창고

생성자 메소드를 만들 때, null 체크를 해주면 좋을 꺼 같다.

Visualization Utility.

소스코드를 이쁘게 :
너무 유명한 Doxygen
http://www.stack.nl/~dimitri/doxygen/index.html
출력 결과물을 이쁘게 :
Bell's 오픈소스
http://www.graphviz.org/
다양한 포맷으로 :
graphviz 력셔리 친구
http://www.aisee.com/
이쁘게 출력된 결과물을 표준 포맷(벡터)으로 :
graphviz와 먼 친척벌
http://www.w3.org/Graphics/SVG/
MSDN이 탐난다면 :
MSDN류 코드 문서화
http://www.doxys.dk/doxys_homepage/index.html

MSDN류 도큐먼트 문서화
http://ndoc.sourceforge.net/

주석해제

LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so

ProxyPass /ssologin/ http://home.pusan.ac.kr/ssologin/
ProxyPassReverse /ssologin/ http://home.pusan.ac.kr/ssologin/

Collection API

Vector 대신 ArrayList,
Hashtable 대신 HashMap,
Enumeration 대신 Iterator

 

Jboss - Web.xml파일 수정 
<filter>

        <filter-name>XSSDetectFilter</filter-name>

        <filter-class>netegrity.siteminder.imws.common.XSSDetectFilter</filter-class>

        <init-param>

            <param-name>BadChars</param-name>

            <param-value>',",%,*</param-value>

        </init-param>

        <init-param>

            <param-name>RedirectUrl</param-name>

            <param-value>/LGTIM/include/cssError.html</param-value>

        </init-param>
    <!--한글 처리문제로 추가 -->

    <init-param>
            <param-name>Encoding</param-name>
            <param-value>utf-8</param-value>
        </init-param>    </filter>

 

    <filter-mapping>

        <filter-name>XSSDetectFilter</filter-name>

        <url-pattern>/*</url-pattern>

    </filter-mapping>



서블릿 파일

package netegrity.siteminder.imws.common;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import java.util.Enumeration;

public class XSSDetectFilter implements Filter {

    protected FilterConfig filterConfig = null;

    private String[] badChars = null;
    private String redirectUrl = null;
    //private String[] ignoreExts = null;

    public void destroy() {
        this.filterConfig = null;

    }

    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {

        boolean isBad = false;
        boolean isIgnore = false;

        HttpServletRequest req = (HttpServletRequest)request;
        HttpServletResponse res = (HttpServletResponse)response;

        String uri = req.getRequestURI();
        String ext = uri.substring(uri.length()-3, uri.length());

        if(!ext.equals("jsp")){
            isIgnore = true;
        }

        if(!isIgnore){
            Enumeration enum = request.getParameterNames();
            while (enum.hasMoreElements()) {
                String value = request.getParameter((String)enum.nextElement());
                for(int i=0; i<badChars.length; i++){
                    if(value.indexOf(badChars[i])>=0){
                        isBad = true;
                        break;
                    }
                }
                if(isBad){
                    break;
                }
            }
            if(isBad){
                res.sendRedirect(redirectUrl);
            }else{
                chain.doFilter(request, response);
            }
        }else{
           chain.doFilter(request, response);
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        this.filterConfig = filterConfig;
        badChars = (filterConfig.getInitParameter("BadChars")+"<,>").split(",");
        redirectUrl = filterConfig.getInitParameter("RedirectUrl");
        //ignoreExts = filterConfig.getInitParameter("IgnoreExts").split(",");
    }
}