懒虫一个V

思路： 判断referer里的地址是否和当前的地址一致，如果不一致则说明是跨域攻击的，否则不是 /** * 验证请求的合法性，防止跨域攻击 * * @param request * @return */ @SuppressWarnings("rawtypes") publicstatic boolean validateRequest(HttpServletReques

Here is a good and simple anti cross-site scripting (XSS) filter written for Java web applications. What it basically does is remove all suspicious strings from request parameters before returning the

首先找到这个jar包，$TOMCAT_HOME/lib/catalina.jar依次路径\org\apache\catalina\util\ServerInfo.properties  将其改掉即可