 出错跳转的目的地

privatestatic String[] excludePaths;// 不进行拦截的url

privatestatic String [] safeless = { // 需要拦截的字符关键字、url编码

"<script",

"</script",

"<iframe",

"</iframe",

"<frame",

"</frame",

"set-cookie",

"%3cscript",

"%3c/script",

"%3ciframe",

"%3c/iframe",

"%3cframe",

"%3c/frame",

"src=\"javascript:",

"<body", "</body",

"%3cbody",

"%3c/body",

"<", ">","</","/>","%3c","%3e","%3c/","/%3e"};

publicvoid doFilter(ServletRequest req, ServletResponse resp, FilterChain filterChain)

throws IOException, ServletException {

Enumeration params = req. getParameterNames ();

HttpServletRequest request = (HttpServletRequest) req;

HttpServletResponse response = (HttpServletResponse) resp;

booleanisSafe = true;

String requestUrl = request. getRequestURI ();

if (isSafe(requestUrl)) {

requestUrl = requestUrl.substring(requestUrl.indexOf("/"));

if (! excludeUrl(requestUrl)) {

while (params. hasMoreElements ()) {

String cache = req.getParameter((String) params.nextElement());

if (null != cache && cache.length() > 0) {

if (!isSafe(cache)) {

isSafe = false;

break;

}

}

}

}

} else {

isSafe = false;

}

if (! isSafe) {

request.setAttribute("error", "您输入的参数有非法字符!");

response. sendRedirect ("http://... ");

return;

}

filterChain.doFilter(req, resp);

}

privatestaticboolean isSafe (String str) {

if (null! = str && str. length () > 0) {

for (String s: safeless) {

if (str. toLowerCase (). contains(s)) {

returnfalse;

}

}

}

returntrue;

}

privateboolean excludeUrl (String url) {

if (excludePaths != null && excludePaths.length > 0) {

for (String path : excludePaths) {

if (url. toLowerCase (). equals(path)) {

returntrue;

}

}

}

returnfalse;

}

publicvoid destroy() {

}

publicvoid init(FilterConfig config) throws ServletException {

this.config = config;

errorPath = config. getInitParameter("errorPath");

String excludePath = config.getInitParameter("excludePaths");

if (null != excludePath && excludePath.length() > 0) {

excludePaths = excludePath.split(",");

}

}

}

2、在web中配置

<filter>

    <filter-name>XssSqlFilter</filter-name>

    <filter-class>com. Controller. SX_Filter </filter-class>

</filter>

<filter-mapping>

    <filter-name>XssSqlFilter</filter-name>

    <url-pattern>/*</url-pattern>

    <dispatcher>REQUEST</dispatcher>

</filter-mapping>

SpringMVC处理脚本,SQL注入问题的更多相关文章

  1. 网站跨站点脚本,Sql注入等攻击的处理

    从360安全论坛里找到的一段代码,经过整理封装,直接在站点Global.asax文件或写一个HttpModule来拦截恶意请求即可: http://bbs.webscan.360.cn/forum.p ...

  2. [原]网站跨站点脚本,Sql注入等攻击的处理

    从360安全论坛里找到的一段代码,经过整理封装,直接在站点Global.asax文件或写一个HttpModule来拦截恶意请求即可: http://bbs.webscan.360.cn/forum.p ...

  3. 使用过滤器解决SQL注入和跨站点脚本编制

    1 SQL注入.盲注 1.1 SQL注入.盲注概述 Web 应用程序通常在后端使用数据库,以与企业数据仓库交互.查询数据库事实上的标准语言是 SQL(各大数据库供应商都有自己的不同版本).Web 应用 ...

  4. zabbix(sql注入判断脚本)

    zabbix(sql注入判断脚本) #-*-coding:utf-8-*- # code by anyun.org import urllib import re def getHtml(url): ...

  5. SpringMVC利用拦截器防止SQL注入

    引言 随着互联网的发展,人们在享受互联网带来的便捷的服务的时候,也面临着个人的隐私泄漏的问题.小到一个拥有用户系统的小型论坛,大到各个大型的银行机构,互联网安全问题都显得格外重要.而这些网站的背后,则 ...

  6. phpcms v9 sql注入脚本

    phpcms v9 SQL注入脚本 用法:python phpcms.py http://www.baidu.com import requests,sys,urllib url = sys.argv ...

  7. Bypass 360主机卫士SQL注入防御(附tamper脚本)

    0x01 前言 在测试过程中,经常会遇到一些主机防护软件,对这方面做了一些尝试,可成功bypass了GET和POST的注入防御,分享一下姿势. 0x02 环境搭建 Windows Server 200 ...

  8. 动态调试|Maccms SQL 注入分析(附注入盲注脚本)

    0x01 前言 已经有一周没发表文章了,一个朋友叫我研究maccms的代码审计,碰到这个注入的漏洞挺有趣的,就在此写一篇分析文. 0x02 环境 Web: phpstudySystem: Window ...

  9. python 打造一个sql注入脚本 (一)

    0x00前言: 昨天刚刚看完小迪老师的sql注入篇的第一章 所以有了新的笔记. 0x01笔记: sql注入原理: 网站数据传输中,接受变量传递的值未进行过滤,导致直接带入数据库查询执行的操作. sql ...

随机推荐

  1. Hadoop安装(Ubuntu Kylin 14.04)

    安装环境:ubuntu kylin 14.04   haoop-1.2.1   hadoop下载地址:http://apache.mesi.com.ar/hadoop/common/hadoop-1. ...

  2. 最新CSS3常用30种选择器总结(适合初学者)

     1. *:通用元素选择器 * { margin: 0; padding: 0; } *选择器是选择页面上的全部元素,上面的代码作用是把全部元素的margin和padding设为0,最基本的清除默认C ...

  3. 最简洁粗暴版的虚拟用户配置FTP

    最简洁粗暴版的虚拟用户配置FTP yum安装FTP: yum install vsftpd pam* db4* -y 设置为系统服务:chkconfig –level 35 vsftpd on 2.v ...

  4. ASP.NET页面生存周期

    .Net的Page请求过程:

  5. aspx页面与服务器控件间运行原理

    一.进入服务器控件以及aspx页面前,必须的准备: a)在WebForm 中只要带有runat="server" 那么那就是一个控件. b)如果form有runat="s ...

  6. 取消双向绑定、输出html代码

    1.取消双向绑定,在绑定的值前加*号. 如: <div id="app"> <p>{{*message}}</p> </div> 2 ...

  7. c语言学习的第四天2

    上图显示了float和double的精度,精度:就是指数值的精确程度,浮点类型可表示的数值范围很大,但只有几位是精确的,可以通过小 数所占的位数来获取,float小数部分最多能有7位有效数字,但绝对能 ...

  8. ubuntu 12.04 LTS(64位)安装apache2

    在网上找了很多文章,说法不一,不知道应该用哪种方法,后来想就用其中最简单的吧,装不好再卸了重装, 然后就...装上了,用的是tar包源码安装,下面是步骤 1.去官网下载apache2.2.25源码包, ...

  9. IOS学习4

    ---恢复内容开始--- UIScrollView 屏幕展示有限,超出一个屏时用户可滚动查看过多部分.UIView不具备滚动功能. -取消autolayout -设置CGSize contentSiz ...

  10. 关于Raw,Assets的使用

    Raw,Assets下文件区别: 相同点:两个目录下的文件在打包后都会原封不动的保存到apk中,不会被编译成二进制. 不同点:Raw下文件不能使用目录结构, 有些格式的会被压缩,能够通过R.raw方便 ...