renren-fast后端源码参考-配置和对应工具
1.renren-fast后端源码参考-配置和对应工具
1.1.前言
renren-fast是个开源的前后端分离快速开放平台,没有自己框架的同学可以直接使用它的,而我打算浏览一遍它的代码,提取一些好用的模块和功能结合自己的框架
这里我会罗列所有值得参考的功能点,可能有点多,那就分几块罗列
项目地址
由于renren本身的文档是需要购买才能观看,但实际上源码难度还是蛮低的,可以直接分模块引用需要的代码,参考我一下的模块划分
1.2.代码
这里的代码提取是为了方便单独模块的集成
1.2.1.Xss
Xss配置
importorg.springframework.boot.web.servlet.FilterRegistrationBean;
importorg.springframework.context.annotation.Bean;
importorg.springframework.context.annotation.Configuration;
importorg.springframework.web.filter.DelegatingFilterProxy;
importjavax.servlet.DispatcherType;
/**
*Filter配置
*/
@Configuration
publicclassFilterConfig{
@Bean
publicFilterRegistrationBeanshiroFilterRegistration(){
FilterRegistrationBeanregistration=newFilterRegistrationBean();
registration.setFilter(newDelegatingFilterProxy("shiroFilter"));
//该值缺省为false,表示生命周期由SpringApplicationContext管理,设置为true则表示由ServletContainer管理
registration.addInitParameter("targetFilterLifecycle","true");
registration.setEnabled(true);
registration.setOrder(Integer.MAX_VALUE-1);
registration.addUrlPatterns("/*");
returnregistration;
}
@Bean
publicFilterRegistrationBeanxssFilterRegistration(){
FilterRegistrationBeanregistration=newFilterRegistrationBean();
registration.setDispatcherTypes(DispatcherType.REQUEST);
registration.setFilter(newXssFilter());
registration.addUrlPatterns("/*");
registration.setName("xssFilter");
registration.setOrder(Integer.MAX_VALUE);
returnregistration;
}
}
/**
*XSS过滤
*/
publicclassXssFilterimplementsFilter{
@Override
publicvoidinit(FilterConfigconfig)throwsServletException{
}
publicvoiddoFilter(ServletRequestrequest,ServletResponseresponse,FilterChainchain)
throwsIOException,ServletException{
XssHttpServletRequestWrapperxssRequest=newXssHttpServletRequestWrapper(
(HttpServletRequest)request);
chain.doFilter(xssRequest,response);
}
@Override
publicvoiddestroy(){
}
}
XssHttpServletRequestWrapper
importorg.apache.commons.io.IOUtils;
importorg.apache.commons.lang.StringUtils;
importorg.springframework.http.HttpHeaders;
importorg.springframework.http.MediaType;
importjavax.servlet.ReadListener;
importjavax.servlet.ServletInputStream;
importjavax.servlet.http.HttpServletRequest;
importjavax.servlet.http.HttpServletRequestWrapper;
importjava.io.ByteArrayInputStream;
importjava.io.IOException;
importjava.util.LinkedHashMap;
importjava.util.Map;
/**
*XSS过滤处理
*
*@authorMarksunlightcs@gmail.com
*/
publicclassXssHttpServletRequestWrapperextendsHttpServletRequestWrapper{
//没被包装过的HttpServletRequest(特殊场景,需要自己过滤)
HttpServletRequestorgRequest;
//html过滤
privatefinalstaticHTMLFilterhtmlFilter=newHTMLFilter();
publicXssHttpServletRequestWrapper(HttpServletRequestrequest){
super(request);
orgRequest=request;
}
如果您觉得本文的内容对您的学习有所帮助:
关键字:
html