正常情况下,我们需要添加一个过滤器,需要实现javax.servlet.Filter接口,再在web.xml中配置filter,如下:
package cc.eabour.webapp.security.filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; public class XssFilter implements Filter { private String enable = null; public void init(FilterConfig filterConfig) throws ServletException { // Auto-generated method stub enable = filterConfig.getInitParameter("enable"); } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { // Auto-generated method stub // Do XSS Filter (WrapperRequest) chain.doFilter(request, response); } public void destroy() { // TODO Auto-generated method stub } }