1、简单说明
Referer、origin用来表明,浏览器向WEB服务器表明自己来自哪里。
但是就它本身而言,并非完全安全。
写一个例子,可以任意修改http信息头中的referer、origin
2、准备:
用httpClient4.0来具体实现
3、Java修改http信息头referer、origin的源代码
代码非常简单,就是修改了http头的referer、origin。
配套示例的jsp在:http://blog.csdn.net/ffm83/article/details/44095025
源代码如下:
/**
* 用httpClient 模拟修改referer属性,仅供用于WEB安全防范示例。
*
* @author auth
*/
public class EasyModifyHeader {
public static void main(String[] args) throws Exception {
CloseableHttpClient httpclient = HttpClients.createDefault();
try {
String url = "http://www.wuranyubao.cn/wryb_rdcity.php";
HttpPost httpPost = new HttpPost(url);
//设置防外链头信息
httpPost.setHeader("origin", "http://www.wuranyubao.cn");
httpPost.setHeader("referer", "http://www.wuranyubao.cn/wryb_prev.php?movie=no");
//建立HttpPost对象
List<NameValuePair> params=new ArrayList<NameValuePair>();
//建立一个NameValuePair数组,用于存储欲传送的参数
params.add(new BasicNameValuePair("rdcity","Shandong,Jinan,20151121"));
httpPost.setEntity(new UrlEncodedFormEntity(params,HTTP.UTF_8));
CloseableHttpResponse response = httpclient.execute(httpPost);
try {
HttpEntity entity = response.getEntity();
//打印目标网站输出内容
System.out.println(EntityUtils.toString(entity));
EntityUtils.consume(entity);
} finally {
response.close();
}
} finally {
httpclient.close();
}
}
}
本文转自:http://www.2cto.com/Article/201503/380951.html
jar包下载:http://download.csdn.net/detail/y515789/8470829