防盜鏈設置及一些繞過防盜鏈的方法

時間 2019-12-06

標籤防盜設置一些繞過方法简体版

原文原文鏈接

再nginx集羣內設置防盜鏈javascript

location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$

{

valid_referers none blocked *.tappal.com tappal.com;

if ($invalid_referer) {

return 404;

}

expires 30d;

}

在java程序內

設置防盜鏈的filterhtml

public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)java

            throws IOException, ServletException {
            HttpServletRequest req = (HttpServletRequest) request;
            HttpServletResponse resp = (HttpServletResponse) response;
            String referer = req.getHeader("referer");
            if(null != referer && referer.trim().startsWith("http://localhost:8080/baidu")){
                 System.out.println("正常頁面請求");
                chain.doFilter(req, resp);
           }else{
                 System.out.println("盜鏈");
                req.getRequestDispatcher("/html/error.html").forward(req, resp);
           }
}
nginx

最核心的其實也就是這句 String referer = req.getHeader("referer");app

再來看看繞過防盜鏈的措施dom

使用iframe方法網站

<script>window.sc="<img src='http://cdn.archdaily.net/wp-content/uploads/2011/06/1309476244-elicium-rai-01-528x351.jpg?"+Math.random()+"'>";</script>  
<iframe id="imiframe" src="javascript:parent.sc" style="border:none; overflow: hidden;" scrolling="no" frameborder="0" onload="javascript:var x=document.getElementById('imiframe').contentWindow.document.images[0];this.width=x.width+10;this.height=x.height+10;"></iframe>

使用代碼加入header裏的referthis

def getHttpFile(address,filename){
url

  def f = new File(filename)
   if(f.exists()){
       return;
   }
   def file = new FileOutputStream(filename)
   def out = new BufferedOutputStream(file)
   println 'Download file: ' + filename
   def url = new URL(address)
   def urlConn = url.openConnection()
  urlConn.setRequestProperty('Referer',xxxxxx')  //xxx爲要訪問的目標網站
   urlConn.connect()
   out << urlConn.getInputStream()
   println 'Download over: ' + filename
   out.close()
}spa

都是從header裏作手腳

相關標籤/搜索

每日一句

每一个你不满意的现在，都有一个你没有努力的曾经。