java 中Filter过滤器过滤了CSS
filter简介
Filter也称之为过滤器,WEB开发人员通过Filter技术,对web
服务器管理的所有web资源:
- 例如Jsp, Servlet,静态图片文件或静态html文件等进行拦截从而实现一些特殊的功能。
- 例如实现URL级别的++权限访问控制++、过滤敏感词汇、++压缩响应信息++等一些高级功能。
Servlet API中提供了一个Filter接口,开发web应用时,如果编写的Java类实现了这个接口,则把这个java类称之为过滤器Filter。通过Filter技术,开发人员可以实现用户在访问某个目标资源之前,对访问的请求和响应进行拦截。
找了这个bug一天:
过滤器详细代码:
/**
* @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
*/
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest)request;
HttpServletResponse resp = (HttpServletResponse)response;
req.setCharacterEncoding("UTF-8");
resp.setContentType("text/html;charset=utf-8");
HttpSession session = req.getSession();
String flag = (String)session.getAttribute("isAdminLogin");
String request_uri = req.getRequestURI();
String ctxPath= req.getContextPath();
String uri= request_uri.substring(ctxPath.length());
/*url判断,对静态文件直接放行*/
if(request_uri.toString().contains(".css") || request_uri.toString().contains(".js") || request_uri.toString().contains(".png")|| request_uri.toString().contains(".do")){
//发现是css或者js文件,直接放行
chain.doFilter(req, resp);
}else {
if(uri.contains("admin_")){
if(flag !=null && flag.equals("1")) {
chain.doFilter(req, resp);
}else{
PrintWriter out = resp.getWriter();
out.write("<script>");
out.write("alert('请您先登录!');");
out.write("location.href='login.jsp';");
out.write("</script>");
out.close();
return;
}
}else{
chain.doFilter(req, resp);
}
}
return;
}
解决方法:
查看控制台(F12),在网络中明明已经出现了需要的common.css和main.css文件
查看请求到的CSS文件的请求头时发现这些CSS文件返回的类型都是text/html类型。
以下是我修改过的代码:
/**
* @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
*/
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest)request;
HttpServletResponse resp = (HttpServletResponse)response;
//req.setCharacterEncoding("UTF-8");
//resp.setContentType("text/html;charset=utf-8");
req.setCharacterEncoding("UTF-8");
resp.setCharacterEncoding("utf-8");
HttpSession session = req.getSession();
String flag = (String)session.getAttribute("isAdminLogin");
String request_uri = req.getRequestURI();
String ctxPath= req.getContextPath();
String uri= request_uri.substring(ctxPath.length());
/*url判断,对静态文件直接放行*/
if(request_uri.toString().contains(".css") || request_uri.toString().contains(".js") || request_uri.toString().contains(".png")|| request_uri.toString().contains(".do")){
//发现是css或者js文件,直接放行
chain.doFilter(req, resp);
}else {
if(uri.contains("admin_")){
if(flag !=null && flag.equals("1")) {
chain.doFilter(req, resp);
}else{
PrintWriter out = resp.getWriter();
out.write("<script>");
out.write("alert('请您先登录!');");
out.write("location.href='login.jsp';");
out.write("</script>");
out.close();
return;
}
}else{
chain.doFilter(req, resp);
}
}
return;
}
重点:
但这样并没有解决问题,还要在对应的jsp页面去掉<!DOCTYPE html>如图所示:
最后刷新一下浏览器就可以解决了。