Detailed explanation of anti-hotlinking and solutions in Java

This article mainly introduces the detailed explanation and solutions of Java anti-hotlinking. Here it introduces the concept, causes and referer in Http of anti-hotlinking. Finally, it introduces the solution. Friends who need it can refer to it

Detailed explanation and solution of java anti-hotlinking

1. The concept of anti-hotlinking

The content is not on your own server, through technical means Place the content of other websites (such as some music, pictures, software download addresses) in your own website, and steal the space and traffic of other websites through this method.

2. The generation of anti-hotlinking

Generally, when making an http request, a complete page is not transmitted to the client all at once. If the request is for a page with many pictures and other information, then the first HTTP request is sent back the text of this page, and then the client's browser interprets and executes this text, and finds that there are picture, then the client's browser will send another Http request, so that a complete page may need to send multiple Http requests before it can be fully displayed. Based on such a mechanism, a problem will arise, that is, the problem of hotlinking: if a website does not have the information mentioned on the page, such as picture information, then it can completely connect the picture to other websites. In this way, while increasing your own visits, it also increases the load on other people's servers.

3. Referer in Http

HTTP Referer is part of the header. When the browser sends a request to the web server, it usually brings the Referer. , tell the server which page I am linked from, so that the server can get some information for processing.

4. Java solves the problem of hotlink prevention

We can set up a filter to intercept all requests and extract the referer in http when external requests come in. Then make a judgment. If it is the source of this website, then allow access, otherwise deny it.

public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) 
      throws IOException, ServletException { 
      HttpServletRequest req = (HttpServletRequest) request; 
      HttpServletResponse resp = (HttpServletResponse) response; 
      String referer = req.getHeader("referer"); 
      if(null != referer && referer.trim().startsWith("http://localhost:8080/dstn")){ 
         System.out.println("正常页面请求"); 
         chain.doFilter(req, resp); 
      }else{ 
         System.out.println("盗链"); 
         req.getRequestDispatcher("/html/error.html").forward(req, resp); 
      } 
 }

The above is the detailed content of Detailed explanation of anti-hotlinking and solutions in Java. For more information, please follow other related articles on the PHP Chinese website!