标签:
再nginx集群内设置防盗链
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
valid_referers none blocked *.tappal.com tappal.com;
if
($invalid_referer) {
return
404;
}
expires 30d;
}
在java程序内
设置防盗链的filter
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse resp = (HttpServletResponse) response;
String referer = req.getHeader("referer");
if(null != referer && referer.trim().startsWith("http://localhost:8080/baidu")){
System.out.println("正常页面请求");
chain.doFilter(req, resp);
}else{
System.out.println("盗链");
req.getRequestDispatcher("/html/error.html").forward(req, resp);
}
}
最核心的其实也就是这句 String referer = req.getHeader("referer");
再来看看绕过防盗链的措施
使用iframe方法
<script>window.sc="<img src=‘http://cdn.archdaily.net/wp-content/uploads/2011/06/1309476244-elicium-rai-01-528x351.jpg?"+Math.random()+"‘>";</script> <iframe id="imiframe" src="javascript:parent.sc" style="border:none; overflow: hidden;" scrolling="no" frameborder="0" onload="javascript:var x=document.getElementById(‘imiframe‘).contentWindow.document.images[0];this.width=x.width+10;this.height=x.height+10;"></iframe>
使用代码加入header里的refer
def getHttpFile(address,filename){
def f = new File(filename)
if(f.exists()){
return;
}
def file = new FileOutputStream(filename)
def out = new BufferedOutputStream(file)
println ‘Download file: ‘ + filename
def url = new URL(address)
def urlConn = url.openConnection()
urlConn.setRequestProperty(‘Referer‘,xxxxxx‘) //xxx为要访问的目标网站
urlConn.connect()
out << urlConn.getInputStream()
println ‘Download over: ‘ + filename
out.close()
}
都是从header里做手脚
标签:
原文地址:http://my.oschina.net/angleshuai/blog/359438