下面列出了怎么用javax.servlet.http.HttpServletResponseWrapper的API类实例代码及写法,或者点击链接到github查看源代码。
/**
* Delegate OPTIONS requests to {@link #processRequest}, if desired.
* <p>Applies HttpServlet's standard OPTIONS processing otherwise,
* and also if there is still no 'Allow' header set after dispatching.
* @see #doService
*/
@Override
protected void doOptions(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
if (this.dispatchOptionsRequest || CorsUtils.isPreFlightRequest(request)) {
processRequest(request, response);
if (response.containsHeader("Allow")) {
// Proper OPTIONS response coming from a handler - we're done.
return;
}
}
// Use response wrapper in order to always add PATCH to the allowed methods
super.doOptions(request, new HttpServletResponseWrapper(response) {
@Override
public void setHeader(String name, String value) {
if ("Allow".equals(name)) {
value = (StringUtils.hasLength(value) ? value + ", " : "") + HttpMethod.PATCH.name();
}
super.setHeader(name, value);
}
});
}
@Test
public void decoratedNativeRequest() {
HttpServletRequest decoratedRequest = new HttpServletRequestWrapper(servletRequest);
HttpServletResponse decoratedResponse = new HttpServletResponseWrapper(servletResponse);
ServletWebRequest request = new ServletWebRequest(decoratedRequest, decoratedResponse);
assertSame(decoratedRequest, request.getNativeRequest());
assertSame(decoratedRequest, request.getNativeRequest(ServletRequest.class));
assertSame(decoratedRequest, request.getNativeRequest(HttpServletRequest.class));
assertSame(servletRequest, request.getNativeRequest(MockHttpServletRequest.class));
assertNull(request.getNativeRequest(MultipartRequest.class));
assertSame(decoratedResponse, request.getNativeResponse());
assertSame(decoratedResponse, request.getNativeResponse(ServletResponse.class));
assertSame(decoratedResponse, request.getNativeResponse(HttpServletResponse.class));
assertSame(servletResponse, request.getNativeResponse(MockHttpServletResponse.class));
assertNull(request.getNativeResponse(MultipartRequest.class));
}
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
FilterChain filterChain) throws ServletException, IOException {
filterChain.doFilter(new HttpServletRequestWrapper(request) {
@Override
public Principal getUserPrincipal() {
return () -> PRINCIPAL_NAME;
}
// Like Spring Security does in HttpServlet3RequestFactory..
@Override
public AsyncContext getAsyncContext() {
return super.getAsyncContext() != null ?
new AsyncContextWrapper(super.getAsyncContext()) : null;
}
}, new HttpServletResponseWrapper(response));
}
/**
* Delegate OPTIONS requests to {@link #processRequest}, if desired.
* <p>Applies HttpServlet's standard OPTIONS processing otherwise,
* and also if there is still no 'Allow' header set after dispatching.
* @see #doService
*/
@Override
protected void doOptions(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
if (this.dispatchOptionsRequest || CorsUtils.isPreFlightRequest(request)) {
processRequest(request, response);
if (response.containsHeader("Allow")) {
// Proper OPTIONS response coming from a handler - we're done.
return;
}
}
// Use response wrapper in order to always add PATCH to the allowed methods
super.doOptions(request, new HttpServletResponseWrapper(response) {
@Override
public void setHeader(String name, String value) {
if ("Allow".equals(name)) {
value = (StringUtils.hasLength(value) ? value + ", " : "") + HttpMethod.PATCH.name();
}
super.setHeader(name, value);
}
});
}
@Test
public void decoratedNativeRequest() {
HttpServletRequest decoratedRequest = new HttpServletRequestWrapper(servletRequest);
HttpServletResponse decoratedResponse = new HttpServletResponseWrapper(servletResponse);
ServletWebRequest request = new ServletWebRequest(decoratedRequest, decoratedResponse);
assertSame(decoratedRequest, request.getNativeRequest());
assertSame(decoratedRequest, request.getNativeRequest(ServletRequest.class));
assertSame(decoratedRequest, request.getNativeRequest(HttpServletRequest.class));
assertSame(servletRequest, request.getNativeRequest(MockHttpServletRequest.class));
assertNull(request.getNativeRequest(MultipartRequest.class));
assertSame(decoratedResponse, request.getNativeResponse());
assertSame(decoratedResponse, request.getNativeResponse(ServletResponse.class));
assertSame(decoratedResponse, request.getNativeResponse(HttpServletResponse.class));
assertSame(servletResponse, request.getNativeResponse(MockHttpServletResponse.class));
assertNull(request.getNativeResponse(MultipartRequest.class));
}
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
FilterChain filterChain) throws ServletException, IOException {
filterChain.doFilter(new HttpServletRequestWrapper(request) {
@Override
public Principal getUserPrincipal() {
return () -> PRINCIPAL_NAME;
}
// Like Spring Security does in HttpServlet3RequestFactory..
@Override
public AsyncContext getAsyncContext() {
return super.getAsyncContext() != null ?
new AsyncContextWrapper(super.getAsyncContext()) : null;
}
}, new HttpServletResponseWrapper(response));
}
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
HttpServletResponseWrapper httpResponse = new HttpServletResponseWrapper(response);
Throwable failed = null;
long start = System.currentTimeMillis();
try {
filterChain.doFilter(request, httpResponse);
} catch (Throwable e) {
failed = e;
log.error("request failed...", e);
} finally {
String requestString = dumpRequest(request);
long duration = System.currentTimeMillis() - start;
if (failed != null) {
log.error("[" + requestString + ",F," + duration + "ms," + httpResponse.getStatus() + "]");
} else if (duration > threshold) {
log.warn("[" + requestString + ",Y," + duration + "ms," + httpResponse.getStatus() + "]");
} else {
log.info("[" + requestString + ",Y," + duration + "ms," + httpResponse.getStatus() + "]");
}
}
}
/**
* Delegate OPTIONS requests to {@link #processRequest}, if desired.
* <p>Applies HttpServlet's standard OPTIONS processing otherwise,
* and also if there is still no 'Allow' header set after dispatching.
* @see #doService
*/
@Override
protected void doOptions(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
if (this.dispatchOptionsRequest || CorsUtils.isPreFlightRequest(request)) {
processRequest(request, response);
if (response.containsHeader("Allow")) {
// Proper OPTIONS response coming from a handler - we're done.
return;
}
}
// Use response wrapper for Servlet 2.5 compatibility where
// the getHeader() method does not exist
super.doOptions(request, new HttpServletResponseWrapper(response) {
@Override
public void setHeader(String name, String value) {
if ("Allow".equals(name)) {
value = (StringUtils.hasLength(value) ? value + ", " : "") + HttpMethod.PATCH.name();
}
super.setHeader(name, value);
}
});
}
public static HttpServletResponse moveWrapper(String resWrapperName, HttpServletResponse response) {
while (HttpServletResponseWrapper.class.isAssignableFrom(response.getClass())) {
if (!resWrapperName.equals(response.getClass().getName())) {
HttpServletResponse innerResponse = (HttpServletResponse) ReflectionHelper.getField(response.getClass(), response, "response");
if (innerResponse == null) {
return response;
}
else {
response = innerResponse;
}
}
else {
return response;
}
}
return response;
}
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) {
Cookie cookie = new Cookie("name", unknown());
cookie.setValue(req.getParameter("p") + "x");
resp.setHeader("header", req.getParameter("h1"));
resp.addHeader("header", unknown());
callCookieSink(req.getParameter("h2"));
String encoded = ESAPI.encoder().encodeForURL(req.getParameter("h3"));
resp.addHeader("header", ESAPI.encoder().decodeFromURL(encoded));
// false positives
String safe = "x".concat("y");
Cookie safeCookie = new Cookie("name", safe);
safeCookie.setValue(safe + "x");
resp.setHeader("header", safe);
resp.addHeader("header", encoded.concat(safe));
HttpServletResponseWrapper resWrapper = new HttpServletResponseWrapper(resp);
resWrapper.setHeader("header2",req.getParameter("a"));
resWrapper.addHeader("header3",req.getParameter("b"));
}
/**
* Delegate OPTIONS requests to {@link #processRequest}, if desired.
* <p>Applies HttpServlet's standard OPTIONS processing otherwise,
* and also if there is still no 'Allow' header set after dispatching.
* @see #doService
*/
@Override
protected void doOptions(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
if (this.dispatchOptionsRequest || CorsUtils.isPreFlightRequest(request)) {
processRequest(request, response);
if (response.containsHeader("Allow")) {
// Proper OPTIONS response coming from a handler - we're done.
return;
}
}
// Use response wrapper for Servlet 2.5 compatibility where
// the getHeader() method does not exist
super.doOptions(request, new HttpServletResponseWrapper(response) {
@Override
public void setHeader(String name, String value) {
if ("Allow".equals(name)) {
value = (StringUtils.hasLength(value) ? value + ", " : "") + RequestMethod.PATCH.name();
}
super.setHeader(name, value);
}
});
}
@Test
public void decoratedNativeRequest() {
HttpServletRequest decoratedRequest = new HttpServletRequestWrapper(servletRequest);
HttpServletResponse decoratedResponse = new HttpServletResponseWrapper(servletResponse);
ServletWebRequest request = new ServletWebRequest(decoratedRequest, decoratedResponse);
assertSame(decoratedRequest, request.getNativeRequest());
assertSame(decoratedRequest, request.getNativeRequest(ServletRequest.class));
assertSame(decoratedRequest, request.getNativeRequest(HttpServletRequest.class));
assertSame(servletRequest, request.getNativeRequest(MockHttpServletRequest.class));
assertNull(request.getNativeRequest(MultipartRequest.class));
assertSame(decoratedResponse, request.getNativeResponse());
assertSame(decoratedResponse, request.getNativeResponse(ServletResponse.class));
assertSame(decoratedResponse, request.getNativeResponse(HttpServletResponse.class));
assertSame(servletResponse, request.getNativeResponse(MockHttpServletResponse.class));
assertNull(request.getNativeResponse(MultipartRequest.class));
}
@Override
protected void doFilterInternal(HttpServletRequest request,
HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
filterChain.doFilter(new HttpServletRequestWrapper(request) {
@Override
public Principal getUserPrincipal() {
return new Principal() {
@Override
public String getName() {
return PRINCIPAL_NAME;
}
};
}
}, new HttpServletResponseWrapper(response));
}
@Override public void onComplete(AsyncEvent e) {
HttpServletRequest req = (HttpServletRequest) e.getSuppliedRequest();
// Use package-private attribute to check if this hook was called redundantly
Object sendHandled = req.getAttribute("brave.servlet.TracingFilter$SendHandled");
if (sendHandled instanceof AtomicBoolean
&& ((AtomicBoolean) sendHandled).compareAndSet(false, true)) {
HttpServletResponse res = (HttpServletResponse) e.getSuppliedResponse();
HttpServerResponse response =
brave.servlet.HttpServletResponseWrapper.create(req, res, e.getThrowable());
handler.handleSend(response, span);
} else {
// TODO: None of our tests reach this condition. Make a concrete case that re-enters the
// onComplete hook or remove the special case
}
}
private String getPage(String page) {
HttpServletResponseWrapper responseWrapper = new HttpServletResponseWrapper(response) {
private final StringWriter sw = new StringWriter();
@Override
public PrintWriter getWriter() throws IOException {
return new PrintWriter(sw);
}
@Override
public String toString() {
return sw.toString();
}
};
try {
request.getRequestDispatcher(page).include(request, responseWrapper);
return responseWrapper.toString();
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
/**
* Set a wrapped HttpServletResponse to pass to the application. Components
* wishing to wrap the response should obtain the response via
* {@link #getResponse()}, wrap it and then call this method with the
* wrapped response.
*
* @param applicationResponse The wrapped response to pass to the
* application
*/
public void setResponse(HttpServletResponse applicationResponse) {
// Check the wrapper wraps this request
ServletResponse r = applicationResponse;
while (r instanceof HttpServletResponseWrapper) {
r = ((HttpServletResponseWrapper) r).getResponse();
}
if (r != facade) {
throw new IllegalArgumentException(sm.getString("response.illegalWrap"));
}
this.applicationResponse = applicationResponse;
}
private static ResponseFacade getResponseFacade(HttpServletResponse response) {
if (response instanceof ResponseFacade) {
return (ResponseFacade) response;
}
else if (response instanceof HttpServletResponseWrapper) {
HttpServletResponseWrapper wrapper = (HttpServletResponseWrapper) response;
HttpServletResponse wrappedResponse = (HttpServletResponse) wrapper.getResponse();
return getResponseFacade(wrappedResponse);
}
else {
throw new IllegalArgumentException("Cannot convert [" + response.getClass() +
"] to org.apache.catalina.connector.ResponseFacade");
}
}
/**
* Obtain the underlying {@link MockHttpServletResponse}, unwrapping
* {@link HttpServletResponseWrapper} decorators if necessary.
*/
protected MockHttpServletResponse getMockHttpServletResponse(ServletResponse response) {
if (response instanceof MockHttpServletResponse) {
return (MockHttpServletResponse) response;
}
if (response instanceof HttpServletResponseWrapper) {
return getMockHttpServletResponse(((HttpServletResponseWrapper) response).getResponse());
}
throw new IllegalArgumentException("MockRequestDispatcher requires MockHttpServletResponse");
}
/**
* Obtain the underlying {@link MockHttpServletResponse}, unwrapping
* {@link HttpServletResponseWrapper} decorators if necessary.
*/
protected MockHttpServletResponse getMockHttpServletResponse(ServletResponse response) {
if (response instanceof MockHttpServletResponse) {
return (MockHttpServletResponse) response;
}
if (response instanceof HttpServletResponseWrapper) {
return getMockHttpServletResponse(((HttpServletResponseWrapper) response).getResponse());
}
throw new IllegalArgumentException("MockRequestDispatcher requires MockHttpServletResponse");
}
private MockHttpServletResponse unwrapResponseIfNecessary(ServletResponse servletResponse) {
while (servletResponse instanceof HttpServletResponseWrapper) {
servletResponse = ((HttpServletResponseWrapper) servletResponse).getResponse();
}
Assert.isInstanceOf(MockHttpServletResponse.class, servletResponse);
return (MockHttpServletResponse) servletResponse;
}
@Override
public final void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain filterChain) throws IOException, ServletException {
final HttpServletResponseWrapper httpResponse = new HttpServletResponseWrapper((HttpServletResponse) response);
insertHttpSecurityHeader(httpResponse);
filterChain.doFilter(request, httpResponse);
}
/**
* 解析jsp成html 只能解析当前应用下的jsp文件
* @param request request
* @param response response
* @param file "/WEB-INF/page/index.jsp"
* @return return
* @throws ServletException ServletException
* @throws IOException IOException
*/
public static String parseJsp(HttpServletRequest request, HttpServletResponse response, String file) throws ServletException, IOException {
ServletContext servlet = request.getServletContext();
RequestDispatcher dispatcher = servlet.getRequestDispatcher(file);
final ByteArrayOutputStream os = new ByteArrayOutputStream();
final ServletOutputStream stream = new ServletOutputStream() {
public void write(byte[] data, int offset, int length) {
os.write(data, offset, length);
}
public void write(int b) throws IOException {
os.write(b);
}
@Override
public boolean isReady() {
return false;
}
@Override
public void setWriteListener(WriteListener arg0) {}
};
final PrintWriter writer = new PrintWriter(new OutputStreamWriter(os));
HttpServletResponse resp = new HttpServletResponseWrapper(response) {
public ServletOutputStream getOutputStream() {
return stream;
}
public PrintWriter getWriter() {
return writer;
}
};
dispatcher.include(request, resp);
writer.flush();
String result = os.toString();
if(ConfigTable.isDebug() && ConfigTable.getBoolean("PARSE_JSP_LOG")){
log.warn("[LOAD JSP TEMPLATE][FILE:{}][HTML:{}]", file, result);
}
return result;
}
private static ResponseFacade getResponseFacade(HttpServletResponse response) {
if (response instanceof ResponseFacade) {
return (ResponseFacade) response;
}
else if (response instanceof HttpServletResponseWrapper) {
HttpServletResponseWrapper wrapper = (HttpServletResponseWrapper) response;
HttpServletResponse wrappedResponse = (HttpServletResponse) wrapper.getResponse();
return getResponseFacade(wrappedResponse);
}
else {
throw new IllegalArgumentException("Cannot convert [" + response.getClass() +
"] to org.apache.catalina.connector.ResponseFacade");
}
}
/**
* Obtain the underlying {@link MockHttpServletResponse}, unwrapping
* {@link HttpServletResponseWrapper} decorators if necessary.
*/
protected MockHttpServletResponse getMockHttpServletResponse(ServletResponse response) {
if (response instanceof MockHttpServletResponse) {
return (MockHttpServletResponse) response;
}
if (response instanceof HttpServletResponseWrapper) {
return getMockHttpServletResponse(((HttpServletResponseWrapper) response).getResponse());
}
throw new IllegalArgumentException("MockRequestDispatcher requires MockHttpServletResponse");
}
/**
* Obtain the underlying {@link MockHttpServletResponse}, unwrapping
* {@link HttpServletResponseWrapper} decorators if necessary.
*/
protected MockHttpServletResponse getMockHttpServletResponse(ServletResponse response) {
if (response instanceof MockHttpServletResponse) {
return (MockHttpServletResponse) response;
}
if (response instanceof HttpServletResponseWrapper) {
return getMockHttpServletResponse(((HttpServletResponseWrapper) response).getResponse());
}
throw new IllegalArgumentException("MockRequestDispatcher requires MockHttpServletResponse");
}
private MockHttpServletResponse unwrapResponseIfNecessary(ServletResponse servletResponse) {
while (servletResponse instanceof HttpServletResponseWrapper) {
servletResponse = ((HttpServletResponseWrapper) servletResponse).getResponse();
}
Assert.isInstanceOf(MockHttpServletResponse.class, servletResponse);
return (MockHttpServletResponse) servletResponse;
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponseWrapper wrapper = new HttpServletResponseWrapper((HttpServletResponse) response);
String requestUri = request.getRequestURI();
log.info("本次请求地址是:{}", requestUri);
if (requestUri.contains("/addSession")
|| requestUri.contains("/removeSession")
|| requestUri.contains("/getUserCount")) {
filterChain.doFilter(servletRequest, response);
} else {
// 除了以上三个链接,其他请求转发到 /redirectUrl
wrapper.sendRedirect("/redirectUrl");
}
}
public static HttpServletResponse unwrap(ServletResponse servletResponse)
{
if (servletResponse instanceof HttpServletResponseWrapper)
{
return (HttpServletResponseWrapper)servletResponse;
}
if (servletResponse instanceof ServletResponseWrapper)
{
return unwrap(((ServletResponseWrapper)servletResponse).getResponse());
}
return (HttpServletResponse)servletResponse;
}
public AssetServlet() {
super(new ResourceService() {
@Override
protected void putHeaders(HttpServletResponse response, HttpContent content, long contentLength) {
super.putHeaders(response, content, contentLength);
HttpFields fields;
if (response instanceof Response)
fields = ((Response) response).getHttpFields();
else
fields = ((Response)((HttpServletResponseWrapper) response).getResponse()).getHttpFields();
if (requestHolder.get().getDispatcherType() == DispatcherType.ERROR) {
/*
* Do not cache error page and also makes sure that error page is not eligible for
* modification check. That is, error page will be always retrieved.
*/
fields.put(HttpHeader.CACHE_CONTROL, "must-revalidate,no-cache,no-store");
} else if (requestHolder.get().getRequestURI().equals("/favicon.ico")) {
/*
* Make sure favicon request is cached. Otherwise, it will be requested for every
* page request.
*/
fields.put(HttpHeader.CACHE_CONTROL, "max-age=86400,public");
}
}
});
}
private static boolean hasWrapper(ServletResponse response) {
if (response instanceof RelativeRedirectResponseWrapper) {
return true;
}
while (response instanceof HttpServletResponseWrapper) {
response = ((HttpServletResponseWrapper) response).getResponse();
if (response instanceof RelativeRedirectResponseWrapper) {
return true;
}
}
return false;
}