java filter脫敏手機號證件號等
阿新 • • 發佈:2018-12-29
filter springboot 配置 西門吹水_的文章: java使用Filter過濾器對Response返回值進行修改
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException { ResponseWrapper wrapperResponse = new ResponseWrapper((HttpServletResponse)response);//轉換成代理類 // 這裡只攔截返回,直接讓請求過去,如果在請求前有處理,可以在這裡處理 filterChain.doFilter(request, wrapperResponse); byte[] content = wrapperResponse.getContent();//獲取返回值 //判斷是否有值 if (content.length > 0) { String str = new String(content, "UTF-8"); System.out.println("返回值:" + str); StringBuilder sb= new StringBuilder(str); try { for (int i = 0;i<str.length()-23;i++){ Long phone = null; Long cardId = null; //身份證脫敏 String substring1 = str.substring(i, i+7); //匹配json中身份證屬性名稱 if (substring1.equals("cardNo\":")) { try { String substring2 = str.substring(i + 8, i + 25); cardId = Long.parseLong(substring2); String s1 = cardId.toString(); String replace1 = s1.replace(s1.substring(3, 14), "***********"); sb.replace(i+8, i + 25, replace1); i+=26; } catch (NumberFormatException e) { String substring2 = str.substring(i + 8, i + 22); try { cardId = Long.parseLong(substring2); String s1 = cardId.toString(); String replace1 = s1.replace(s1.substring(3, 11), "********"); sb.replace(i+8, i + 22, replace1); i+=22; } catch (NumberFormatException e1) { System.out.println("匹配身份證失敗"); } } } //手機號脫敏 String substring2 = str.substring(i, i+10); if (substring2.equals("phoneNo\":")) { try { String phoneString = str.substring(i + 11, i + 22); phone = Long.parseLong(phoneString); String s1 = phone.toString(); String replace1 = s1.replace(s1.substring(3, 7), "****"); sb.replace(i+11, i + 22, replace1); i+=22; } catch (NumberFormatException e) { System.out.println("不是手機號,不需要脫敏"); } } } } catch (Exception e) { e.printStackTrace(); } //把返回值輸出到客戶端 ServletOutputStream out = response.getOutputStream(); out.write(sb.toString.getBytes()); out.flush(); } }
這種方法,返回值型別結構不確定時能較好的攔截敏感資訊。但是迴圈會意向效能 不建議使用