常見Web安全漏洞--------防盜鏈

1,防盜鏈防止盜用本身服務上的東西。。。

2,XSS服務上有這麼一張圖：

<!DOCTYPE html>
<html>
<head lang="en">
<meta charset="UTF-8" />
<title></title>
</head>
<body>
<form action="postIndex" method="post">
        輸入內容: <input type="text" name="name"> <br> <input
            type="submit">
    </form>
<img src="imgs/logo.PNG" alt="">
</body> 
</html>

SatetyChain 服務上：<img src="http://127.0.0.1:8080/img/logo.PNG" alt=""> 直接把這張圖片引用過來，屬於盜圖，怎麼防止這種狀況發生呢？

<!DOCTYPE html>
<html>
<head lang="en">
<meta charset="UTF-8" />
<title></title>
</head>
<body>
<form action="postIndex" method="post">
        輸入內容: <input type="text" name="name"> <br> <input
            type="submit">
    </form>
<img src="http://127.0.0.1:8080/imgs/logo.PNG" alt="">
</body> 
</html>

3,防盜鏈技術實現上面的需求，簡單來講，仍是經過攔截器，攔截請求，查看請求頭Referer記錄請求來源，能夠查看到請求圖片的域名，若是不是指定的域名，讓其請求失敗

 測試：

C:\Windows\System32\drivers\etc\hosts

127.0.0.1  www.aiyuesheng.com

package com.aiyuesheng.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;

import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Value;

@WebFilter(filterName = "imgFilter", urlPatterns = "/imgs/*")
public class ImgFilter implements Filter {

    @Value("${domain.name}")
    private String domainName;

    public void init(FilterConfig filterConfig) throws ServletException {

    }

    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
            throws IOException, ServletException {
        HttpServletRequest req = (HttpServletRequest) request;
        String referer = req.getHeader("Referer");
        if (StringUtils.isEmpty(referer)) {
            request.getRequestDispatcher("/imgs/error.png").forward(request, response);
            return;
        }
        String domain = getDomain(referer);
        //域名裏面若是有端口號，爲了測試
        String domainTemp = domain.contains(":") ? domain.split(":")[0] : domain;
        if (!domainTemp.equals(domainName)) {
            request.getRequestDispatcher("/imgs/error.png").forward(request, response);
            return;
        }
        chain.doFilter(request, response);
    }

    /**
     * 獲取url對應的域名
     *
     * @param url
     * @return
     */
    public String getDomain(String url) {
        String result = "";
        int j = 0, startIndex = 0, endIndex = 0;
        for (int i = 0; i < url.length(); i++) {
            if (url.charAt(i) == '/') {
                j++;
                if (j == 2)
                    startIndex = i;
                else if (j == 3)
                    endIndex = i;
            }

        }
        result = url.substring(startIndex + 1, endIndex);
        return result;
    }

    public void destroy() {

    }
}

當有其餘服務，盜用圖片的時候，會攔截請求，查看RequestHeader 裏面的Referer 參數：不是匹配的域名，則重定向error.png