servlet injection analysis

Posted sclerx

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了servlet injection analysis相关的知识,希望对你有一定的参考价值。

@WebServlet("/cdiservlet")      ||url映射
public class NewServlet extends HttpServlet {
    private Message message;

    @Override             ||重写doGet方法
    public void init() {
        message = new MessageB();    ||对message初始化
    }

    @Override
    public void doGet(HttpServletRequest request, HttpServletResponse response)
                  throws IOException {              ||抛出可能出现IO异常
        response.getWriter().write(message.get());   ||捕获可能发生的异常
    }
}

public interface Message {         ||servlet实现Message接口的一个对象实例
    public String get();
}
public class MessageB implements Message {          ||servlet创建以下对象的实例
    public MessageB() { }

    @Override
    public String get() {
        return "message B";
    }
}
@WebServlet("/cdiservlet")              ||使用CDI,servlet声明它对Message实例的依赖性,并让它由CDI运行时自动注入
public class NewServlet extends HttpServlet {
    @Inject private Message message;

    @Override
    public void doGet(HttpServletRequest request, HttpServletResponse response)
                  throws IOException {       ||抛出可能出现IO异常
          response.getWriter().write(message.get());  ||捕获可能发生的异常
}
}
 

以上是关于servlet injection analysis的主要内容,如果未能解决你的问题,请参考以下文章

JBoss RichFaces EL Injection RCE Analysis(CVE-2018-14667)

Analysis of container and Injection in Java, their history and future.

剖析servlet injection及源码分析.

Analysis servlet

Servlet CDI example analysis

Servlet CDI Example Analysis