[Bug修复](master): 修复filter里面发现的异常不能成功捕获的问题

如题
1 year ago · 716878f6a5
parent 927a58249b
commit 716878f6a5
4 changed files with 67 additions and 2 deletions
--- a/src/main/java/com/baiyee/adcallback/api/filter/ExceptionController.java
+++ b/src/main/java/com/baiyee/adcallback/api/filter/ExceptionController.java
@ -0,0 +1,25 @@
+package com.baiyee.adcallback.api.filter;
+
+import com.baiyee.adcallback.api.handler.RequestIllegalArgumentException;
+import org.omg.CORBA.UserException;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import javax.servlet.http.HttpServletRequest;
+
+@RestController
+public class ExceptionController {
+
+    @RequestMapping(CommonConstant.ERROR_CONTROLLER_PATH)
+    public void handleException(HttpServletRequest request){
+        throw new RequestIllegalArgumentException((String) request.getAttribute("filterError"));
+    }
+
+    public class CommonConstant {
+
+        /**
+         * 异常处理 controller request url
+         */
+        public static final String ERROR_CONTROLLER_PATH = "/error/throw";
+    }
+}
--- a/src/main/java/com/baiyee/adcallback/api/filter/SqlFilter.java
+++ b/src/main/java/com/baiyee/adcallback/api/filter/SqlFilter.java
@ -1,6 +1,7 @@
 package com.baiyee.adcallback.api.filter;

 import cn.hutool.core.util.StrUtil;
+import com.baiyee.adcallback.api.handler.RequestIllegalArgumentException;
 import org.springframework.context.annotation.Configuration;
 import javax.servlet.*;
 import javax.servlet.annotation.WebFilter;
@ -32,8 +33,11 @@ public class SqlFilter implements Filter{
            }
        }
        if (sqlValidate(sql)) {
-            //TODO 这里直接抛异常处理，前后端交互项目中，请把错误信息按前后端"数据返回的VO"对象进行封装
-            throw new IOException("您发送请求中的参数中含有非法字符");
+            // 传递异常信息
+            servletRequest.setAttribute("filterError", "您发送请求中的参数中含有非法字符");
+            // 指定处理该请求的处理器
+            servletRequest.getRequestDispatcher(ExceptionController.CommonConstant.ERROR_CONTROLLER_PATH).forward(servletRequest, servletResponse);
+//            throw new RequestIllegalArgumentException("您发送请求中的参数中含有非法字符");
        } else {
            filterChain.doFilter(servletRequest, servletResponse);
        }
--- a/src/main/java/com/baiyee/adcallback/api/handler/GlobalExceptionHandler.java
+++ b/src/main/java/com/baiyee/adcallback/api/handler/GlobalExceptionHandler.java
@ -0,0 +1,25 @@
+package com.baiyee.adcallback.api.handler;
+
+import com.baiyee.adcallback.api.common.CommonResponse;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.bind.annotation.ResponseBody;
+
+@Slf4j
+@ControllerAdvice
+public class GlobalExceptionHandler {
+
+
+    /**
+     * 检查出有 SQL 注入风险的异常
+     * @param requestIllegalArgumentException SQL 注入异常
+     * @return 返回异常给前端
+     */
+    @ResponseBody
+    @ExceptionHandler(RequestIllegalArgumentException.class)  //该类为自定义异常类
+    public CommonResponse checkSQLInjectionException(RequestIllegalArgumentException requestIllegalArgumentException){
+        log.error("发生异常：{}",requestIllegalArgumentException.getMessage());
+        return CommonResponse.createByErrorMessage(requestIllegalArgumentException.getMessage());
+    }
+}
--- a/src/main/java/com/baiyee/adcallback/api/handler/RequestIllegalArgumentException.java
+++ b/src/main/java/com/baiyee/adcallback/api/handler/RequestIllegalArgumentException.java
@ -0,0 +1,11 @@
+package com.baiyee.adcallback.api.handler;
+
+/**
+ * 检查请求中是否存在不合法 SQL注入 参数的异常
+ */
+public class RequestIllegalArgumentException extends RuntimeException{
+
+    public RequestIllegalArgumentException(String message){
+        super(message);
+    }
+}