Java正则表达式过滤脚本威胁--封装类
import java.util.regex.Matcher;
import java.util.regex.Pattern;
/**
* 正则表达式过滤脚本威胁
* Title: webCourse2010<br>
* Description: <br>
* Copyright: Copyright (c) 2011 <br>
* Create DateTime: Nov 21, 2011 1:55:29 PM <br>
* CVS last modify person: rexqing <br>
* CVS last modify DateTime: Nov 21, 2011 1:55:29 PM <br>
* CVS last version: <br>
* @author 邓清泉
*/
public class ReplseJs {
public static String replseJs(String html)
{
try
{
Pattern replse1 = Pattern.compile("<[\\s]*?script[^>]*?>[\\s\\S]*?<[\\s]*?\\/[\\s]*?script[\\s]*?>",Pattern.CASE_INSENSITIVE);
Pattern replse2 = Pattern.compile("<[\\s]*?link[^>]*?>[\\s\\S]*?<[\\s]*?\\/[\\s]*?link[\\s]*?>",Pattern.CASE_INSENSITIVE);
Pattern replse3 = Pattern.compile("<[\\s]*?style[^>]*?>[\\s\\S]*?<[\\s]*?\\/[\\s]*?style[\\s]*?>",Pattern.CASE_INSENSITIVE);
Pattern replse4 = Pattern.compile("<[\\s]*?iframe[^>]*?>[\\s\\S]*?<[\\s]*?\\/[\\s]*?iframe[\\s]*?>",Pattern.CASE_INSENSITIVE);
Pattern replse5 = Pattern.compile("<(script|link|style|iframe)(.|\\n)*<\\/\\>\\s*");
Pattern replse6 = Pattern.compile("javascript");
Pattern replse7 = Pattern.compile("expression\\([^)]+\\)");
Pattern replse8 = Pattern.compile("<[\\s]*?link[^>]*?>",Pattern.CASE_INSENSITIVE);
Pattern replse9 = Pattern.compile("<[\\s]*?iframe[^>]*?>",Pattern.CASE_INSENSITIVE);
Matcher matcher1 = replse1.matcher(html);
html = matcher1.replaceAll("");
Matcher matcher2 = replse2.matcher(html);
html = matcher2.replaceAll("");
Matcher matcher3 = replse3.matcher(html);
html = matcher3.replaceAll("");
Matcher matcher4 = replse4.matcher(html);
html = matcher4.replaceAll("");
Matcher matcher5 = replse5.matcher(html);
html=matcher5.replaceAll("");
Matcher matcher6 = replse6.matcher(html);
html=matcher6.replaceAll(" ");
Matcher matcher7 = replse7.matcher(html);
html=matcher7.replaceAll("");
Matcher matcher8 = replse8.matcher(html);
html=matcher8.replaceAll(" ");
Matcher matcher9 = replse9.matcher(html);
html=matcher9.replaceAll(" ");
}catch (Exception e) {
e.printStackTrace();
}
return html;
}
public static void main(String[] args) {
String str1="<script type=\"text/javascript\">alert(\"aaa\");</script>";
String str2="<link rel='stylesheet' href='/charts/Style.css' type='text/css' />111<link rel='stylesheet' href='/charts/Style.css' type='text/css'>222</link>";
String str3="<style>.padding:50px;</style>";
String str4="<iframe src='/index/visitSum.do' name='visitingSum' style='display:none'>3333</iframe><iframe src='/index/visitSum.do' name='visitingSum' style='display:none'/>";
String str5="<div onMouse='javascript:alert();' expression(\"aaaaaaaaaaaaaa\")>onMouse='aaa()<div>";
/* System.out.println(replseJs(str));
System.out.println(replseJs(str1));*/
System.out.println("1:"+replseJs(str1));
System.out.println("2:"+replseJs(str2));
System.out.println("3:"+replseJs(str3));
System.out.println("4:"+replseJs(str4));
System.out.println("5:"+replseJs(str5));
}
}
©著作权归作者所有:来自51CTO博客作者mb606fbfbce3fd6的原创作品,如需转载,请注明出处,否则将追究法律责任更多相关文章
- 使用shell脚本监控Linux主机
- Linux下安装linux tar.gz包
- 更改sqlplus命令提示符的样式
- Spring Security + OAuth2 精讲 多场景打造企业级认证与授权
- Server Core App Compatibility
- 教你如何在 Linux 中锁定和解锁多个用户
- 来勾搭吗?我是运维服务商
- crontab 拨号 不生效
- MFS+Keepalived双机高可用热备方案操作记录