---恢复内容开始---
我的jsp中保含了“>=”和“<=”符号,form提交的时候会有个标签校验,如下:
private static boolean validateRequestParam(HttpServletRequest request,
HttpServletResponse response) {
boolean checkFlag = true;
Pattern SCRIPT_PATTERN = Pattern.compile("<script.*>.*<\\/script\\s*>");
Pattern IFRAME_PATTERN = Pattern.compile("javascript:*");
Pattern HTML_PATTERN = Pattern.compile("<[^>]+>");//标签校验
response.setCharacterEncoding("UTF-8");
response.setHeader("Pragma", "no-cache");
response.setHeader("Cache-Control", "no-cache");
response.setHeader("Cache-Control", "no-store");
response.setDateHeader("Expires", 0L);
Map paramMap = request.getParameterMap();
String lowStr = null;
Iterator itr = paramMap.keySet().iterator();
while (itr.hasNext()) {
String ok = (String) itr.next();
String[] value = (String[]) paramMap.get(ok);
for (int k = 0; k < value.length; ++k) {
lowStr = value[k];
/*Matcher mHtml = HTML_PATTERN.matcher(lowStr);
if (mHtml.find()) {
checkFlag = false;
}*/
Matcher m = SCRIPT_PATTERN.matcher(lowStr);
if (m.find()) {
checkFlag = false;
}
Matcher iframeMatcher = IFRAME_PATTERN.matcher(lowStr);
if (iframeMatcher.find()) {
checkFlag = false;
}
if ((lowStr.contains("ascii(")) || (lowStr.contains("ascii ("))
|| (lowStr.contains("chr("))
|| (lowStr.contains("chr ("))) {
checkFlag = false;
}
if ((!(lowStr.contains("alter ")))
&& (!(lowStr.contains("create ")))
&& (!(lowStr.contains("truncate ")))
&& (!(lowStr.contains("drop ")))
&& (!(lowStr.contains("lock table")))
&& (!(lowStr.contains("insert ")))
&& (!(lowStr.contains("update ")))
&& (!(lowStr.contains("delete ")))
&& (!(lowStr.contains("select ")))
&& (!(lowStr.contains("grant "))))
continue;
checkFlag = false;
}
}
return checkFlag;
}
当我的form提交之后就会报错404路径找不到,其实路径地址是正确的。之所以会报错404是因为你的form中包含了<>,在校验的时候会认为这是一套标签过滤掉,上述校验不通过,所以会报错404。
我的jsp代码如下:
<script type="text/javascript">
//window.name="curWindow";
//init page
$(function() {
var input_flag = $("#inputFlag").val();
if (input_flag == "end") {
$("input:not([id='close'])").attr("disabled", true);
$("select").attr("disabled", true);
$("textarea").attr("disabled", true);
} else if (input_flag == "det") {
$("input:not([id='close'])").attr("disabled", true);
$("select").attr("disabled", true);
$("textarea").attr("disabled", true);
} else if (input_flag == "upd") {
$("#rulecode").attr("disabled", true);
$("select").attr("disabled", true);
}
});
//add button
function add() {
//alert(67);
$("#rulecode").attr("disabled", false);
$("select").attr("disabled", false);
var form = document.getElementById("form");
var input_flag = $("#inputFlag").val();
//var analyseParameter = "";
//var count = document.getElementsByName("paramValue");
var set = document.getElementsByName("operators");
var name = document.getElementsByName("paramName");
var analyseParameter = "";
//取出paramValue
var arr = new Array();
for (var m = 0; m < name.length; m++) {
arr[m] = document.getElementById(name[m].value);
}
var count = arr;
for (var i = 0; i < count.length; i++) {
if (i == count.length - 1) {
analyseParameter += name[i].value + ":" + set[i].value + ":"
+ count[i].value;
break;
}
analyseParameter += name[i].value + ":" + set[i].value + ":"
+ count[i].value + "|";
}
if ('add' == input_flag) {
//给form的analyseParameter赋值
alert(analyseParameter);
console.log(analyseParameter);
document.getElementById("analyseparameter").value = analyseParameter;
alert(document.getElementById("analyseparameter").value);
form.action = "${pageContext.request.contextPath}/DATA_Analyse_Set/Add";
alert(form.action);
} else if ('upd' == input_flag) {
form.action = "${pageContext.request.contextPath}/DATA_Analyse_Set/Upd?dataAnaylse.analyseParameter="
+ analyseParameter;
}
form.submit();
}
function test() {
alert(1);
var count = document.getElementsByName("paramValue");
var set = document.getElementsByName("operators");
var name = document.getElementsByName("paramName");
var a = "";
for (var i = 0; i < count.length; i++) {
if (i == count.length - 1) {
a += name[i].value + ":" + set[i].value + ":" + count[i].value;
break;
}
a += name[i].value + ":" + set[i].value + ":" + count[i].value
+ "|";
}
alert(a);
console.log(a);
}
//add by li_senbin_2017.3.23
var val;
function setStatus(checkobj, obj) {
var status = $(checkobj).prop("checked");
if (status) {
$('#' + obj).val(val);
$('#' + obj + 'Desc').val('');
$('#' + obj).attr('disabled', false);
$('#' + obj + 'Desc').attr('disabled', false);
} else {
val = $('#' + obj).val();
$('#' + obj).val('not use');
$('#' + obj + 'Desc').val('not use');
$('#' + obj).attr('disabled', true);
$('#' + obj + 'Desc').attr('disabled', true);
}
}
function tradeWhere() {
showTradeWhither([ {
"tradeWhither" : "param1"
} ],1);
}
function tradeP() {
showTradeWhither([ {
"tradePlace" : "param1"
} ],2);
}
</script>
<!-- tips information -->
<div id="id_showMsg" style="display: none">
<br /> <br />
<div id="id_result">
<t:messagePanel messagesAttributeName="errmsg" messagesType="error" />
<t:messagePanel messagesAttributeName="infomsg" messagesType="info" />
<t:messagePanel messagesAttributeName="successmsg"
messagesType="success" />
<spring:hasBindErrors name="DATA_Analyse_SetForm">
<form:form commandName="DATA_Analyse_SetForm">
<div class="alert alert-error">
<form:errors path="*" cssStyle="color:red"></form:errors>
</div>
</form:form>
</spring:hasBindErrors>
</div>
<br />
</div>
<!-- title -->
<div class="page_title">
<spring:message code="aml.title.data_analyse_set.add" />
</div>
<!-- body -->
<div class="row" style="margin-bottom: 40px;">
<form:form id="form"
action="${pageContext.request.contextPath}/DATA_Analyse_Set/Insert"
method="post" modelAttribute="DATA_Analyse_SetForm"
class="form-horizontal">
<form:hidden path="inputFlag" id="inputFlag" htmlEscape="true" />
<table class="tbl_search">
<tr>
<td colspan="4"><div class="page_title">
<spring:message code="bh_03.label.BaseInfo" />
</div></td>
</tr>
<tr>
<td class="label_td"><font color="red">*</font> <spring:message
code="aml.label.data_analyse_set.rulecode" /></td>
<td><form:input id="rulecode" path="ruleCode" type="text"
class=".input-small" maxlength="30" /></td>
<td class="label_td"><font color="red">*</font> <spring:message
code="aml.label.data_analyse_set.ruletype" /></td>
<td><form:select path="ruleType">
<form:option value="" ></form:option>
<form:options items="${AML_RULE_TYPE_LIST}" />
</form:select></td>
</tr>
<tr>
<td class="label_td"><font color="red">*</font> <spring:message
code="aml.label.data_analyse_set.rulenotes" /></td>
<td colspan="3"><form:textarea rows="3" style="width:86%"
id="ruleNotes" path="ruleNotes" class=".input-small" /></td>
</tr>
<tr style="display: none">
<td class="label_td"><font color="red">*</font> <spring:message
code="aml.label.data_analyse_set.analyseparameter" /></td>
<td colspan="3"><form:textarea rows="4" style="width:86%"
id="analyseparameter" path="analyseParameter" class=".input-small" /></td>
</tr>
</table>
<tr>
<td colspan="4"><div class="page_title">
<spring:message code="aml.label.data_analyse_set.analyseparameter" />
</div></td>
</tr>
<table
class="table table-striped table-bordered table-condensed tbl_page">
<thead>
<tr>
<th width="20px" style="text-align: left">No.</th>
<th class="tbl_page_th" width="150px"><spring:message
code="aml.label.dataanaylse.paramCnName" /></th>
<th class="tbl_page_th" width="230px"><spring:message
code="aml.label.dataanaylse.paramValue" /></th>
<th class="tbl_page_th" width="300px"><spring:message
code="aml.label.dataanaylse.paramDesc" /></th>
<th class="tbl_page_th" width="40px"><spring:message
code="aml.label.dataanaylse.paramEnable" /></th>
</tr>
</thead>
<tbody>
<tr>
<input type="hidden" name="operators" value="=">
<input type="hidden" name="paramName" value="countObj">
<td width="20px">1</td>
<td class="label_td"><font color="red">*</font> <spring:message
code="aml.label.dataanaylse.countObj" /></td>
<td><form:select path="countObj" name="paramValue"
id="countObj">
<form:option value="0">
<spring:message code="aml.label.dataanaylse.formInput.customer" />
</form:option>
<form:option value="1">
<spring:message code="aml.label.dataanaylse.formInput.account" />
</form:option>
<form:option value="2">
<spring:message code="aml.label.dataanaylse.formInput.trade" />
</form:option>
</form:select></td>
<td><form:input id="countObjDesc" path="countObjDesc"
type="text" class=".input-small" maxlength="30" value="数据统计对象" /></td>
<td align="center"><input type="checkbox" disabled="disabled"
onclick="setStatus(this,'countObj')" checked="checked"
class=".input-small" maxlength="30" /></td>
</tr>
<tr>
<input type="hidden" name="operators" value="like">
<input type="hidden" name="paramName" value="tradeType">
<td width="20px">2</td>
<td class="label_td"><font color="red">*</font> <spring:message
code="aml.label.dataanaylse.tradeType" /></td>
<td><form:select path="tradeType" name="paramValue"
id="tradeType">
<form:option value=""></form:option>
<form:options items="${AML_RULE_TRADE_TYPE_LIST}" />
</form:select></td>
<td><form:input id="tradeTypeDesc" path="tradeTypeDesc"
type="text" class=".input-small" maxlength="30" value="01-转账;00-现金" /></td>
<td align="center"><input type="checkbox" disabled="disabled"
onclick="setStatus(this,'tradeType')" checked="checked"
class=".input-small" maxlength="30" /></td>
</tr>
<tr>
<input type="hidden" name="operators" value="=">
<input type="hidden" name="paramName" value="termLength">
<td width="20px">3</td>
<td class="label_td">
<!-- <font color="red">*</font> --> <spring:message
code="aml.label.dataanaylse.termLength" />
</td>
<td><form:input id="termLength" path="termLength" type="text"
class=".input-small" maxlength="30" /></td>
<td><form:input id="termLengthDesc" path="termLengthDesc"
type="text" class=".input-small" maxlength="30" value="数据统计期间,单位:天" /></td>
<td align="center"><input type="checkbox"
onclick="setStatus(this,'termLength')" checked="checked"
class=".input-small" maxlength="30" /></td>
</tr>
<tr>
<input type="hidden" name="operators" value="=">
<input type="hidden" name="paramName" value="reportRequire">
<td width="20px">4</td>
<td class="label_td"><!-- <font color="red">*</font> --> <spring:message
code="aml.label.dataanaylse.reportRequire" /></td>
<td><form:select path="reportRequire" name="paramValue"
id="reportRequire">
<form:option value=""></form:option>
<form:options items="${AML_IF_RPT_LIST}" />
</form:select></td>
<td><form:input id="reportRequireDesc"
path="reportRequireDesc" type="text" class=".input-small"
maxlength="30" value="1:是 0:否 "/></td>
<td align="center"><input type="checkbox"
onclick="setStatus(this,'reportRequire')" checked="checked"
class=".input-small" maxlength="30" /></td>
</tr>
<tr>
<input type="hidden" name="operators" value="=">
<input type="hidden" name="paramName" value="ruleWeighe">
<td width="20px">5</td>
<td class="label_td"><!-- <font color="red">*</font> --> <spring:message
code="aml.label.dataanaylse.ruleWeighe" /></td>
<td><form:input id="ruleWeighe" path="ruleWeighe" type="text"
class=".input-small" maxlength="30" /></td>
<td><form:input id="ruleWeigheDesc" path="ruleWeigheDesc"
type="text" class=".input-small" maxlength="30" value="权重:0-1"/></td>
<td align="center"><input type="checkbox"
onclick="setStatus(this,'ruleWeighe')" checked="checked"
class=".input-small" maxlength="30" /></td>
</tr>
<tr>
<input type="hidden" name="operators" value="=">
<input type="hidden" name="paramName" value="ruleScore">
<td width="20px">6</td>
<td class="label_td"><!-- <font color="red">*</font> --> <spring:message
code="aml.label.dataanaylse.ruleScore" /></td>
<td><form:input id="ruleScore" path="ruleScore" type="text"
class=".input-small" maxlength="30" /></td>
<td><form:input id="ruleScoreDesc" path="ruleScoreDesc"
type="text" class=".input-small" maxlength="30" value="分值:0-100"/></td>
<td align="center"><input type="checkbox"
onclick="setStatus(this,'ruleScore')" checked="checked"
class=".input-small" maxlength="30" /></td>
</tr>
<tr>
<input type="hidden" name="operators" value=">=">
<input type="hidden" name="paramName" value="tradeTimes">
<td width="20px">7</td>
<td class="label_td">
<!-- <font color="red">*</font> --> <spring:message
code="aml.label.dataanaylse.tradeTimes" />
</td>
<td><form:input id="tradeTimes" path="tradeTimes" type="text"
class=".input-small" maxlength="30" /></td>
<td><form:input id="tradeTimesDesc" path="tradeTimesDesc"
type="text" class=".input-small" maxlength="30" value="交易笔数大于等于对应值"/></td>
<td align="center"><input type="checkbox"
onclick="setStatus(this,'tradeTimes')" checked="checked"
class=".input-small" maxlength="30" /></td>
</tr>
<tr>
<input type="hidden" name="operators" value="in">
<input type="hidden" name="paramName" value="customerType">
<td width="20px">8</td>
<td class="label_td"><font color="red">*</font> <spring:message
code="aml.label.dataanaylse.customerType" /></td>
<td><form:select path="customerType" name="paramValue"
id="customerType">
<form:option value=""></form:option>
<form:options items="${AML_RULE_CUSTOMER_TYPE_LIST}" /><%--edit by hlp 20170705 --%>
</form:select></td>
<td><form:input id="customerTypeDesc" path="customerTypeDesc"
type="text" class=".input-small" maxlength="30" value="客户类型"/></td>
<td align="center"><input type="checkbox" disabled="disabled"
onclick="setStatus(this,'customerType')" checked="checked"
class=".input-small" maxlength="30" /></td>
</tr>
<tr>
<input type="hidden" name="operators" value=">=">
<input type="hidden" name="paramName" value="tradeDays">
<td width="20px">9</td>
<td class="label_td">
<!-- <font color="red">*</font> --> <spring:message
code="aml.label.dataanaylse.tradeDays" />
</td>
<td><form:input id="tradeDays" path="tradeDays" type="text"
class=".input-small" maxlength="30" /></td>
<td><form:input id="tradeDaysDesc" path="tradeDaysDesc"
type="text" class=".input-small" maxlength="30" value="连续交易天数"/></td>
<td align="center"><input type="checkbox"
onclick="setStatus(this,'tradeDays')" checked="checked"
class=".input-small" maxlength="30" /></td>
</tr>
<tr>
<input type="hidden" name="operators" value="=">
<input type="hidden" name="paramName" value="repayFlag">
<td width="20px">11</td>
<td class="label_td">
<!-- <font color="red">*</font> --> <spring:message
code="aml.label.dataanaylse.repayFlag" />
</td>
<td><form:input id="repayFlag" path="repayFlag" type="text"
class=".input-small" maxlength="30" /></td>
<td><form:input id="repayFlagDesc" path="repayFlagDesc"
type="text" class=".input-small" maxlength="30" value="提前还款标志"/></td>
<td align="center"><input type="checkbox"
onclick="setStatus(this,'repayFlag')" checked="checked"
class=".input-small" maxlength="30" /></td>
</tr>
<tr>
<input type="hidden" name="operators" value="in">
<input type="hidden" name="paramName" value="paperType">
<td width="20px">12</td>
<td class="label_td"><!-- <font color="red">*</font> --> <spring:message
code="aml.label.dataanaylse.paperType" /></td>
<td><form:select id="paperType" name="paramValue"
path="paperType">
<form:option value=""></form:option>
<form:options items="${AML_PAPER_TYPE_LIST}" />
</form:select></td>
<td><form:input id="paperTypeDesc" path="paperTypeDesc"
type="text" class=".input-small" maxlength="30" value="客户证件类型"/></td>
<td align="center"><input type="checkbox"
onclick="setStatus(this,'paperType')" checked="checked"
class=".input-small" maxlength="30" /></td>
</tr>
<tr>
<input type="hidden" name="operators" value="=">
<input type="hidden" name="paramName" value="vocationType">
<td width="20px">13</td>
<td class="label_td"><!-- <font color="red">*</font> --> <spring:message
code="aml.label.dataanaylse.vocationType" /></td>
<td><form:input id="vocationType" path="vocationType" type="text"
class=".input-small" maxlength="30" /></td>
<td><form:input id="vocationTypeDesc" path="vocationTypeDesc"
type="text" class=".input-small" maxlength="30" value="职业/经营范围"/></td>
<td align="center"><input type="checkbox"
onclick="setStatus(this,'vocationType')" checked="checked"
class=".input-small" maxlength="30" /></td>
</tr>
<tr>
<input type="hidden" name="operators" value="like">
<input type="hidden" name="paramName" value="customerAddress">
<td width="20px">14</td>
<td class="label_td"><!-- <font color="red">*</font> --> <spring:message
code="aml.label.dataanaylse.customerAddress" /></td>
<td><form:input id="customerAddress" path="customerAddress" type="text"
class=".input-small" maxlength="30" /></td>
<td><form:input id="customerAddressDesc" path="customerAddressDesc"
type="text" class=".input-small" maxlength="30" value="客户住址"/></td>
<td align="center"><input type="checkbox"
onclick="setStatus(this,'customerAddress')" checked="checked"
class=".input-small" maxlength="30" /></td>
</tr>
<tr>
<input type="hidden" name="operators" value="=">
<input type="hidden" name="paramName" value="paperCode">
<td width="20px">15</td>
<td class="label_td"><!-- <font color="red">*</font> --> <spring:message
code="aml.label.dataanaylse.paperCode" /></td>
<td><form:input id="paperCode" path="paperCode" type="text"
class=".input-small" maxlength="30" /></td>
<td><form:input id="paperCodeDesc" path="paperCodeDesc"
type="text" class=".input-small" maxlength="30" value="客户证件号码"/></td>
<td align="center"><input type="checkbox" id="checkbox"
onclick="setStatus(this,'paperCode')" checked="checked"
class=".input-small" maxlength="30" /></td>
</tr>
<tr>
<input type="hidden" name="operators" value=">=">
<input type="hidden" name="paramName" value="registrationMoney">
<td width="20px">16</td>
<td class="label_td"><!-- <font color="red">*</font> --> <spring:message
code="aml.label.dataanaylse.registrationMoney" /></td>
<td><form:input id="registrationMoney" path="registrationMoney" type="text"
class=".input-small" maxlength="30" /></td>
<td><form:input id="registrationMoneyDesc" path="registrationMoneyDesc"
type="text" class=".input-small" maxlength="30" value="注册资金大于等于当前值"/></td>
<td align="center"><input type="checkbox"
onclick="setStatus(this,'registrationMoney')" checked="checked"
class=".input-small" maxlength="30" /></td>
</tr>
</tbody>
</table>
</form:form>
</div>
<div class="row">
<div class="navbar navbar-fixed-bottom text-right" id="footer"
style="margin-bottom: 0px; line-height: 30px; opacity: 0.9;">
<input id="confirmBtn" type="button" class="btn btn-primary"
onclick="add()" value="<spring:message code="button.lable.Submit"/>">
<input id="close" type="button" class="btn btn-primary"
onclick="javascript: window.close();"
value="<spring:message code="button.lable.close"/>">
<%-- <input
id="close" type="button" class="btn btn-primary" onclick="add()"
value="测试"> --%>
</div>
</div>
---恢复内容结束---