论文部分内容阅读
本文分析了JavaWeb应用中可能存在的安全隐患,给出了JavaWeb应用中系统资源的保护措施,并提出在浏览器与服务器交互的过程中,根据客户端向服务器请求的方法、表单控件所提交数据的表示形式,利用J2SE中java.util.regex类库,通过正则表达式对提交的数据过滤、分析。根据对用户请求方法和提交数据的表示形式的预计进行安全评估,依据评估的结果再进行相应的处理,从而提高JavaWeb应用的安全性。
This paper analyzes the potential security risks in JavaWeb applications and gives the protection of system resources in JavaWeb applications. In the process of interaction between browser and server, according to the method that the client requests to the server, the data submitted by the form control The representation of the use of J2SE java.util.regex class library, through the regular expression of the data submitted to the filter, analysis. According to the user request method and submitted data representation of the expected safety assessment, based on the results of the assessment and then deal with accordingly, thereby enhancing the security of JavaWeb applications.