防止恶意刷新接口, 控制在5秒内不能被刷新10次以上
2017-11-09 15:08
351 查看
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.CopyOnWriteArrayList;
import java.util.concurrent.Executors;
import java.util.concurrent.TimeUnit;
/**
* 防止恶意刷新接口, 控制在5秒内不能被刷新10次以上
* @author alex.liul
* @create 2017.11.08
* @version 1.0
*/
public class RequestLimitCache {
private static final ConcurrentHashMap<String, CopyOnWriteArrayList<Long>> map = new ConcurrentHashMap<String, CopyOnWriteArrayList<Long>>();
private static final long EXPIRE_TIME = 1000 * 5L;
private static final int MAX_REFRESH_COUNT = 10;
private static final RequestLimitCache cache = new RequestLimitCache();
private RequestLimitCache() {
Executors.newSingleThreadScheduledExecutor().scheduleWithFixedDelay(new ClearCacheRunnable(), 1000L, 500L, TimeUnit.MILLISECONDS);
}
public static RequestLimitCache getInstance() {
return cache;
}
// 增加指定key的访问次数
public void increment(String key) {
CopyOnWriteArrayList<Long> list = map.get(key);
if (list == null) {
map.put(key, new CopyOnWriteArrayList<Long>());
}
map.get(key).add(System.currentTimeMillis());
}
// 是否到达指定数量
public boolean isUpCount(String key) {
CopyOnWriteArrayList<Long> list = map.get(key);
if (list == null) {
return false;
}
return list.size() > MAX_REFRESH_COUNT;
}
// 清理过期数据线程
private static class ClearCacheRunnable implements Runnable {
@Override
public void run() {
try {
clear();
} catch (Exception e) {
e.printStackTrace();
}
}
private void clear() {
for (String key : map.keySet()) {
CopyOnWriteArrayList<Long> list = map.get(key);
for (Long date : list) {
if ((System.currentTimeMillis() - date) > RequestLimitCache.EXPIRE_TIME) {
list.remove(date);
}
}
}
}
}
}import java.io.IOException;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.CopyOnWriteArrayList;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* 防止恶意刷新网站 控制网站的所有网页在5秒内不能被刷新10次以上
*
* @author alex.liul
* @create 2013.3.21
* @version 1.0
*/
public class RefreshFilter implements Filter {
public void init(FilterConfig config) throws ServletException {
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
String ip = req.getRemoteAddr(); //得到客户端IP地址
String requestURI = req.getRequestURI();//得到客户请求的uri
String cache_key=ip+requestURI;
Cache cache = Cache.getInstance();
if (cache.isUpCount(cache_key)) {
res.setContentType("text/html; charset=UTF-8");// 响应类型
res.sendRedirect(req.getContextPath() + "/error.html");
} else {
cache.increment(cache_key);
chain.doFilter(request, response);
}
}
public void destroy() {
}
// 缓存
private static class Cache {
private static final ConcurrentHashMap<String, CopyOnWriteArrayList<Long>> map = new ConcurrentHashMap<String, CopyOnWriteArrayList<Long>>();
private static final long EXPIRE_TIME = 1000 * 5L;
private static final long CLEAR_TIME = 500L;
private static final int MAX_REFRESH_COUNT = 10;
private static final Cache cache = new Cache();
private Cache() {
new Thread(new ClearCacheRunnable()).start();
}
public static Cache getInstance() {
return cache;
}
// 增长指定url的点击次数
public void increment(String key) {
CopyOnWriteArrayList<Long> list = map.get(key);
if (list == null) {
map.put(key, new CopyOnWriteArrayList<Long>());
}
map.get(key).add(new Long(System.currentTimeMillis()));
}
// 是否到达指定数量
public boolean isUpCount(String key) {
CopyOnWriteArrayList<Long> list = map.get(key);
if (list == null) {
return false;
}
return list.size() > MAX_REFRESH_COUNT;
}
// 清理过期数据线程
private static class ClearCacheRunnable implements Runnable {
@Override
public void run() {
while (true) {
try {
Thread.sleep(Cache.CLEAR_TIME);
clear();
} catch (InterruptedException e) {
e.printStackTrace();
}
}
}
private void clear() {
for (String key : map.keySet()) {
CopyOnWriteArrayList<Long> list = map.get(key);
for (Long date : list) {
if ((System.currentTimeMillis() - date) > Cache.EXPIRE_TIME) {
list.remove(date);
}
}
}
}
}
}
}
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 使用redis计数来控制单位时间内对某接口的访问量,防止刷验证码接口之类的
- 刷新别人网页的方法和防止被别人恶意刷新网页
- 防止恶意刷新或多次点击按钮的方法
- 安卓手机上 js不能控制微信浏览器强制刷新页面
- JSP页面不能刷新、防止刷新的问题总结
- 如何防止短信接口验证码被恶意点击?
- 防止恶意刷新前端代码,禁止鼠标右键和选择
- 防止短信接口验证码被恶意点击
- 注册时发短信如何防止别人恶意调用短信接口
- php防止恶意刷新页面的方法
- 短信接口验证码如何防止被恶意点击
- Struts2 使用token拦截器控制(防止)重复,刷新,后退 提交数据
- MyEclipse开发Struts框架令牌技术,防止恶意刷新登录
- PHP中如何防止外部恶意提交调用ajax接口
- php安全中不能违反的四条规则 - php 安全控制防止外部提交
- aspcms留言增加防刷新验证,单一ip留言条数限制,防止恶意刷新及恶意提交。
- 防止用户恶意刷新过滤器
- 防止用户恶意刷新过滤器
- 如何防止广告恶意刷新或点击
- 怎样防止jsp页面恶意刷新呀?