jsp中如何防止表单在网站外部提交



jsp的安全问题一直是大家所关注的,假如网页中的表单可以在网站外部提交,那么是十分危险的,但jsp中如何防止表单在网站外部提交呢?以下是相关的解决问题的源码实例。

index.jsp页面源码实例

<%@ page contentType=”text/html; charset=gb2312″ language=”java” import=”java.sql.*” errorPage=”" %>
<html>
<head>
<meta http-equiv=”Content-Type” content=”text/html; charset=gb2312″>
<link href=”css/style.css” type=”text/css” rel=”stylesheet”>
<title>防止表单在网站外部提交</title>
</head>

<body>
<form name=”form1″ action=”dealwith.jsp” method=”post”>
<div align=”center”>
<table width=”362″ height=”252″ border=”0″ cellpadding=”0″ cellspacing=”0″>
<tr>
<td height=”156″ valign=”top” background=”images/00.jpg”>
<table width=”323″ height=”171″ border=”0″ align=”center” cellpadding=”0″ cellspacing=”0″>
<tr>
<td height=”43″ colspan=”2″>&nbsp;</td>
</tr>
<tr>
<td width=”86″ height=”77″ valign=”bottom”>   用户名;</td>
<td width=”237″ valign=”bottom”><div align=”left”>
<input type=”text” name=”textfield2″>
</div></td>
</tr>
<tr>
<td height=”23″>   密 码:</td>
<td height=”23″><div align=”left”>
<input type=”text” name=”textfield22″>
</div></td>
</tr>
<tr>
<td height=”27″ colspan=”2″>
<div align=”center”>
<input type=”submit” name=”action2″ value=”提交”>

<input type=”reset” name=”Submit” value=”重置”>
</div></td>
</tr>
</table></td>
</tr>
</table>
</div>
</form>
</body>
</html>

dealwith.jsp源码实例:

<%@page contentType=”text/html; charset=gb2312″ language=”java” import=”java.sql.*” errorPage=”"%>
<%@page import=”java.net.URL”%>
<html>
<head>
<meta http-equiv=”Content-Type” content=”text/html; charset=gb2312″>
<link href=”css/style.css” type=”text/css” rel=”stylesheet”>
<title>无标题文档</title>
</head>
<%
String strOne = request.getHeader(“referer”);
String pathOne = “”;
if (strOne != null) {
URL urlOne = new URL(strOne);
pathOne = urlOne.getHost();
}
String strTwo=request.getRequestURL().toString();
String pathTwo = “”;
if (strTwo != null) {
URL urlTwo = new URL(strTwo);
pathTwo = urlTwo.getHost();
}
%>
<body>
<table width=”366″ height=”250″ border=”0″ align=”center” cellpadding=”0″ cellspacing=”0″>
<tr align=”center”>
<td width=”366″ background=”images/00.jpg”>
<%
if(!pathOne.equals(pathTwo)){
%>
禁止网站外部提交表单!!!
<%}%>
</td>
</tr>
</table>
</body>
</html>