java-springmvc+filter 替换输出流、response、响应内容

来源：互联网发布：朱元璋北伐知乎编辑：程序博客网时间：2024/06/05 05:41

java-springmvc+filter 替换输出流、response、响应内容

一、问题
1.描述：在使用 filter 替换、修改 response 输出内容时常见的错误如下异常提示
getWriter() has already been called for this response
getOutputStream() has already been called for this response

2.问题产生原因：
getWriter() 和 getOutputStream() 方法互斥，一个 response 只允许调用一次；
getWriter() 对应一个字符流，用于处理纯文本相关的资源；
getOutputStream() 对应一个字节流，用于处理如图片之类的资源；

3.解决办法：
自定义一个包装器继承 HttpServletResponseWrapper 类，并且重写以下两个方法,且两个方法都向同一个输出流中写入内容；
public PrintWriter getWriter();
public PrintWriter getOutputStream();

4.注意：有时访问 jsp 页面或其它内容时，没有内容输出。分析是不是没有调用字节流、字符流的 flush() 方法。

二、下面使用 springmvc 的 OncePerRequestFilter 实现一个替换 response 内容的 filter；当然也可以直接实现 Filter 接口
1. web.xml 配置filter

<!-- 功能权限 filter -->     <filter>  <filter-name>AuthCodeFilter</filter-name>  <filter-class>com.demo.web.filter.AuthCodeFilter</filter-class><init-param><!-- 是否启用登录验证 --><param-name>enable</param-name><param-value>false</param-value></init-param><init-param><!-- 不验证的url(正则表达式)--><param-name>exclude_url</param-name><param-value>(/login\.jsp22)$|(\.css)$|(\.js)$|(\.jpg)$|(\.png)$|(\.gif)$|(\.pdf)$|(\.eot)$|(\.svg)$|(\.ttf)$|(\.woff)$|(\.woff2)$</param-value></init-param><init-param><!-- 验证的content-type(正则表达式)--><param-name>content_type</param-name><param-value>(text/.+)</param-value></init-param>    </filter>    <filter-mapping><filter-name>AuthCodeFilter</filter-name>  <url-pattern>/*</url-pattern>  <dispatcher>REQUEST</dispatcher><dispatcher>FORWARD</dispatcher><dispatcher>INCLUDE</dispatcher><dispatcher>ERROR</dispatcher>    </filter-mapping>

2.AuthCodeFilter.java

package com.demo.web.filter;import java.io.IOException;import java.util.regex.Matcher;import java.util.regex.Pattern;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletOutputStream;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import com.demo.web.rules.sys.AuthRule;import me.grass.coder.Debug;import me.grass.extend.StringExtend;/** * 功能权限筛选器* @author xxj */public class AuthCodeFilter extends org.springframework.web.filter.OncePerRequestFilter{Pattern _pattenUrl;Pattern _pattenContentType;boolean _enbale=true;AuthRule _rule = AuthRule.instance();@Overrideprotected void initFilterBean() throws ServletException {FilterConfig conf = this.getFilterConfig();String enable = conf.getInitParameter("enable");String regex = conf.getInitParameter("exclude_url");String regexContentType = conf.getInitParameter("content_type");Debug.printFormat("{2} init-param: enable={0};exclude_url={1}",enable,regex,this.getClass().getName());_pattenContentType = Pattern.compile(regexContentType, Pattern.CASE_INSENSITIVE);_enbale = StringExtend.getBoolean(enable);// 初始化正则验证器if(_pattenUrl==null){//忽略大小写_pattenUrl = Pattern.compile(regex, Pattern.CASE_INSENSITIVE);Debug.printFormat("{2}初始化；Enable={1};content-type正则：{3}；url正则 ={0};", regex,_enbale,this.getClass().getSimpleName(),regexContentType);}}@Overridepublic void destroy() {}@Overrideprotected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filter)throws ServletException, IOException {//是否启用筛选器if (!_enbale) {filter.doFilter(request, response);return;}HttpServletRequest req = (HttpServletRequest) request;String url = req.getRequestURI();//1 处理 request 请求信息//1.1 不验证的资源Matcher matcher = _pattenUrl.matcher(url);if (matcher.find()) {filter.doFilter(request, response);return;}// 1.2 功能权限验证// 1.2.1 实例化一个响应包装器，用于缓存 response 中的内容到 CharArrayWriter 对象中AuthCodeResponseWrapper authResp = new AuthCodeResponseWrapper((HttpServletResponse) response);// 2  调用 doFilter() 方法，继续执行 filter 链中其它 filterfilter.doFilter(request, authResp);// 3 处理 response 响应信息 ServletOutputStream out = response.getOutputStream();// 3.1  不需要验证的 content-typeString contentType = response.getContentType();if(!StringExtend.isNullOrEmpty(contentType)){matcher = _pattenContentType.matcher(contentType);if(!matcher.find()){authResp.getByteArrayOutputStream().writeTo(out);return;}}// 3.2 filter 链执行结束，获取 CharArrayWriter 的内容// 3.3  将 content 内容进行过滤String content = authResp.getTextContent();String html = content.replece("hello word!","你好，世界！"); //替换敏感词if(StringExtend.isNullOrEmpty(html)){authResp.getByteArrayOutputStream().writeTo(out);return;}// 3.4 将过滤后的内容写入响应流中if(!_rule.isFilter()){//没有进行过功能筛选则原样输出authResp.getByteArrayOutputStream().writeTo(out);return;}//3.5 写入输出流out.write(html.getBytes());Debug.printFormat("[权限过滤] url={0}", url);}}

3.AuthCodeResponseWrapper.java

package com.demo.web.filter;import java.io.ByteArrayOutputStream;import java.io.IOException;import java.io.PrintWriter;import javax.servlet.ServletOutputStream;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpServletResponseWrapper;import me.grass.coder.Debug;/** * 功能权限响应对象* @author xxj */public class AuthCodeResponseWrapper extends HttpServletResponseWrapper {ByteArrayOutputStream _stream = new ByteArrayOutputStream();PrintWriter _pw=new PrintWriter(_stream);public AuthCodeResponseWrapper(HttpServletResponse response) {super(response);}    /**     * 覆盖getWriter()方法，将字符流缓冲到本地     */@Override    public PrintWriter getWriter() throws IOException {Debug.print("getWriter()");return _pw;    } /** * 覆盖getOutputStream()方法，将字节流缓冲到本地 */    @Overridepublic ServletOutputStream getOutputStream() throws IOException {Debug.print("getOutputStream()");    return new ServletOutputStream(){@Overridepublic void write(int b) throws IOException {_stream.write(b);}    };}    /**     * 把缓冲区内容写入输出流后关闭     *      *  @author xxj     */    public void flush(){try {_pw.flush();_pw.close();_stream.flush();_stream.close();} catch (IOException e) {e.printStackTrace();}    }    /**     * 获取字节流     * @return     */    public ByteArrayOutputStream getByteArrayOutputStream(){    return _stream;    }     /**     * 将换出区内容转为文本输出     * @return     */public String getTextContent() {flush();return _stream.toString();    }}

0 0