防止恶意刷新接口, 控制在5秒内不能被刷新10次以上
2017-11-09 15:08
351 查看
import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.CopyOnWriteArrayList; import java.util.concurrent.Executors; import java.util.concurrent.TimeUnit; /** * 防止恶意刷新接口, 控制在5秒内不能被刷新10次以上 * @author alex.liul * @create 2017.11.08 * @version 1.0 */ public class RequestLimitCache { private static final ConcurrentHashMap<String, CopyOnWriteArrayList<Long>> map = new ConcurrentHashMap<String, CopyOnWriteArrayList<Long>>(); private static final long EXPIRE_TIME = 1000 * 5L; private static final int MAX_REFRESH_COUNT = 10; private static final RequestLimitCache cache = new RequestLimitCache(); private RequestLimitCache() { Executors.newSingleThreadScheduledExecutor().scheduleWithFixedDelay(new ClearCacheRunnable(), 1000L, 500L, TimeUnit.MILLISECONDS); } public static RequestLimitCache getInstance() { return cache; } // 增加指定key的访问次数 public void increment(String key) { CopyOnWriteArrayList<Long> list = map.get(key); if (list == null) { map.put(key, new CopyOnWriteArrayList<Long>()); } map.get(key).add(System.currentTimeMillis()); } // 是否到达指定数量 public boolean isUpCount(String key) { CopyOnWriteArrayList<Long> list = map.get(key); if (list == null) { return false; } return list.size() > MAX_REFRESH_COUNT; } // 清理过期数据线程 private static class ClearCacheRunnable implements Runnable { @Override public void run() { try { clear(); } catch (Exception e) { e.printStackTrace(); } } private void clear() { for (String key : map.keySet()) { CopyOnWriteArrayList<Long> list = map.get(key); for (Long date : list) { if ((System.currentTimeMillis() - date) > RequestLimitCache.EXPIRE_TIME) { list.remove(date); } } } } } }
import java.io.IOException; import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.CopyOnWriteArrayList; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * 防止恶意刷新网站 控制网站的所有网页在5秒内不能被刷新10次以上 * * @author alex.liul * @create 2013.3.21 * @version 1.0 */ public class RefreshFilter implements Filter { public void init(FilterConfig config) throws ServletException { } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse res = (HttpServletResponse) response; String ip = req.getRemoteAddr(); //得到客户端IP地址 String requestURI = req.getRequestURI();//得到客户请求的uri String cache_key=ip+requestURI; Cache cache = Cache.getInstance(); if (cache.isUpCount(cache_key)) { res.setContentType("text/html; charset=UTF-8");// 响应类型 res.sendRedirect(req.getContextPath() + "/error.html"); } else { cache.increment(cache_key); chain.doFilter(request, response); } } public void destroy() { } // 缓存 private static class Cache { private static final ConcurrentHashMap<String, CopyOnWriteArrayList<Long>> map = new ConcurrentHashMap<String, CopyOnWriteArrayList<Long>>(); private static final long EXPIRE_TIME = 1000 * 5L; private static final long CLEAR_TIME = 500L; private static final int MAX_REFRESH_COUNT = 10; private static final Cache cache = new Cache(); private Cache() { new Thread(new ClearCacheRunnable()).start(); } public static Cache getInstance() { return cache; } // 增长指定url的点击次数 public void increment(String key) { CopyOnWriteArrayList<Long> list = map.get(key); if (list == null) { map.put(key, new CopyOnWriteArrayList<Long>()); } map.get(key).add(new Long(System.currentTimeMillis())); } // 是否到达指定数量 public boolean isUpCount(String key) { CopyOnWriteArrayList<Long> list = map.get(key); if (list == null) { return false; } return list.size() > MAX_REFRESH_COUNT; } // 清理过期数据线程 private static class ClearCacheRunnable implements Runnable { @Override public void run() { while (true) { try { Thread.sleep(Cache.CLEAR_TIME); clear(); } catch (InterruptedException e) { e.printStackTrace(); } } } private void clear() { for (String key : map.keySet()) { CopyOnWriteArrayList<Long> list = map.get(key); for (Long date : list) { if ((System.currentTimeMillis() - date) > Cache.EXPIRE_TIME) { list.remove(date); } } } } } } }
相关文章推荐
- 使用redis计数来控制单位时间内对某接口的访问量,防止刷验证码接口之类的
- 刷新别人网页的方法和防止被别人恶意刷新网页
- 防止恶意刷新或多次点击按钮的方法
- 安卓手机上 js不能控制微信浏览器强制刷新页面
- JSP页面不能刷新、防止刷新的问题总结
- 如何防止短信接口验证码被恶意点击?
- 防止恶意刷新前端代码,禁止鼠标右键和选择
- 防止短信接口验证码被恶意点击
- 注册时发短信如何防止别人恶意调用短信接口
- php防止恶意刷新页面的方法
- 短信接口验证码如何防止被恶意点击
- Struts2 使用token拦截器控制(防止)重复,刷新,后退 提交数据
- MyEclipse开发Struts框架令牌技术,防止恶意刷新登录
- PHP中如何防止外部恶意提交调用ajax接口
- php安全中不能违反的四条规则 - php 安全控制防止外部提交
- aspcms留言增加防刷新验证,单一ip留言条数限制,防止恶意刷新及恶意提交。
- 防止用户恶意刷新过滤器
- 防止用户恶意刷新过滤器
- 如何防止广告恶意刷新或点击
- 怎样防止jsp页面恶意刷新呀?