1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 | private boolean authenticateUser(HttpServletRequest req) { // session.invalidate() should have been called prior to this // to invalidate an existing session HttpSession session = req.getSession(false); if (null != session) { // existing session assumed valid return true; } if (authenticateRequest(req) == true) { // create a new session req.getSession(); return true; } return false; } |
1 | <img src="//mybank/transfer?amount=10000&fromaccount=44332&toaccount=55443"> |
欢迎光临 电子技术论坛_中国专业的电子工程师学习交流社区-中电网技术论坛 (http://bbs.eccn.com/) | Powered by Discuz! 7.0.0 |