/* * To change this template, choose Tools | Templates * and open the template in the editor. */ package com.key.common.plugs.xss; import com.blogspot.radialmind.html.HTMLParser; import com.blogspot.radialmind.xss.XSSFilter; import com.itextpdf.text.log.SysoCounter; import java.io.StringReader; import java.io.StringWriter; import java.util.HashMap; import java.util.Iterator; import java.util.Map; import java.util.regex.Pattern; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequestWrapper; /** * XSS保护 * * @author storezhang */ public class XssHttpWrapper extends HttpServletRequestWrapper { private HttpServletRequest orgRequest; public XssHttpWrapper(HttpServletRequest request) { super(request); orgRequest = request; } /** * 覆盖getParameter方法，将参数名和参数值都做xss过滤。
* 如果需要获得原始的值，则通过super.getParameterValues(name)来获取
* getParameterNames,getParameterValues和getParameterMap也可能需要覆盖 */ @Override public String getParameter(String name) { String value = super.getParameter(xssEncode(name)); if (value != null) { value = xssEncode(value); } return value; } /** * 覆盖getHeader方法，将参数名和参数值都做xss过滤。
* 如果需要获得原始的值，则通过super.getHeaders(name)来获取
getHeaderNames 也可能需要覆盖 */ @Override public String getHeader(String name) { String value = super.getHeader(xssEncode(name)); if (value != null) { value = xssEncode(value); } return value; } /** * * @param name * @return */ public String[] getParameterValues(String name) { String[] values = super.getParameterValues(name); if (values != null) { for (int i = 0; i < values.length; i++) { values[i] = xssEncode(values[i]); } } return values; } /** * @return */ /*public Map getParameterMap() { HashMap paramMap = (HashMap) super.getParameterMap(); paramMap = (HashMap) paramMap.clone(); for (Iterator iterator = paramMap.entrySet().iterator(); iterator.hasNext(); ) { Map.Entry entry = (Map.Entry) iterator.next(); String[] values = (String[]) entry.getValue(); for (int i = 0; i < values.length; i++) { if(values[i] instanceof String){ values[i] = xssEncode((String)values[i]); } } entry.setValue(values); } return paramMap; }*/ /** * 从request中获得参数Map，并返回可读的Map * * @param request * @return */ public Map getParameterMap(HttpServletRequest request) { // 参数Map Map properties = request.getParameterMap(); Map returnMap = new HashMap(); Iterator entries = properties.entrySet().iterator(); Map.Entry entry; String name = ""; String[] value ; while (entries.hasNext()) { entry = (Map.Entry) entries.next(); name = (String) entry.getKey(); Object valueObj = entry.getValue(); if(null == valueObj){ value = new String[]{}; }else if(valueObj instanceof String[]){ value = (String[])valueObj; }else{ value = new String[]{valueObj.toString()}; } returnMap.put(name, value); } return returnMap; } /** * 获取最原始的request * * @return */ public HttpServletRequest getOrgRequest() { return orgRequest; } /** * 获取最原始的request的静态方法 * * @return */ public static HttpServletRequest getOrgRequest(HttpServletRequest req) { if (req instanceof XssHttpWrapper) { return ((XssHttpWrapper) req).getOrgRequest(); } return req; } public String escape(String s) { StringBuilder sb = new StringBuilder(s.length() + 16); for (int i = 0; i < s.length(); i++) { char c = s.charAt(i); switch (c) { case '>': sb.append('＞');// 全角大于号 break; case '<': sb.append('＜');// 全角小于号 break; case '\'': sb.append('‘');// 全角单引号 break; case '\"': sb.append('“');// 全角双引号 break; case '\\': sb.append('＼');// 全角斜线 break; case '%': sb.append('％'); // 全角冒号 break; default: sb.append(c); break; } } return sb.toString(); } /** * 将容易引起xss漏洞的半角字符直接替换成全角字符 * * @param s * @return */ private static String xssEncode(String s) { if (s == null || s.isEmpty()) { return s; } StringReader reader = new StringReader(s); StringWriter writer = new StringWriter(); try { HTMLParser.process(reader, writer, new XSSFilter(), true); return writer.toString(); } catch (NullPointerException e) { return s; } catch (Exception ex) { ex.printStackTrace(System.out); } return null; } /** * 将容易引起xss漏洞的半角字符直接替换成全角字符 * * @param s * @return */ /* public String xssEncode(String s) { if (s == null || s.isEmpty()) { return s; } String result = stripXSS(s); if (null != result) { result = escape(result); } return result; }*/ /** * 插件之所以报 mismatched tree node: EOF expecting错误是因为其对注入的脚本格式有校验 * @param * @return */ /*private String stripXSS(String value) { if (value != null) { // NOTE: It's highly recommended to use the ESAPI library and uncomment the following line to // avoid encoded attacks. // value = ESAPI.encoder().canonicalize(value); // Avoid null characters value = value.replaceAll("", ""); // Avoid anything between script tags Pattern scriptPattern = Pattern.compile("", Pattern.CASE_INSENSITIVE); value = scriptPattern.matcher(value).replaceAll(""); // Avoid anything in a src='...' type of expression scriptPattern = Pattern.compile("src[\r\n]*=[\r\n]*\\\'(.*?)\\\'", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL); value = scriptPattern.matcher(value).replaceAll(""); scriptPattern = Pattern.compile("src[\r\n]*=[\r\n]*\\\"(.*?)\\\"", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL); value = scriptPattern.matcher(value).replaceAll(""); // Remove any lonesome tag scriptPattern = Pattern.compile("", Pattern.CASE_INSENSITIVE); value = scriptPattern.matcher(value).replaceAll(""); // Remove any lonesome