urlrewrite主要实现后天请求中的地址重写,防止被安全漏洞盲注入
http://tuckey.org/urlrewrite/ 下载最新的jar
下面是使用说明:
1.下载urlrewrite,官方下载地址:http://tuckey.org/urlrewrite/dist/urlrewritefilter-2.6.zip
2.解压缩文件,压缩包内文件copy到项目中(压缩包位置 -> 项目位置):
urlrewrite-2.6.0-src/webapp/WEB-INF/lib/urlrewrite-2.6.0.jar -> WebRoot/WEB-INF/lib/urlrewrite-2.6.0.jar
urlrewrite-2.6.0-src/webapp/WEB-INF/urlrewrite.xml -> WebRoot/WEB-INF/urlrewrite.xml
3.将以下代码添加到web.xml里
<filter> <filter-name>UrlRewriteFilter</filter-name> <filter-class> org.tuckey.web.filters.urlrewrite.UrlRewriteFilter </filter-class> </filter> <filter-mapping> <filter-name>UrlRewriteFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
4.修改urlrewrite.xml
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE urlrewrite PUBLIC "-//tuckey.org//DTD UrlRewrite 2.6//EN"
"http://tuckey.org/res/dtds/urlrewrite2.6.dtd">
<urlrewrite>
<!-- 首页->内容页路径 -->
<rule>
<!-- /read.do?action=topic&id=8a887c3f4236de4501424513812c0273&bid=2 -->
<note>/read-action-id-bid.html</note>
<from>^/read-(w+)-(w+)-(d+).html$</from>
<to>/read.do?action=$1&id=$2&bid=$3</to>
</rule>
<!-- 搜索 -->
<rule>
<note>solrSearch-action.html</note>
<from>^/solrSearch-(w+).html$</from>
<to>/solrSearch.egov?action=$1</to>
</rule>
<rule>
<from>/urltest/status/</from>
<to type="redirect">%{context-path}/rewrite-status</to>
</rule>
<outbound-rule>
<from>/rewrite-status</from>
<to>/test/status/</to>
</outbound-rule>
</urlrewrite>
<urlrewrite decode-using="UTF-8"> <!--action重写 /Feedbook.do?typeid=5--> <rule> <note>action-type.html</note> <from>^/feedBook_(d+).html</from> <to>/Feedbook.do?typeid=$1</to> </rule> <outbound-rule> <from>/Feedbook.do?typeid=(d+)$</from> <to>/feedBook_$1.html</to> </outbound-rule>
</urlrewrite>