Java正则表达式过滤脚本威胁--封装类

来源：互联网发布：中国博硕士论文数据库编辑：程序博客网时间：2024/05/21 14:42

import java.util.regex.Matcher;

import java.util.regex.Pattern;

/**

* 正则表达式过滤脚本威胁

* Title: webCourse2010<br>

* Description: <br>

* Create DateTime: Nov 21, 2011 1:55:29 PM <br>

* CVS last modify person: rexqing <br>

* CVS last modify DateTime: Nov 21, 2011 1:55:29 PM <br>

* CVS last version: <br>

* @author 邓清泉

public class ReplseJs {

public static String replseJs(String html)

{

try

{

Pattern replse1 = Pattern.compile("<[\\s]*?script[^>]*?>[\\s\\S]*?<[\\s]*?\\/[\\s]*?script[\\s]*?>",Pattern.CASE_INSENSITIVE);

Pattern replse2 = Pattern.compile("<[\\s]*?link[^>]*?>[\\s\\S]*?<[\\s]*?\\/[\\s]*?link[\\s]*?>",Pattern.CASE_INSENSITIVE);

Pattern replse3 = Pattern.compile("<[\\s]*?style[^>]*?>[\\s\\S]*?<[\\s]*?\\/[\\s]*?style[\\s]*?>",Pattern.CASE_INSENSITIVE);

Pattern replse4 = Pattern.compile("<[\\s]*?iframe[^>]*?>[\\s\\S]*?<[\\s]*?\\/[\\s]*?iframe[\\s]*?>",Pattern.CASE_INSENSITIVE);

Pattern replse5 = Pattern.compile("<(script|link|style|iframe)(.|\\n)*<\\/\\>\\s*");

Pattern replse6 = Pattern.compile("javascript");

Pattern replse7 = Pattern.compile("expression\\([^)]+\\)");

Pattern replse8 = Pattern.compile("<[\\s]*?link[^>]*?>",Pattern.CASE_INSENSITIVE);

Pattern replse9 = Pattern.compile("<[\\s]*?iframe[^>]*?>",Pattern.CASE_INSENSITIVE);

Matcher matcher1 = replse1.matcher(html);

html = matcher1.replaceAll("");

Matcher matcher2 = replse2.matcher(html);

html = matcher2.replaceAll("");

Matcher matcher3 = replse3.matcher(html);

html = matcher3.replaceAll("");

Matcher matcher4 = replse4.matcher(html);

html = matcher4.replaceAll("");

Matcher matcher5 = replse5.matcher(html);

html=matcher5.replaceAll("");

Matcher matcher6 = replse6.matcher(html);

html=matcher6.replaceAll(" ");

Matcher matcher7 = replse7.matcher(html);

html=matcher7.replaceAll("");

Matcher matcher8 = replse8.matcher(html);

html=matcher8.replaceAll(" ");

Matcher matcher9 = replse9.matcher(html);

html=matcher9.replaceAll(" ");

}catch (Exception e) {

e.printStackTrace();

}

return html;

}

public static void main(String[] args) {

String str1="<script type=\"text/javascript\">alert(\"aaa\");</script>";

String str2="<link rel='stylesheet' href='/charts/Style.css' type='text/css' />111<link rel='stylesheet' href='/charts/Style.css' type='text/css'>222</link>";

String str3="<style>.padding:50px;</style>";

String str4="<iframe src='/index/visitSum.do' name='visitingSum' style='display:none'>3333</iframe><iframe src='/index/visitSum.do' name='visitingSum' style='display:none'/>";

String str5="<div onMouse='javascript:alert();' expression(\"aaaaaaaaaaaaaa\")>onMouse='aaa()<div>";

/* System.out.println(replseJs(str));

System.out.println(replseJs(str1));*/

System.out.println("1:"+replseJs(str1));

System.out.println("2:"+replseJs(str2));

System.out.println("3:"+replseJs(str3));

System.out.println("4:"+replseJs(str4));

System.out.println("5:"+replseJs(str5));

}