【笔记】Spring MVC学习指南(十二)下载文件
2015-10-06 23:37
856 查看
《SpringMVC学习指南》的最终章。
这章主要讲的文件下载,更多的是指如何绕过直接下载,通过验证获取文件。
先来看第一部分,如何通过验证才能获取文件(配置文件那部分,没有新的内容,就不贴出来了):
package app12a.controller;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.OutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import app12a.domain.Login;
@Controller
public class ResourceController {
private static final Log logger = LogFactory.getLog(ResourceController.class);
@RequestMapping(value = "/login")
public String login(@ModelAttribute Login login, HttpSession session, Model model) {
model.addAttribute("login", new Login());
// 硬编码,也只有在演示时才会这么做,实际工作中,这么做,是要被骂惨的o_O
if ("paul".equals(login.getUserName()) && "secret".equals(login.getPassword())) {
session.setAttribute("loggedIn", Boolean.TRUE);
return "Main";
} else {
return "LoginForm";
}
}
@RequestMapping(value = "/resource_download")
public String downloadResource(HttpSession session, HttpServletRequest request, HttpServletResponse response) {
if (session == null || session.getAttribute("loggedIn") == null) {
return "LoginForm";
}
String dataDirectory = request.getServletContext().getRealPath("/WEB-INF/data");
File file = new File(dataDirectory, "secret.pdf");
if (file.exists()) {
// 接下来的两行代码,对于实现弹窗下载,是标准代码,记住!!!
response.setContentType("application/pdf"); // 如果不清楚内容类型,可以改为"application/octet-stream",不区分大小写
response.addHeader("Content-Disposition", "attachment; filename=secret.pdf"); // filename为弹窗时显示的名称
// 接下来的代码也可以当模板对待,记住没坏处!!!
byte[] buffer = new byte[1024];
FileInputStream fis = null;
BufferedInputStream bis = null;
// if using Java 7, use try-with-resources
try {
fis = new FileInputStream(file);
bis = new BufferedInputStream(fis);
OutputStream os = response.getOutputStream();
int i = bis.read(buffer);
while (i != -1) {
os.write(buffer, 0, i);
i = bis.read(buffer);
}
} catch (IOException ex) {
// do something,
// probably forward to an Error page
} finally {
if (bis != null) {
try {
bis.close();
} catch (IOException e) {
}
}
if (fis != null) {
try {
fis.close();
} catch (IOException e) {
}
}
}
}
return null;
}
}
其实就是很简单的那么回事,最重要的知识点,感觉还是response.setContentType()和response.addHeader()。
接下来还有一部分讲解了如何防止交叉引用,简单地说,就是防止别人盗用你的资源,做到只有当referer标题中包含你的域名时才发出资源。
package app12a.controller;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.OutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
@Controller
public class ImageController {
private static final Log logger = LogFactory.getLog(ImageController.class);
@RequestMapping(value = "/image_get/{id}", method = RequestMethod.GET)
public void getImage(@PathVariable String id, HttpServletRequest request, HttpServletResponse response, @RequestHeader String referer) { // @RequestHeader String referer 唯一知识点
if (referer != null) {
String imageDirectory = request.getServletContext().getRealPath("/WEB-INF/image");
File file = new File(imageDirectory, id + ".jpg");
if (file.exists()) {
response.setContentType("image/jpg");
byte[] buffer = new byte[1024];
FileInputStream fis = null;
BufferedInputStream bis = null;
// if you're using Java 7, use try-with-resources
try {
fis = new FileInputStream(file);
bis = new BufferedInputStream(fis);
OutputStream os = response.getOutputStream();
int i = bis.read(buffer);
while (i != -1) {
os.write(buffer, 0, i);
i = bis.read(buffer);
}
} catch (IOException ex) {
// do something here
} finally {
if (bis != null) {
try {
bis.close();
} catch (IOException e) {
}
}
if (fis != null) {
try {
fis.close();
} catch (IOException e) {
}
}
}
}
}
}
}
运行截图:
至此,《SpringMVC学习指南》的正文部分就结束了,毫无疑问,都是最基础的知识点,不过入门了,再学深的知识点,会快得多!!
这章主要讲的文件下载,更多的是指如何绕过直接下载,通过验证获取文件。
先来看第一部分,如何通过验证才能获取文件(配置文件那部分,没有新的内容,就不贴出来了):
package app12a.controller;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.OutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import app12a.domain.Login;
@Controller
public class ResourceController {
private static final Log logger = LogFactory.getLog(ResourceController.class);
@RequestMapping(value = "/login")
public String login(@ModelAttribute Login login, HttpSession session, Model model) {
model.addAttribute("login", new Login());
// 硬编码,也只有在演示时才会这么做,实际工作中,这么做,是要被骂惨的o_O
if ("paul".equals(login.getUserName()) && "secret".equals(login.getPassword())) {
session.setAttribute("loggedIn", Boolean.TRUE);
return "Main";
} else {
return "LoginForm";
}
}
@RequestMapping(value = "/resource_download")
public String downloadResource(HttpSession session, HttpServletRequest request, HttpServletResponse response) {
if (session == null || session.getAttribute("loggedIn") == null) {
return "LoginForm";
}
String dataDirectory = request.getServletContext().getRealPath("/WEB-INF/data");
File file = new File(dataDirectory, "secret.pdf");
if (file.exists()) {
// 接下来的两行代码,对于实现弹窗下载,是标准代码,记住!!!
response.setContentType("application/pdf"); // 如果不清楚内容类型,可以改为"application/octet-stream",不区分大小写
response.addHeader("Content-Disposition", "attachment; filename=secret.pdf"); // filename为弹窗时显示的名称
// 接下来的代码也可以当模板对待,记住没坏处!!!
byte[] buffer = new byte[1024];
FileInputStream fis = null;
BufferedInputStream bis = null;
// if using Java 7, use try-with-resources
try {
fis = new FileInputStream(file);
bis = new BufferedInputStream(fis);
OutputStream os = response.getOutputStream();
int i = bis.read(buffer);
while (i != -1) {
os.write(buffer, 0, i);
i = bis.read(buffer);
}
} catch (IOException ex) {
// do something,
// probably forward to an Error page
} finally {
if (bis != null) {
try {
bis.close();
} catch (IOException e) {
}
}
if (fis != null) {
try {
fis.close();
} catch (IOException e) {
}
}
}
}
return null;
}
}
<%@ taglib prefix="form" uri="http://www.springframework.org/tags/form" %> <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %> <!DOCTYPE HTML> <html> <head> <title>Login</title> <style type="text/css">@import url("<c:url value="/css/main.css"/>");</style> </head> <body> <div id="global"> <form:form commandName="login" action="login" method="post"> <fieldset> <legend>Login</legend> <p> <label for="userName">User Name: </label> <form:input id="userName" path="userName" cssErrorClass="error"/> </p> <p> <label for="password">Password: </label> <form:password id="password" path="password" cssErrorClass="error"/> </p> <p id="buttons"> <input id="reset" type="reset" tabindex="4"> <input id="submit" type="submit" tabindex="5" value="Login"> </p> </fieldset> </form:form> </div> </body> </html>
其实就是很简单的那么回事,最重要的知识点,感觉还是response.setContentType()和response.addHeader()。
接下来还有一部分讲解了如何防止交叉引用,简单地说,就是防止别人盗用你的资源,做到只有当referer标题中包含你的域名时才发出资源。
package app12a.controller;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.OutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
@Controller
public class ImageController {
private static final Log logger = LogFactory.getLog(ImageController.class);
@RequestMapping(value = "/image_get/{id}", method = RequestMethod.GET)
public void getImage(@PathVariable String id, HttpServletRequest request, HttpServletResponse response, @RequestHeader String referer) { // @RequestHeader String referer 唯一知识点
if (referer != null) {
String imageDirectory = request.getServletContext().getRealPath("/WEB-INF/image");
File file = new File(imageDirectory, id + ".jpg");
if (file.exists()) {
response.setContentType("image/jpg");
byte[] buffer = new byte[1024];
FileInputStream fis = null;
BufferedInputStream bis = null;
// if you're using Java 7, use try-with-resources
try {
fis = new FileInputStream(file);
bis = new BufferedInputStream(fis);
OutputStream os = response.getOutputStream();
int i = bis.read(buffer);
while (i != -1) {
os.write(buffer, 0, i);
i = bis.read(buffer);
}
} catch (IOException ex) {
// do something here
} finally {
if (bis != null) {
try {
bis.close();
} catch (IOException e) {
}
}
if (fis != null) {
try {
fis.close();
} catch (IOException e) {
}
}
}
}
}
}
}
运行截图:
至此,《SpringMVC学习指南》的正文部分就结束了,毫无疑问,都是最基础的知识点,不过入门了,再学深的知识点,会快得多!!
相关文章推荐
- 10.06JAVA学习收获
- 【java】双人五子棋代码
- ubuntu下Android开发环境的搭建:eclipse+SDK详细安装教程+常见问题及其解决方案
- ubuntu装jdk
- Java web 图片上传(文件上传)
- Java产生随机数
- Java内部类
- java移位运算符详解
- 【超经典】Java多态有什么好处?怎样用?
- struts <html:form>: Module 'null' not found
- 【笔记】Spring MVC学习指南(十一)上传文件
- 大龄屌丝自学笔记--Java零基础到菜鸟--026
- 深入理解Java的接口和抽象类
- 常见的几种RuntimeException
- 第6周-π的近似值
- Java基础知识学习
- java实现杨辉三角,输出对齐
- java复习:线程间通信
- 第6周-打印金字塔形的数字
- JavaBean的编译和部署说明