url防盗链,防止图片,文件等被盗.

1.引入urlrewritefilter包: <dependency><groupid>org.tuckey</groupid><artifactid>urlrewritefilter</artifactid><version>3.2.0</version></dependency>

 

2.在web.xml中加入如下内容:

<filter><filter-name>UrlRewriteFilter</filter-name><filter-class>org.tuckey.web.filters.urlrewrite.UrlRewriteFilter</filter-class></filter><filter-mapping><filter-name>UrlRewriteFilter</filter-name><url-pattern>/*</url-pattern><dispatcher>REQUEST</dispatcher><dispatcher>FORWARD</dispatcher></filter-mapping>

 

3.在WEB-INF目录下(即与web.xml同级)加入urlrewrite.xml文件,内容如下:

<?xml version="1.0" encoding="utf-8"?><urlrewrite><rule><from>/img/([\s\S]*)</from><to>/validateURLSolrAction.action?file=$1</to></rule></urlrewrite>

 

4.增加SolrAction类,在类中加入方法,内容如下:

public void validateURL() throws IOException { String pass = "http://localhost:8080"; HttpServletRequest request = ServletActionContext.getRequest(); String referer = request.getHeader("Referer"); if (StringUtils.startsWith(referer, pass)) { String docPath = SolrAction.class.getResource("/").toString(); docPath = StringUtils.substringAfter( StringUtils.substringBefore(docPath, "WEB-INF"), "/"); String file = request.getParameter("file"); file = docPath + "img/" + file; System.out.println(file); File fileObjec = new File(file); InputStream is = new FileInputStream(fileObjec); HttpServletResponse response = ServletActionContext.getResponse(); ServletOutputStream out = response.getOutputStream(); int i; while ((i = is.read()) != -1) { out.write(i); } out.flush(); out.close(); } }

 

5.加入jsp页面,页面中包含以下内容:

 <body>
 <img alt="" src="img/img_sub1/me.gif">
</body>

 

6.这里当页面在客户端显示时,请求me.gif可以显示出来;但当单独用 http://localhost:8080/solr_client/img/img_sub1/me.gif 请求时,将不能显示图片.