过滤字符串中的危险字符

StringUtil7.java

public class StringUtil7 {
    private String sourceStr;//源字符串
    private String targetStr;//替换后的字符串
    public String getSourceStr() {
        return sourceStr;
    }
    public void setSourceStr(String sourceStr) {
        this.sourceStr = sourceStr;
    }
    public String getTargetStr() {
        sourceStr=sourceStr.replaceAll("&", "&");
        sourceStr=sourceStr.replaceAll(";", "");
        sourceStr=sourceStr.replaceAll("<", "&lt;");
        sourceStr=sourceStr.replaceAll(">", "&gt;");
        sourceStr=sourceStr.replaceAll("%", "");
        sourceStr=sourceStr.replaceAll("=", "");
        targetStr=sourceStr;
        return targetStr;
    }
    public void setTargetStr(String targetStr) {
        this.targetStr = targetStr;
    }
    
}

index.jsp

<body>
    <form action="result.jsp" method="post">
        <table>
            <tr>
                <td align="right">请输入字符串：</td>
                <td><input type="text" name="sourceStr" size="40"/></td>
            </tr>
            <tr>
                <td colspan="2" align="center"><input type="submit" value="过滤"/></td>
            </tr>
        </table>
    </form>
</body>

result.jsp

<body>
    <%
        request.setCharacterEncoding("utf-8");
        String sourceStr= request.getParameter("sourceStr");
    %>
    <jsp:useBean id="strBean" class="com.count.StringUtil7"></jsp:useBean>
    <jsp:setProperty property="sourceStr" name="strBean" value="<%=sourceStr %>"/>
    <table>
        <tr>
            <td>过滤之前的字符串：</td>
            <td align="left">
                <jsp:getProperty property="sourceStr" name="strBean"/>
            </td>
        </tr>
        <tr>
            <td>过滤之后的字符串：</td>
            <td align="left">
                <jsp:getProperty property="targetStr" name="strBean"/>
            </td>
        </tr>
    </table>
</body>

17.PNG 20.PNG 19.PNG