Java正则表达式过滤脚本威胁--封装类
2012-09-29 10:52
381 查看
import java.util.regex.Matcher;
import java.util.regex.Pattern;
/**
* 正则表达式过滤脚本威胁
* Title: webCourse2010<br>
* Description: <br>
* Copyright: Copyright (c) 2011 <br>
* Create DateTime: Nov 21, 2011 1:55:29 PM <br>
* CVS last modify person: rexqing <br>
* CVS last modify DateTime: Nov 21, 2011 1:55:29 PM <br>
* CVS last version: <br>
* @author 邓清泉
*/
public class ReplseJs {
public static String replseJs(String html)
{
try
{
Pattern replse1 = Pattern.compile("<[\\s]*?script[^>]*?>[\\s\\S]*?<[\\s]*?\\/[\\s]*?script[\\s]*?>",Pattern.CASE_INSENSITIVE);
Pattern replse2 = Pattern.compile("<[\\s]*?link[^>]*?>[\\s\\S]*?<[\\s]*?\\/[\\s]*?link[\\s]*?>",Pattern.CASE_INSENSITIVE);
Pattern replse3 = Pattern.compile("<[\\s]*?style[^>]*?>[\\s\\S]*?<[\\s]*?\\/[\\s]*?style[\\s]*?>",Pattern.CASE_INSENSITIVE);
Pattern replse4 = Pattern.compile("<[\\s]*?iframe[^>]*?>[\\s\\S]*?<[\\s]*?\\/[\\s]*?iframe[\\s]*?>",Pattern.CASE_INSENSITIVE);
Pattern replse5 = Pattern.compile("<(script|link|style|iframe)(.|\\n)*<\\/\\>\\s*");
Pattern replse6 = Pattern.compile("javascript");
Pattern replse7 = Pattern.compile("expression\\([^)]+\\)");
Pattern replse8 = Pattern.compile("<[\\s]*?link[^>]*?>",Pattern.CASE_INSENSITIVE);
Pattern replse9 = Pattern.compile("<[\\s]*?iframe[^>]*?>",Pattern.CASE_INSENSITIVE);
Matcher matcher1 = replse1.matcher(html);
html = matcher1.replaceAll("");
Matcher matcher2 = replse2.matcher(html);
html = matcher2.replaceAll("");
Matcher matcher3 = replse3.matcher(html);
html = matcher3.replaceAll("");
Matcher matcher4 = replse4.matcher(html);
html = matcher4.replaceAll("");
Matcher matcher5 = replse5.matcher(html);
html=matcher5.replaceAll("");
Matcher matcher6 = replse6.matcher(html);
html=matcher6.replaceAll(" ");
Matcher matcher7 = replse7.matcher(html);
html=matcher7.replaceAll("");
Matcher matcher8 = replse8.matcher(html);
html=matcher8.replaceAll(" ");
Matcher matcher9 = replse9.matcher(html);
html=matcher9.replaceAll(" ");
}catch (Exception e) {
e.printStackTrace();
}
return html;
}
public static void main(String[] args) {
String str1="<script type=\"text/javascript\">alert(\"aaa\");</script>";
String str2="<link rel='stylesheet' href='/charts/Style.css' type='text/css' />111<link rel='stylesheet' href='/charts/Style.css' type='text/css'>222</link>";
String str3="<style>.padding:50px;</style>";
String str4="<iframe src='/index/visitSum.do' name='visitingSum' style='display:none'>3333</iframe><iframe src='/index/visitSum.do' name='visitingSum' style='display:none'/>";
String str5="<div onMouse='javascript:alert();' expression(\"aaaaaaaaaaaaaa\")>onMouse='aaa()<div>";
/* System.out.println(replseJs(str));
System.out.println(replseJs(str1));*/
System.out.println("1:"+replseJs(str1));
System.out.println("2:"+replseJs(str2));
System.out.println("3:"+replseJs(str3));
System.out.println("4:"+replseJs(str4));
System.out.println("5:"+replseJs(str5));
}
}
import java.util.regex.Pattern;
/**
* 正则表达式过滤脚本威胁
* Title: webCourse2010<br>
* Description: <br>
* Copyright: Copyright (c) 2011 <br>
* Create DateTime: Nov 21, 2011 1:55:29 PM <br>
* CVS last modify person: rexqing <br>
* CVS last modify DateTime: Nov 21, 2011 1:55:29 PM <br>
* CVS last version: <br>
* @author 邓清泉
*/
public class ReplseJs {
public static String replseJs(String html)
{
try
{
Pattern replse1 = Pattern.compile("<[\\s]*?script[^>]*?>[\\s\\S]*?<[\\s]*?\\/[\\s]*?script[\\s]*?>",Pattern.CASE_INSENSITIVE);
Pattern replse2 = Pattern.compile("<[\\s]*?link[^>]*?>[\\s\\S]*?<[\\s]*?\\/[\\s]*?link[\\s]*?>",Pattern.CASE_INSENSITIVE);
Pattern replse3 = Pattern.compile("<[\\s]*?style[^>]*?>[\\s\\S]*?<[\\s]*?\\/[\\s]*?style[\\s]*?>",Pattern.CASE_INSENSITIVE);
Pattern replse4 = Pattern.compile("<[\\s]*?iframe[^>]*?>[\\s\\S]*?<[\\s]*?\\/[\\s]*?iframe[\\s]*?>",Pattern.CASE_INSENSITIVE);
Pattern replse5 = Pattern.compile("<(script|link|style|iframe)(.|\\n)*<\\/\\>\\s*");
Pattern replse6 = Pattern.compile("javascript");
Pattern replse7 = Pattern.compile("expression\\([^)]+\\)");
Pattern replse8 = Pattern.compile("<[\\s]*?link[^>]*?>",Pattern.CASE_INSENSITIVE);
Pattern replse9 = Pattern.compile("<[\\s]*?iframe[^>]*?>",Pattern.CASE_INSENSITIVE);
Matcher matcher1 = replse1.matcher(html);
html = matcher1.replaceAll("");
Matcher matcher2 = replse2.matcher(html);
html = matcher2.replaceAll("");
Matcher matcher3 = replse3.matcher(html);
html = matcher3.replaceAll("");
Matcher matcher4 = replse4.matcher(html);
html = matcher4.replaceAll("");
Matcher matcher5 = replse5.matcher(html);
html=matcher5.replaceAll("");
Matcher matcher6 = replse6.matcher(html);
html=matcher6.replaceAll(" ");
Matcher matcher7 = replse7.matcher(html);
html=matcher7.replaceAll("");
Matcher matcher8 = replse8.matcher(html);
html=matcher8.replaceAll(" ");
Matcher matcher9 = replse9.matcher(html);
html=matcher9.replaceAll(" ");
}catch (Exception e) {
e.printStackTrace();
}
return html;
}
public static void main(String[] args) {
String str1="<script type=\"text/javascript\">alert(\"aaa\");</script>";
String str2="<link rel='stylesheet' href='/charts/Style.css' type='text/css' />111<link rel='stylesheet' href='/charts/Style.css' type='text/css'>222</link>";
String str3="<style>.padding:50px;</style>";
String str4="<iframe src='/index/visitSum.do' name='visitingSum' style='display:none'>3333</iframe><iframe src='/index/visitSum.do' name='visitingSum' style='display:none'/>";
String str5="<div onMouse='javascript:alert();' expression(\"aaaaaaaaaaaaaa\")>onMouse='aaa()<div>";
/* System.out.println(replseJs(str));
System.out.println(replseJs(str1));*/
System.out.println("1:"+replseJs(str1));
System.out.println("2:"+replseJs(str2));
System.out.println("3:"+replseJs(str3));
System.out.println("4:"+replseJs(str4));
System.out.println("5:"+replseJs(str5));
}
}
相关文章推荐
- JAVA正则表达式过滤文件的实现方法
- java正则表达式过滤html标签
- 正则表达式过滤HTML危险脚本
- Java过滤特殊字符的正则表达式
- java正则表达式 过滤特殊字符的正则表达式
- java正则表达式 过滤特殊字符的正则表达式
- Java中过滤出字母、数字和中文的正则表达式
- java使用正则表达式过滤所有的字符和数字
- java正则表达式 过滤特殊字符的正则表达式
- java正则表达式过滤html标签
- 【总结】java regex 正则表达式 提取数字和去除数字,过滤数字,提取价格
- Java正则表达式过滤汉字
- HBase中正则过滤表达式与JAVA正则表达式不一致问题的分析和解决
- java 代码里写正则表达式过滤特殊字符的写法
- java版的webservice,完全用java的正则表达式对websercice的xml进行解析,可以很快用到web中,只需要调用其中的封装好的方法
- java使用正则表达式过滤html标签
- java 正则表达式 替换过滤HTML标签
- 用正则表达式过滤脚本的研究(ASP.net)
- 用正则表达式过滤脚本的一些研究(asp.net + C#)
- Java正则表达式过滤汉字