SpringMVC处理脚本,SQL注入问题
SpringMVC处理脚本,SQL注入问题(写的不好勿喷,互相学习)
使用 Filter 来过滤浏览器发出的请求,对每个URI参数请求过滤些关键字,替换成安全的字符。所有请求的 getParameter 会被替换,如果参数里面含有敏感词会被替换掉。
对于类似:>"<script>alert('XSS');</script>
一、过滤些敏感的脚本
1、编写XssHttpServletRequestWrapper
import javax. servlet. http. HttpServletRequest;
import javax. servlet. http. HttpServletRequestWrapper; public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
public XssHttpServletRequestWrapper (HttpServletRequest servletRequest) {
super(servletRequest);
}
public String [] getParameterValues (String parameter) {
String [] values = super. getParameterValues(parameter);
if (values == null) {
return null;
}
int count = values. length;
String [] encodedValues = new String[count];
for (int i = 0; i < count; i++) {
encodedValues[i] = cleanXSS(values[i]);
}
return encodedValues;
}
public String getParameter (String parameter) {
String value = super. getParameter(parameter);
if (value == null) {
return null;
}
return cleanXSS(value);
}
public String getHeader (String name) {
String value = super. getHeader(name);
if (value == null)
return null;
return cleanXSS(value);
}
private String cleanXSS (String value) {
value = value. replaceAll ("<", "& lt;"). replaceAll (">", "& gt;");
value = value. replaceAll ("\\ (", "& #40;"). replaceAll ("\\)", "& #41;");
value = value. replaceAll ("'", "& #39;");
value = value. replaceAll ("eval\\ ((. *)\\)", "");
value = value. replaceAll ("[\\\"\\\’] [\\s] *javascript:(. *)[\\\"\\\']", "\"\"");
value = value. replaceAll ("script", "");
return value;
2、添加一个过滤器 XssFilter
import java.io.IOException;
import javax. servlet.Filter;
import javax. servlet.FilterChain;
import javax. servlet.FilterConfig;
import javax. servlet.ServletException;
import javax. servlet.ServletRequest;
import javax. servlet.ServletResponse;
import javax. servlet. http. HttpServletRequest;
publicclass XSSFilter implements Filter {
FilterConfig filterConfig = null;
publicvoid init (FilterConfig filterConfig) throws ServletException {
this. filterConfig = filterConfig;
}
publicvoid destroys () {
this. filterConfig = null;
}
publicvoid doFilter (ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
chain. doFilter (new
XssHttpServletRequestWrapper((HttpServletRequest) request), response);
}
}
3、在web中配置
<filter>
<filter-name>XssSqlFilter</filter-name>
<filter-class>com. Controller.XSSFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>XssSqlFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
4、基于springMVC的配置使用
编写SqlInjectInterceptor
import org.springframework.web. servlet.HandlerInterceptor;
import org.springframework.web. servlet.ModelAndView;
import javax. servlet. http. HttpServletRequest;
import javax. servlet. http. HttpServletResponse;
import java. util. Enumeration;
/** * 防止SQL注入的拦截器 */
publicclass SqlInjectInterceptor implements HandlerInterceptor {
publicboolean preHandle(HttpServletRequest request,HttpServletResponse response, Object o) throws Exception {
Enumeration names = request.getParameterNames ();
while (names. hasMoreElements()) {
String name = (String) names.nextElement();
String[] values = request.getParameterValues(name);
for (String value: values) {
value = clearXss(value);
}
}
returntrue;
}
publicvoid postHandle(HttpServletRequest request,HttpServletResponse response, Object o, ModelAndView modelAndView) throws Exception {
}
publicvoidafterCompletion(HttpServletRequest request,HttpServletResponse response, Object o, Exception e)
throws Exception {
}
/** * 处理字符转义 * * @param value * @return */
private String clearXss (String value) {
if (value == null || "".equals(value)) {
returnvalue;
}
System.err.println("=========>:处理字符转义");
value = value. replaceAll ("<", "<"). replaceAll (">", ">");
value = value.replaceAll("\\(", "(").replace("\\)", ")");
value = value. replaceAll ("'", "'");
value = value.replaceAll("eval\\((.*)\\)", "");
value = value.replaceAll("[\\\"\\\'][\\s]*javascript:(.*)[\\\"\\\']", "\"\"");
value = value.replace("script", "");
returnvalue;
}
}
二、对含有敏感的脚本,直接处理掉。
1、编写SX_Filter
import java.io.IOException;
import java. util.Enumeration;
import javax. servlet.Filter;
import javax. servlet.FilterChain;
import javax. servlet.FilterConfig;
import javax. servlet.ServletException;
import javax. servlet.ServletRequest;
import javax. servlet.ServletResponse;
import javax. servlet.http. HttpServletRequest;
import javax. servlet. http. HttpServletResponse;
publicclass SX_Filterimplements Filter {
private FilterConfig config;
privatestatic String errorPath;// 出错跳转的目的地
privatestatic String[] excludePaths;// 不进行拦截的url
privatestatic String [] safeless = { // 需要拦截的字符关键字、url编码
"<script",
"</script",
"<iframe",
"</iframe",
"<frame",
"</frame",
"set-cookie",
"%3cscript",
"%3c/script",
"%3ciframe",
"%3c/iframe",
"%3cframe",
"%3c/frame",
"src=\"javascript:",
"<body",
"</body",
"%3cbody",
"%3c/body",
"<", ">","</","/>","%3c","%3e","%3c/","/%3e"};
publicvoid doFilter(ServletRequest req, ServletResponse resp, FilterChain filterChain)
throws IOException, ServletException {
Enumeration params = req. getParameterNames ();
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse)resp;
booleanisSafe = true;
String requestUrl = request. getRequestURI ();
if (isSafe(requestUrl)) {
requestUrl = requestUrl.substring(requestUrl.indexOf("/"));
if (! excludeUrl(requestUrl)) {
while (params. hasMoreElements ()) {
String cache = req.getParameter((String) params.nextElement());
if (null != cache && cache.length() > 0) {
if (!isSafe(cache)) {
isSafe = false;
break;
}
}
}
}
}else{
isSafe = false;
}
if (! isSafe) {
request.setAttribute("error", "您输入的参数有非法字符!");
response. sendRedirect ("http://... ");
return;
}
filterChain.doFilter(req, resp);
}
privatestaticboolean isSafe (String str) {
if (null! = str && str. length () > 0) {
for (String s: safeless) {
if (str. toLowerCase ().contains(s)) {
returnfalse;
}
}
}
returntrue;
}
privateboolean excludeUrl (String url) {
if (excludePaths != null && excludePaths.length > 0) {
for (String path : excludePaths) {
if (url. toLowerCase (). equals(path)) {
returntrue;
}
}
}
returnfalse;
}
publicvoid destroy() {
}
publicvoid init(FilterConfig config) throws ServletException {
this.config = config;
errorPath = config. getInitParameter("errorPath");
String excludePath = config.getInitParameter("excludePaths");
if (null != excludePath && excludePath.length() > 0) {
excludePaths = excludePath.split(",");
}
}
}
2、在web中配置
<filter>
<filter-name>XssSqlFilter</filter-name>
<filter-class>com. Controller. SX_Filter </filter-class>
</filter>
<filter-mapping>
<filter-name>XssSqlFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
Spring MVC处理脚本和SQL注入
使用 Filter 来过滤浏览器发出的请求,对每个URI参数请求过滤些关键字,替换成安全的字符。所有请求的 getParameter 会被替换,如果参数里面含有敏感词会被替换掉。
对于类似:>"<script>alert('XSS');</script>
一、过滤些敏感的脚本
1、编写XssHttpServletRequestWrapper
import javax. servlet. http. HttpServletRequest;
import javax. servlet. http. HttpServletRequestWrapper;
publicclassXssHttpServletRequestWrapper extendsHttpServletRequestWrapper{
public XssHttpServletRequestWrapper (HttpServletRequest servletRequest) {
super(servletRequest);
}
public String [] getParameterValues (String parameter) {
String [] values = super. getParameterValues(parameter);
if (values == null) {
returnnull;
}
intcount = values. length;
String [] encodedValues = new String[count];
for (inti = 0; i < count; i++) {
encodedValues[i] = cleanXSS(values[i]);
}
returnencodedValues;
}
public String getParameter (String parameter) {
String value = super. getParameter(parameter);
if (value == null) {
returnnull;
}
return cleanXSS(value);
}
public String getHeader (String name) {
String value = super. getHeader(name);
if (value == null)
returnnull;
return cleanXSS(value);
}
private String cleanXSS (String value) {
value = value. replaceAll ("<", "& lt;"). replaceAll (">", "& gt;");
value = value. replaceAll ("\\ (", "& #40;"). replaceAll ("\\)", "& #41;");
value = value. replaceAll ("'", "& #39;");
value = value. replaceAll ("eval\\ ((. *)\\)", "");
value = value. replaceAll ("[\\\"\\\’] [\\s] *javascript:(. *)[\\\"\\\']", "\"\"");
value = value. replaceAll ("script", "");
returnvalue;
}
}
2、添加一个过滤器 XssFilter
import java.io. IOException;
import javax. servlet. Filter;
import javax. servlet. FilterChain;
import javax. servlet. FilterConfig;
import javax. servlet. ServletException;
import javax. servlet. ServletRequest;
import javax. servlet. ServletResponse;
import javax. servlet. http. HttpServletRequest;
publicclass XSSFilter implements Filter {
FilterConfig filterConfig = null;
publicvoid init (FilterConfig filterConfig) throws ServletException {
this. filterConfig = filterConfig;
}
publicvoid destroys () {
this. filterConfig = null;
}
publicvoid doFilter (ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
chain. doFilter (new XssHttpServletRequestWrapper((HttpServletRequest) request), response);
}
}
3、在web中配置
<filter>
<filter-name>XssSqlFilter</filter-name>
<filter-class>com. Controller.XSSFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>XssSqlFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
4、基于springMVC的配置使用
编写SqlInjectInterceptor
import org.springframework.web. servlet. HandlerInterceptor;
import org.springframework.web. servlet. ModelAndView;
import javax. servlet. http. HttpServletRequest;
import javax. servlet. http. HttpServletResponse;
import java. util. Enumeration;
/** * 防止SQL注入的拦截器 */
publicclass SqlInjectInterceptor implements HandlerInterceptor {
publicboolean preHandle(HttpServletRequest request, HttpServletResponse response, Object o) throws Exception {
Enumeration names = request. getParameterNames ();
while (names. hasMoreElements ()) {
String name = (String) names.nextElement();
String[] values = request.getParameterValues(name);
for (String value: values) {
value = clearXss(value);
}
}
returntrue;
}
publicvoid postHandle(HttpServletRequest request, HttpServletResponse response, Object o,
ModelAndView modelAndView) throws Exception {
}
publicvoid afterCompletion(HttpServletRequest request, HttpServletResponse response, Object o, Exception e)
throws Exception {
}
/** * 处理字符转义 * * @param value * @return */
private String clearXss (String value) {
if (value == null || "".equals(value)) {
returnvalue;
}
System.err.println("=========>:处理字符转义");
value = value. replaceAll ("<", "<"). replaceAll (">", ">");
value = value.replaceAll("\\(", "(").replace("\\)", ")");
value = value. replaceAll ("'", "'");
value = value.replaceAll("eval\\((.*)\\)", "");
value = value.replaceAll("[\\\"\\\'][\\s]*javascript:(.*)[\\\"\\\']", "\"\"");
value = value.replace("script", "");
returnvalue;
}
}
在springMVC.xml文件中配置SqlInjectInterceptor
<! -- 拦截器:SQL注入拦截 -->
<mvc: interceptors>
<mvc: interceptor>
<mvc: mapping path="/**" />
<bean class="com. Controller.SqlInjectInterceptor"></bean>
</mvc: interceptor>
</mvc: interceptors>
二、对含有敏感的脚本,直接处理掉。
1、编写SX_Filter
import java.io. IOException;
import java. util. Enumeration;
import javax. servlet. Filter;
import javax. servlet. FilterChain;
import javax. servlet. FilterConfig;
import javax. servlet. ServletException;
import javax. servlet. ServletRequest;
import javax. servlet. ServletResponse;
import javax. servlet. http. HttpServletRequest;
import javax. servlet. http. HttpServletResponse;
publicclass SX_Filter implements Filter {
private FilterConfig config;
privatestatic String errorPath;// 出错跳转的目的地
privatestatic String[] excludePaths;// 不进行拦截的url
privatestatic String [] safeless = { // 需要拦截的字符关键字、url编码
"<script",
"</script",
"<iframe",
"</iframe",
"<frame",
"</frame",
"set-cookie",
"%3cscript",
"%3c/script",
"%3ciframe",
"%3c/iframe",
"%3cframe",
"%3c/frame",
"src=\"javascript:",
"<body", "</body",
"%3cbody",
"%3c/body",
"<", ">","</","/>","%3c","%3e","%3c/","/%3e"};
publicvoid doFilter(ServletRequest req, ServletResponse resp, FilterChain filterChain)
throws IOException, ServletException {
Enumeration params = req. getParameterNames ();
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
booleanisSafe = true;
String requestUrl = request. getRequestURI ();
if (isSafe(requestUrl)) {
requestUrl = requestUrl.substring(requestUrl.indexOf("/"));
if (! excludeUrl(requestUrl)) {
while (params. hasMoreElements ()) {
String cache = req.getParameter((String) params.nextElement());
if (null != cache && cache.length() > 0) {
if (!isSafe(cache)) {
isSafe = false;
break;
}
}
}
}
} else {
isSafe = false;
}
if (! isSafe) {
request.setAttribute("error", "您输入的参数有非法字符!");
response. sendRedirect ("http://... ");
return;
}
filterChain.doFilter(req, resp);
}
privatestaticboolean isSafe (String str) {
if (null! = str && str. length () > 0) {
for (String s: safeless) {
if (str. toLowerCase (). contains(s)) {
returnfalse;
}
}
}
returntrue;
}
privateboolean excludeUrl (String url) {
if (excludePaths != null && excludePaths.length > 0) {
for (String path : excludePaths) {
if (url. toLowerCase (). equals(path)) {
returntrue;
}
}
}
returnfalse;
}
publicvoid destroy() {
}
publicvoid init(FilterConfig config) throws ServletException {
this.config = config;
errorPath = config. getInitParameter("errorPath");
String excludePath = config.getInitParameter("excludePaths");
if (null != excludePath && excludePath.length() > 0) {
excludePaths = excludePath.split(",");
}
}
}
2、在web中配置
<filter>
<filter-name>XssSqlFilter</filter-name>
<filter-class>com. Controller. SX_Filter </filter-class>
</filter>
<filter-mapping>
<filter-name>XssSqlFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
SpringMVC处理脚本,SQL注入问题的更多相关文章
- 网站跨站点脚本,Sql注入等攻击的处理
从360安全论坛里找到的一段代码,经过整理封装,直接在站点Global.asax文件或写一个HttpModule来拦截恶意请求即可: http://bbs.webscan.360.cn/forum.p ...
- [原]网站跨站点脚本,Sql注入等攻击的处理
从360安全论坛里找到的一段代码,经过整理封装,直接在站点Global.asax文件或写一个HttpModule来拦截恶意请求即可: http://bbs.webscan.360.cn/forum.p ...
- 使用过滤器解决SQL注入和跨站点脚本编制
1 SQL注入.盲注 1.1 SQL注入.盲注概述 Web 应用程序通常在后端使用数据库,以与企业数据仓库交互.查询数据库事实上的标准语言是 SQL(各大数据库供应商都有自己的不同版本).Web 应用 ...
- zabbix(sql注入判断脚本)
zabbix(sql注入判断脚本) #-*-coding:utf-8-*- # code by anyun.org import urllib import re def getHtml(url): ...
- SpringMVC利用拦截器防止SQL注入
引言 随着互联网的发展,人们在享受互联网带来的便捷的服务的时候,也面临着个人的隐私泄漏的问题.小到一个拥有用户系统的小型论坛,大到各个大型的银行机构,互联网安全问题都显得格外重要.而这些网站的背后,则 ...
- phpcms v9 sql注入脚本
phpcms v9 SQL注入脚本 用法:python phpcms.py http://www.baidu.com import requests,sys,urllib url = sys.argv ...
- Bypass 360主机卫士SQL注入防御(附tamper脚本)
0x01 前言 在测试过程中,经常会遇到一些主机防护软件,对这方面做了一些尝试,可成功bypass了GET和POST的注入防御,分享一下姿势. 0x02 环境搭建 Windows Server 200 ...
- 动态调试|Maccms SQL 注入分析(附注入盲注脚本)
0x01 前言 已经有一周没发表文章了,一个朋友叫我研究maccms的代码审计,碰到这个注入的漏洞挺有趣的,就在此写一篇分析文. 0x02 环境 Web: phpstudySystem: Window ...
- python 打造一个sql注入脚本 (一)
0x00前言: 昨天刚刚看完小迪老师的sql注入篇的第一章 所以有了新的笔记. 0x01笔记: sql注入原理: 网站数据传输中,接受变量传递的值未进行过滤,导致直接带入数据库查询执行的操作. sql ...
随机推荐
- SQL更新表的字段
Oracle: alter table CAPIAGENTLOG modify(clientcode nvarchar2()) SQL Server: alter table CAPIAGENTLOG ...
- Android IOS WebRTC 音视频开发总结(四二)-- webrtc开发者大会
本文主要介绍11月要在北京举办的webrtc开发者全球大会,文章来自博客园RTC.Blacker,支持原创,转载必须说明出处,更多详见www.rtc.help 其实两个月前就有圈内朋友跟我介绍这个大会 ...
- Visual Studio 中 Tab 转换为空格的设置
Visual Studio 中 Tab 转换为空格的设置 在 Visual Studio 中写代码时,按 Tab 键,会自动进行缩进.有时希望实现按 Tab 键,出现多个空格的效果.Visual St ...
- .NET程序员吧需要知道的小知识——关于数据库
关于数据库 作为一个有“情怀的”(B格高一些的).NET开发工程师,需要多少知道一些这样的小故事. 哪怕仅仅当作一些扯淡的谈资. 1.文件型数据库(常见的) Access SQLite SQLSe ...
- 苹果App转移图文详解-Transfer App
此文章只是为了记录一个Apple ID下的APP,转移到另外一个Apple ID 账户下.为了说的清楚下面用A账户(有App,要转出去)B账户(接收A账户App,接收者),来说明. 1. 登 ...
- Linux动态库的查找路径
前两天写了一个动态库,然后试图编译到程序里面去运行,结果发现编译的时候通过gcc的-L参数来指定路径仅仅能让编译通过,运行时还是会出问题的. 比如下面这个例子: main.c是主程序,sum.c中间含 ...
- eclipse 中maven项目右键没有maven菜单问题
修改项目.project文件,确保有maven2Builder和maven2Nature2个标签: <?xml version="1.0" encoding="UT ...
- mongodb基础用法
安装部分 mongodb配置方法 mongodb的安装目录 C:\MongoDB\Server\3.2\bin 创建以下目录 c:\mongo\log c:\mongo\db 创建mongodb的配置 ...
- ThinkPHP之中的图片上传操作
直接上个例子,其中包括有单图片文件上传.多图片文件上传.以及删除文件的一些操作.放置删除数据库的时候,仅仅删除掉了数据库之中的文件路径.而不是一并删除服务器之中的文件.放置服务器爆炸... TP里面c ...
- php 购物车的例子
网上搜到的,简单容易理解.cookie存购物车ID,db存购物车数据. //购物车session的产生代码 1 if(! $session && ! $scid) { 2 / ...