DevGex Search

This article explains how to modify request parameters using Servlet filters and HttpServletRequestWrapper without altering the source code, to defend against XSS attacks. It covers core concepts, implementation, and best practices.

This article provides an in-depth exploration of the limitations in Servlet filter URL pattern configuration and analyzes how to implement conditional filter execution through programming approaches when the standard Servlet API does not support direct exclusion of specific paths. The article presents three practical solutions: adding path checking logic in the doFilter method, using initialization parameters for dynamic configuration of excluded paths, and integrating third-party filters through filter chains and request dispatching. Each solution is accompanied by complete code examples and configuration instructions to help developers flexibly address various application scenario requirements.

This article provides an in-depth exploration of various technical solutions for passing variables from Servlet to JSP, focusing on the core differences between request forwarding and redirection. It详细介绍介绍了使用HttpServletRequest、Session和ServletContext进行属性传递的方法，并通过具体代码示例展示了如何传递对象、列表和映射等复杂数据结构。文章还讨论了常见问题排查和最佳实践选择。

This article details how to use Servlet Filters in Java EE to rewrite incoming URLs from path-based to query parameter format. It covers step-by-step implementation, code examples, configuration in web.xml, and best practices to avoid issues like infinite loops. Insights from reference materials on using filters for state preservation are included, applicable to various web development scenarios.

This article provides an in-depth exploration of configuring default error pages through the web.xml file under the Servlet 2.5 specification. It analyzes the structure and usage scenarios of the <error-page> element, compares differences in error page configuration between Servlet 2.5 and Servlet 3.0, and offers complete configuration examples and best practice recommendations. Through detailed code demonstrations and scenario analysis, it helps developers understand how to specify custom error pages for different HTTP error status codes and handle default error displays when no specific error code matches.

This article provides an in-depth exploration of methods for obtaining complete URLs from HTTP and HTTPS requests in Java Servlets. By analyzing core methods of the HttpServletRequest API, it explains the usage scenarios and limitations of key functions such as getRequestURI(), getQueryString(), and getScheme(). The article offers complete code implementation solutions, including handling default port optimization and special considerations in proxy environments, helping developers build robust URL processing logic.

This article provides an in-depth exploration of three core methods for loading configuration resource files in Servlet-based web applications: classpath loading, web content loading, and local filesystem loading. Through detailed analysis of implementation principles, applicable scenarios, and trade-offs, combined with comprehensive code examples, it offers developers complete configuration management solutions. The article particularly emphasizes the security and flexibility of classpath loading, and how to select the most appropriate configuration strategy based on maintenance requirements in real-world projects.

This article provides an in-depth exploration of correctly obtaining HTTP request URLs within Java Servlet filters. By analyzing common error patterns, it详细 explains the usage of getRequestURL() and getQueryString() methods from the HttpServletRequest interface, offering complete code examples and best practice recommendations. The discussion extends to URL reconstruction, type safety checks, exception handling, and other critical technical aspects to help developers avoid common pitfalls and write robust filter code.

This article provides an in-depth exploration of methods for handling POST request payload data in Java Servlet, focusing on the usage scenarios and limitations of the core APIs getReader() and getInputStream(). Through practical code examples, it demonstrates how to correctly read request body content and analyzes considerations when processing request payloads in Filters, including one-time read limitations and solutions. The article also compares the advantages and disadvantages of different implementation approaches, offering comprehensive technical reference for developers.

This article explores best practices for saving uploaded files in Servlet applications. Based on answer content, it introduces reasons to avoid storing files in server deployment directories, provides multiple methods for defining storage paths, and details code examples using Part.getInputStream() and Files.copy() for secure file handling. It also covers generating unique filenames and handling binary files, with a brief comparison between file system storage and database/JCR approaches. The content is reorganized for logical flow, offering in-depth analysis and standardized code, suitable for practical development in Tomcat and Servlet 3.0 environments.

This article provides an in-depth exploration of cross-site scripting attack prevention in JSP/Servlet web applications. It begins by explaining the fundamental principles and risks of XSS attacks, then details best practices using JSTL's <c:out> tag and fn:escapeXml() function for HTML escaping. The article compares escaping strategies during request processing versus response processing, analyzing their respective advantages, disadvantages, and appropriate use cases. It further discusses input sanitization through whitelisting and HTML parsers when allowing specific HTML tags, briefly covers SQL injection prevention measures, and explores the alternative of migrating to the JSF framework with its built-in security mechanisms.

This paper comprehensively explores three core methods for implementing JSP page navigation through button clicks in Java web applications. It first analyzes the simplified approach of using links instead of buttons, then introduces client-side solutions via JavaScript dynamic form action modification, and finally elaborates on server-side processing mechanisms based on Servlet. The article compares the advantages and disadvantages of different methods with code examples and provides best practice recommendations for practical applications.

This article provides an in-depth exploration of various methods to access JSF managed beans by name in Servlet-related classes such as @WebServlet, @WebFilter, and @WebListener. It analyzes strategies for accessing beans with different scopes (request, session, application), compares traditional @ManagedBean with CDI @Named, and introduces expression evaluation techniques when FacesContext is available. The guide offers a complete solution set for developers, also discussing the distinction between HTML tags like <br> and character \n to ensure code accuracy and readability.

This article provides a comprehensive exploration of the technical process for transferring HTML form data from JSP pages to Servlets via HTTP requests and ultimately storing it in a database. It begins by introducing the basic structure of forms and Servlet configuration methods, including the use of @WebServlet annotations and proper setting of the form's action attribute. The article then delves into techniques for retrieving various types of form data in Servlets using request.getParameter() and request.getParameterValues(), covering input controls such as text boxes, password fields, radio buttons, checkboxes, and dropdown lists. Finally, it demonstrates how to validate the retrieved data and persist it to a database using JDBC or DAO patterns, offering practical code examples and best practices to help developers build robust web applications.

This paper thoroughly examines the core differences and relational mechanisms between applicationContext.xml and spring-servlet.xml configuration files in the Spring Framework. By analyzing the parent-child context hierarchy, it explains the scopes and dependencies of the root web application context and Servlet-specific contexts. The article details configuration strategies for single and multiple Servlet scenarios, with practical code examples illustrating how DispatcherServlet accesses shared bean resources. Finally, through comparison of various application scenarios, it summarizes best practices and performance considerations for configuration choices.

This article explains the common HTTP 405 error in Java Servlets when using the POST method, focusing on the issue caused by unimplemented doGet() method calls, and provides step-by-step solutions with code examples. Content includes problem description, root cause analysis, HttpServlet default behavior, code correction, and supplementary configuration.

This technical paper provides an in-depth analysis of proper session attribute management in Java Web development. By comparing implementation differences between JSP scriptlets and Servlets, it thoroughly explains HttpSession acquisition mechanisms, distinctions between session and request scopes, and attribute lifecycle management. The article includes complete code examples and best practice guidelines to help developers avoid common 'session cannot be resolved' errors.

This article provides an in-depth exploration of common type resolution errors encountered when creating Servlets in the Eclipse development environment, including issues with ServletException, HttpServletResponse, and HttpServletRequest. Based on the best answer, it systematically analyzes the root causes, details solutions for classpath configuration and import statements, and supplements with other effective methods. Through step-by-step guidance on adding Servlet libraries, configuring build paths, and setting target runtimes, this paper offers a comprehensive troubleshooting guide to help developers quickly resolve compilation errors and ensure smooth operation of Servlet projects.

This article provides a comprehensive examination of the differences and application scenarios between doGet and doPost methods in Java Servlets. It analyzes the characteristic differences between HTTP GET and POST requests, explains the impact of form data encoding types on parameter retrieval, and demonstrates user authentication and response generation through complete code examples. The discussion also covers key technical aspects including thread safety, data encoding, redirection, and forwarding.

This technical article provides an in-depth analysis of cookie removal mechanisms in Java Servlets, focusing on the proper usage of setMaxAge method. Through comparative analysis of setMaxAge(-1) and setMaxAge(0), it explains the distinction between session cookies and persistent cookies. The article includes complete code examples and best practice recommendations to help developers correctly implement cookie deletion functionality.