spring中HttpServletRequestWrapper装饰者模式是如何理解的?
java实现的装饰者模式:
import java.awt.Font;import java.util.HashMap;
import java.util.Map;
interface FontProvider {
public Font getFont(String name);
}
class DefaultFontProvider implements FontProvider {
public Font getFont(String name) {
return new Font(name, Font.PLAIN, 12);
}
}
class BufferedFontProvider implements FontProvider {
private FontProvider fontProvider;
private Map<String, Font> fontCache = new HashMap();
public BufferedFontProvider(FontProvider fontProvider) {
this.fontProvider = fontProvider;
}
public Font getFont(String name) {
if (!fontCache.containsKey(name)) {
fontCache.put(name, fontProvider.getFont(name));
}
return fontCache.get(name);
}
}
public class Demo {
//这里我们假设这个fontProvider对象是注入的。
private static FontProvider fontProvider = new DefaultFontProvider();
public static void main(String[] args) {
Font font = fontProvider.getFont("微软雅黑");
Font font2 = fontProvider.getFont("微软雅黑");
System.out.println(font == font2);//false
fontProvider = new BufferedFontProvider(fontProvider);
Font font3 = fontProvider.getFont("微软雅黑");
Font font4 = fontProvider.getFont("微软雅黑");
System.out.println(font3 == font4);//true
}
}
HttpServletRequestWrapper是对应上面例子中的BufferedFontProvider?HttpServletRequest是对应例子中的DefaultFontProvider?ServletRequest相当于FontProvider?
关于HttpServletRequest还有一个疑问就是HttpServletRequest是abstract interface,那么在HandlerInterceptorAdapter以及controller中使用的request具体是哪个类实例化的呢
spring中有拦截器,我继承了HandlerInterceptorAdapter重写方法preHandler,想对request中客户端提交的数据进行过滤,所以使用XssHttpServletRequestWrapper继承了HttpServletRequestWrapper对其中的getParameter等方法进行重写,但是发现在controller中调用getParameter方法时,不会进入到XssHttpServletRequestWrapper类中重写的getParameter方法,这是为什么呢?(PS:我把试过把XssHttpServletRequestWrapper加到filter的FilterChain中,这样是可以实现,没有问题)
代码如下:
XssHttpServletRequestWrapper :
public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper { public XssHttpServletRequestWrapper(HttpServletRequest request) {
super(request);
// TODO 自动生成的构造函数存根
}
@Override
public String[] getParameterValues(String parameter) {
return super.getParameterValues(parameter);
}
@Override
public String getParameter(String parameter) {
return super.getParameter(parameter);
}
@Override
public String getHeader(String name) {
return super.getHeader(name);
}
@Override
public String getQueryString() {
return super.getQueryString();
}
@Override
public ServletInputStream getInputStream() {
return super.getInputStream();
}
private String cleanXSS(String value) {
return value;
}
}
重写了preHandle,这个函数是可以执行到的
public class XssHttpServletRequestFilter extends HandlerInterceptorAdapter { @Override
public boolean preHandle(HttpServletRequest request,
HttpServletResponse response, Object handler) throws Exception {
return super.preHandle((HttpServletRequest)new XssHttpServletRequestWrapper(request), response, handler);
}
}
问题有点多,有点杂,刚学java 多多包含,望大侠解答,感激不尽!
回答:
https://www.zhihu.com/questio...
回答:
就是你新写的wrapper可以偷梁换柱。去包装也好,或者去替换也好。
回答:
HttpServletRequestWrapper 不是 spring 的吧?
以上是 spring中HttpServletRequestWrapper装饰者模式是如何理解的? 的全部内容, 来源链接: utcz.com/p/168376.html
