{"id":1975,"date":"2023-04-01T10:39:16","date_gmt":"2023-04-01T02:39:16","guid":{"rendered":"https:\/\/www.appblog.cn\/?p=1975"},"modified":"2023-04-22T08:30:30","modified_gmt":"2023-04-22T00:30:30","slug":"no-modifications-are-allowed-to-a-locked-parametermap","status":"publish","type":"post","link":"https:\/\/www.appblog.cn\/index.php\/2023\/04\/01\/no-modifications-are-allowed-to-a-locked-parametermap\/","title":{"rendered":"No modifications are allowed to a locked ParameterMap \u89e3\u51b3\u65b9\u6848"},"content":{"rendered":"

\u4f7f\u7528Filter<\/code>\u8fc7\u6ee4\u5668\u5b8c\u6210\u5bf9\u654f\u611f\u8bcd\u6c47\u7684\u8fc7\u6ee4\uff0c\u5728\u5224\u65ad\u65b9\u6cd5\u540d\u662fgetParameterMap<\/code>\u65f6\u51fa\u73b0\u5982\u4e0b\u5982\u4e0b\u62a5\u9519\u7684\u95ee\u9898\uff1a<\/p>\n

java.lang.IllegalStateException: No modifications are allowed to a locked ParameterMap<\/code><\/pre>\n
\u7ed3\u679c\u67e5\u4e86\u4e00\u4e0b\u53d1\u73b0\u8fd9\u662f\u7531\u4e8ejavax.servlet.ServletRequest<\/code> getParameterMap<\/code> method \u8fd4\u56de\u7684\u662f\u4e00\u4e2a\u4e0d\u53ef\u53d8(immutable)\u7684\u5bf9\u8c61,<\/p>\n
<\/p>\n
\u4ec0\u4e48\u662fImmutable class?<\/p>\n
\u521b\u5efa\u4e00\u4e2aImmutable \u7c7b\u9700\u8981\u6ee1\u8db3\u4ee5\u4e0b\u6761\u4ef6\uff1a<\/p>\n
    \n
  • \u7528final \u58f0\u660e\u7c7b\uff0c\u4f7f\u7c7b\u4e0d\u53ef\u4ee5\u88ab\u7ee7\u627f<\/li>\n
  • \u6240\u6709\u7684\u5c5e\u6027\u5b57\u6bb5\u90fd\u7528private \u4fee\u9970\uff0c\u4ee5\u81f3\u4e8e\u4e0d\u80fd\u76f4\u63a5\u8bbf\u95ee\u5c5e\u6027<\/li>\n
  • \u4e0d\u63d0\u4f9bsetter \u65b9\u6cd5<\/li>\n
  • \u4f7f\u6240\u6709\u7684mutable fields \u7528final \u4fee\u9970\uff0c\u4ee5\u81f3\u4e8e\u8fd9\u4e2a\u503c\u53ea\u80fd\u88ab\u5206\u914d\u4e00\u6b21<\/li>\n
  • \u7528\u6784\u9020\u51fd\u6570 \u6df1\u5ea6copy \u548c\u521d\u59cb\u5316\u6240\u6709\u7684\u5b57\u6bb5<\/li>\n
  • \u5728Getter\u65b9\u6cd5\u91cc\u901a\u8fc7clone \u5bf9\u8c61\uff0c\u76f8\u5f53\u4e8e\u8fd4\u56de\u4e00\u4e2a\u5b9e\u9645\u5bf9\u8c61\u7684\u5f15\u7528<\/li>\n<\/ul>\n
    \u800c\u5728\u62e6\u622a\u4e86getParameterMap<\/code>\u7684\u6570\u636e\u540e\uff0c\u7531\u4e8e\u8981\u5c06\u542b\u654f\u611f\u8bcd\u6c47\u7684\u5355\u8bcd\u53d8\u4e3a***<\/code>\uff0c\u56e0\u6b64\u662f\u4f7f\u7528map.put<\/code>\u6765\u8fdb\u884c\u6539\u53d8\u7684\uff0c\u8fd9\u5c31\u8fdd\u53cd\u4e86\u7b2c\u56db\u6761\u539f\u5219\uff0c\u8be5\u503c\u53ea\u80fd\u88ab\u5206\u914d\u4e00\u6b21\uff0c\u800c\u89e3\u51b3\u529e\u6cd5\u4fbf\u662f\u5728\u5bf9\u5e94\u7684Filter\u65b9\u6cd5\u4e2d\u521b\u5efa\u4e00\u4e2a\u65b0\u7684map,\u5c06\u62e6\u622a\u7684map\u8d4b\u503c\u7ed9\u8fd9\u4e2a\u65b0\u7684map\uff0c\u518d\u8fd4\u56de\u8fd9\u4e2a\u88ab\u8d4b\u503c\u7684map\u5373\u53ef<\/strong><\/p>\n
    \u4ee3\u7801\u5982\u4e0b\uff08\u5176\u4e2d\u5305\u542b\u4e86\u62e6\u622agetParameter\u65b9\u6cd5\uff09<\/p>\n
    \/**\n * \u654f\u611f\u8bcd\u6c47\u8fc7\u6ee4\u5668\n *\/\n@WebFilter("\/*")\npublic class SensitiveWordsFilter implements Filter {\n\n    private List<String> list = new ArrayList<String>(); \/\/\u654f\u611f\u8bcd\u6c47\u96c6\u5408\n\n    private Map<String, String[]> map; \/\/\u521b\u5efa\u4e00\u4e2amap\uff0c\u7528\u4e8e\u8fd4\u56de\n\n    public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {\n        \/\/1.\u521b\u5efa\u4ee3\u7406\u5bf9\u8c61\uff0c\u589e\u5f3agetParameter\u65b9\u6cd5\n\n        ServletRequest proxyReq = (ServletRequest) Proxy.newProxyInstance(req.getClass().getClassLoader(), req.getClass().getInterfaces(), new InvocationHandler() {\n                @Override\n                public Object invoke(Object proxy, Method method, Object[] args) throws Throwable {\n                    \/\/\u589e\u5f3agetParameter\u65b9\u6cd5\n                    \/\/\u5224\u65ad\u662f\u5426\u662fgetParameter\u65b9\u6cd5\n                    if (method.getName().equals("getParameter")) {\n                        \/\/\u589e\u5f3a\u8fd4\u56de\u503c\n                        \/\/\u83b7\u53d6\u8fd4\u56de\u503c\n                        String value = (String) method.invoke(req, args);\n                        if (value != null) {\n                            for (String str : list) {\n                                if (value.contains(str)) {\n                                    value = value.replaceAll(str, "***");\n                                }\n                            }\n                        }\n                        return  value;\n                    }\n                    \/\/\u5224\u65ad\u65b9\u6cd5\u540d\u662f\u5426\u662f getParameterMap\n                    if (method.getName().equals("getParameterMap")) {\n                        Map<String, String[]> maps = (Map<String, String[]>) method.invoke(req, args);\n                        map = maps;\n                        Set set = map.keySet();\n                        Iterator it = set.iterator();\n                        while (it.hasNext()) {\n                            String xh = (String) it.next();\n                            String[] value = map.get(xh);\n                            for (String str:list) {\n                                if (value[0].contains(str)) {\n                                    value[0] = value[0].replaceAll(str, "***");\n                                }\n                            }\n                        }\n                        return map;\n                    }\n                    return method.invoke(req, args);\n                }\n                });\n            \/\/2.\u653e\u884c\n            chain.doFilter(proxyReq, resp);\n    }\n\n    public void init(FilterConfig config) throws ServletException {\n        try{\n            \/\/1.\u83b7\u53d6\u6587\u4ef6\u771f\u5b9e\u8def\u5f84\n            ServletContext servletContext = config.getServletContext();\n            String realPath = servletContext.getRealPath("\/WEB-INF\/classes\/\u654f\u611f\u8bcd\u6c47.txt");\n            \/\/2.\u8bfb\u53d6\u6587\u4ef6\n            BufferedReader br = new BufferedReader(new FileReader(realPath));\n            \/\/3.\u5c06\u6587\u4ef6\u7684\u6bcf\u4e00\u884c\u6570\u636e\u6dfb\u52a0\u5230list\u4e2d\n            String line = null;\n            while ((line = br.readLine())!=null) {\n                list.add(line);\n            }\n\n            br.close();\n            log.info(list);\n\n        } catch (Exception e) {\n            log.info("", e);\n        }\n    }\n\n    public void destroy() {\n    }\n}<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
    \u4f7f\u7528Filter\u8fc7\u6ee4\u5668\u5b8c\u6210\u5bf9\u654f\u611f\u8bcd\u6c47\u7684\u8fc7\u6ee4\uff0c\u5728\u5224\u65ad\u65b9\u6cd5\u540d\u662fgetParameterMap\u65f6\u51fa\u73b0\u5982\u4e0b\u5982\u4e0b\u62a5\u9519\u7684\u95ee […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[43],"tags":[],"class_list":["post-1975","post","type-post","status-publish","format-standard","hentry","category-java-basic"],"_links":{"self":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts\/1975","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/comments?post=1975"}],"version-history":[{"count":0,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts\/1975\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/media?parent=1975"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/categories?post=1975"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/tags?post=1975"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}