public class
Test
{
public static void main(String[] args)
{
System.out.println(getSafeCommand("abcd&efg"));
System.out.println(getSafePath("abcd/efg"));
}
/**
* Get the safe
path
* @param filePath Enter the
path
* @return Safe
path
*/
public static
String getSafePath(String filePath)
{
// return
safe path
StringBuffer safePath = new
StringBuffer();
// safe path white list
String whiteList =
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890-=[];‘,.
~!@#$%^&*()_+\"{}|:<>?";
char[] safePathChars =
filePath.toCharArray();
for (int i = 0, length = safePathChars.length; i < length;
i++)
{
int whiteListIndex =
whiteList.indexOf(safePathChars);
if (-1 == whiteListIndex)
{
return
safePath.toString();
}
safePath.append(whiteList.charAt(whiteListIndex));
}
return safePath.toString();
}
/**
* Get
the safe command
* @param command Enter the
command
* @return Safe command
*/
public static String
getSafeCommand(String command)
{
// return safe
command
StringBuffer
safeCommand = new StringBuffer();
// safe command white list
String whiteList =
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890-=[]\\‘,./
~!@#$%^*()_+\"{}:<>?";
char[] safeCommandChars =
command.toCharArray();
for (int i = 0, length = safeCommandChars.length; i <
length; i++)
{
int whiteListIndex =
whiteList.indexOf(safeCommandChars);
if (-1 == whiteListIndex)
{
return
safeCommand.toString();
}
safeCommand.append(whiteList.charAt(whiteListIndex));
}
return safeCommand.toString();
}
}
创意横幅
文章来源:http://www.huiyi8.com/hengfu/chaungyi/
相关文章
- 07-25Java防止路径操控和命令注入 代码