标签:rop str lse 通过 line nta 责任 需求 ide
责任链,顾名思义,就是用来处理相关事务责任的一条执行链,执行链上有多个节点,每个节点都有机会(条件匹配)处理请求事务,如果某个节点处理完了就可以根据实际业务需求传递给下一个节点继续处理或者返回处理完毕
客户端输入校验,需要多个校验步骤,比如sql注入校验、违禁词校验、js校验
var dbHandler = new DBCheckHandler();
dbHandler.SetNextHandler(new FHQCheckHandler()).SetNextHandler(new JSCheckHandler());
dbHandler.Handle("alert");//输出js校验未通过
public abstract class CheckHandler
{
protected CheckHandler NextHandler = null;
public CheckHandler SetNextHandler(CheckHandler nextHandler)
{
this.NextHandler = nextHandler;
return nextHandler;
}
public abstract bool Handle(string content);
}
/// <summary>
/// 数据库校验,防止sql注入
/// </summary>
public class DBCheckHandler : CheckHandler
{
string[] strs = new string[] { "SELECT", "UPDATE", "DELETE", "DROP", "WHERE", "FROM" };
public override bool Handle(string content)
{
foreach (var str in strs)
{
if (content.Contains(str))
{
Console.WriteLine("提交内容中不允许包含数据库违禁词");
return false;
}
}
if (this.NextHandler != null)
{
return this.NextHandler.Handle(content);
}
return true;
}
}
/// <summary>
/// 违禁词校验
/// </summary>
public class FHQCheckHandler : CheckHandler
{
string[] strs = new string[] { "wei尼", "bao子", "皇帝", "大大" };
public override bool Handle(string content)
{
foreach (var str in strs)
{
if (content.Contains(str))
{
Console.WriteLine("违禁词校验未通过");
return false;
}
}
if (this.NextHandler != null)
{
return this.NextHandler.Handle(content);
}
return true;
}
}
/// <summary>
/// js校验
/// </summary>
public class JSCheckHandler : CheckHandler
{
string[] strs = new string[] { "<script>", "alert", "location.", "window.open" };
public override bool Handle(string content)
{
foreach (var str in strs)
{
if (content.Contains(str))
{
Console.WriteLine("js校验未通过");
return false;
}
}
if (this.NextHandler != null)
{
return this.NextHandler.Handle(content);
}
return true;
}
}
标签:rop str lse 通过 line nta 责任 需求 ide
原文地址:https://www.cnblogs.com/fanfan-90/p/13281813.html
