码迷,mamicode.com
首页 > Web开发 > 详细

httpgetheader 取头信息

时间:2016-06-17 14:14:02      阅读:141      评论:0      收藏:0      [点我收藏+]

标签:

技术分享

技术分享

import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;
@Controller
@RequestMapping("/site")
public class SiteController {
    @Autowired
    private HttpServletRequest request;
    @RequestMapping(value = "/{input:.+}", method = RequestMethod.GET)
    public ModelAndView getDomain(@PathVariable("input") String input) {
        ModelAndView modelandView = new ModelAndView("result");
        modelandView.addObject("user-agent", getUserAgent());
        modelandView.addObject("headers", getHeadersInfo());
        return modelandView;
    }
    //get user agent
    private String getUserAgent() {
        return request.getHeader("user-agent");
    }
    //get request headers
    private Map<String, String> getHeadersInfo() {
        Map<String, String> map = new HashMap<String, String>();
        Enumeration headerNames = request.getHeaderNames();
        while (headerNames.hasMoreElements()) {
            String key = (String) headerNames.nextElement();
            String value = request.getHeader(key);
            map.put(key, value);
        }
        return map;
    }
}

也 许有人会说,Http Header  是可以模拟的,那么自己可以构造一个用来欺骗这些系统, 是的,的确是这样,所以在用Http Header 来传值得时候,一定要记得,所有的请求都必须经过 portal 来处理,然后 forward 到各子系统,就不会出现这个问题了。因为portal 首先拦截用户发起的所有的请求,如果是构造的用户,在portal 的sessiion 也是没有记录的,仍然会跳转到登录页面,如果在protal 的 session 中记录,而且  Http Header 中也有记录,那么在子系统就是合法的用户,然后自己可以根据一些要求处理业务逻辑了

 

JSP/Java获取HTTP header信息(request)例子

<%
//header.jsp
out.println("Protocol: " + request.getProtocol() + "<br>");
out.println("Scheme: " + request.getScheme() + "<br>");
out.println("Server Name: " + request.getServerName() + "<br>" );
out.println("Server Port: " + request.getServerPort() + "<br>");
out.println("Protocol: " + request.getProtocol() + "<br>");
out.println("Server Info: " + getServletConfig().getServletContext().getServerInfo() + "<br>");
out.println("Remote Addr: " + request.getRemoteAddr() + "<br>");
out.println("Remote Host: " + request.getRemoteHost() + "<br>");
out.println("Character Encoding: " + request.getCharacterEncoding() + "<br>");
out.println("Content Length: " + request.getContentLength() + "<br>");
out.println("Content Type: "+ request.getContentType() + "<br>");
out.println("Auth Type: " + request.getAuthType() + "<br>");
out.println("HTTP Method: " + request.getMethod() + "<br>");
out.println("Path Info: " + request.getPathInfo() + "<br>");
out.println("Path Trans: " + request.getPathTranslated() + "<br>");
out.println("Query String: " + request.getQueryString() + "<br>");
out.println("Remote User: " + request.getRemoteUser() + "<br>");
out.println("Session Id: " + request.getRequestedSessionId() + "<br>");
out.println("Request URL: " + request.getRequestURL() + "<br>");
out.println("Request URI: " + request.getRequestURI() + "<br>");
out.println("Servlet Path: " + request.getServletPath() + "<br>");
out.println("Created : " + session.getCreationTime() + "<br>");
out.println("LastAccessed : " + session.getLastAccessedTime() + "<br>");

out.println("Accept: " + request.getHeader("Accept") + "<br>");
out.println("Host: " + request.getHeader("Host") + "<br>");
out.println("Referer : " + request.getHeader("Referer") + "<br>");
out.println("Accept-Language : " + request.getHeader("Accept-Language") + "<br>");
out.println("Accept-Encoding : " + request.getHeader("Accept-Encoding") + "<br>");
out.println("User-Agent : " + request.getHeader("User-Agent") + "<br>");
out.println("Connection : " + request.getHeader("Connection") + "<br>");
out.println("Cookie : " + request.getHeader("Cookie") + "<br>");
%>

httpgetheader 取头信息

标签:

原文地址:http://www.cnblogs.com/zhuzhuxuan/p/5593705.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!