This discussion discusses the post method to obtain parameters. () cannot be obtained for the second time after obtaining it once, and this also exists between () and () and ().
1. Get request parameters
- 1、()
- 2. () or ()
2. Requesting party contentType
1、application/x-www-form-urlencoded
@RequestMapping("/testWwwFrom")
@ResponseBody
public Book testWwwFrom(Book req, HttpServletRequest servletRequest) {
("Query all 1 user information" + (req));
return req;
}2、multipart/form-data
@RequestMapping("/testFormData")
@ResponseBody
public Book testFormData(Book req, HttpServletRequest servletRequest) {
("Query all 1 user information" + (req));
return req;
}3、application/json
@RequestMapping("/testJson")
@ResponseBody
public Book testJsonFrom(@RequestBody Book req, HttpServletRequest servletRequest) {
("Query all 1 user information" + (req));
return req;
}- 1. () corresponds to application/x-www-form-urlencoded
- 2. () or () corresponds to application/json
Then there is a requirement for this to obtain formToken and then CRSF protection with the cache
The idea is divided into two categories according to the form parameter acquisition mentioned above.
Among them, () cannot be retrieved for the second time after obtaining it once, and this also occurs between () and ().
- 1. Application/x-www-form-urlencoded and multipart/form-data are obtained through ()
- 2. Application/json is obtained through () or (), which depends on HttpServletRequestWrapper
package ;
import ;
import ;
import ;
import ;
import ;
import ;
import ;
import ;
import ;
import ;
/**
* <p>/kaizhangzhang/article/details/97900961</p>
*
*
* @version v 0.1 2023/5/29 15:37
*/
public class ResettableServletRequestWrapper extends HttpServletRequestWrapper {
//Save data in the stream private byte[] data;
/**
* Constructs a request object wrapping the given request.
*
* @param request
* @throws IllegalArgumentException if the request is null
*/
public ResettableServletRequestWrapper(HttpServletRequest request) throws IOException {
super(request);
//Get data from the stream data = (());
}
@Override
public ServletInputStream getInputStream() throws IOException {
//When calling the getInputStream function, create a new stream, including the information in the original data stream, and then return return new NewServletInputStream(new ByteArrayInputStream(data));
}
class NewServletInputStream extends ServletInputStream{
private InputStream inputStream;
public NewServletInputStream(InputStream inputStream){
= inputStream;
}
@Override
public int read() throws IOException {
return ();
}
@Override
public boolean isFinished() {
return false;
}
@Override
public boolean isReady() {
return false;
}
@Override
public void setReadListener(ReadListener readListener) {
}
}
@Override
public BufferedReader getReader() throws IOException {
return new BufferedReader(new InputStreamReader(()));
}
}package ;
import ;
import ;
import ;
import .;
import ;
import .;
import ;
import ;
import ;
import ;
import ;
import ;
import ;
/**
* <p>form form submission verification token</p>
*
*
* @version v 0.1 2023/5/29 13:45
*/
public class FormSubmitTokenInterceptor implements HandlerInterceptor {
private String formSubmitTokenInterceptorUrls = "[\"/testJson\",\"/test/testJson\",\"/test/testWwwFrom\",\"/test/testRequestParam\"]";
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
String requestURI = getRequestURI(request);
if ("POST".equals(().toUpperCase()) && (formSubmitTokenInterceptorUrls)) {
List<String> formInterceptorUrls = (formSubmitTokenInterceptorUrls, );
if ((formInterceptorUrls)) {
boolean contains = ().anyMatch(e -> (requestURI));
if (contains) {
String contentType = ();
(contentType);
if ("application/json".equalsIgnoreCase(contentType)) {
ResettableServletRequestWrapper resettableServletRequestWrapper = new ResettableServletRequestWrapper(request);
String bodyParam = (());
(bodyParam);
if ((bodyParam)) {
JSONObject jsonObject = (bodyParam);
if (("formToken")) {
String formToken = (String) ("formToken");
("formToken:"+formToken);
}
}
} else {
if ((("formToken"))) {
("formToken2:"+("formToken"));
}
("name:"+("name"));
}
}
}
}
return true;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
}
/**
* Get the path requested by the user without contextPath
* like:/
*/
public static String getRequestURI(HttpServletRequest request) {
return ((), (), "");
}
}Put it in front
<filter> <filter-name>requestFilter</filter-name> <filter-class></filter-class> </filter> <filter-mapping> <filter-name>requestFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
Summarize
The above is personal experience. I hope you can give you a reference and I hope you can support me more.