上傳文件 · JAVA

[TOC] # 配置單位支持MB和KB ~~~ # 支持的最大的文件 spring.servlet.multipart.max-file-size=100MB # 文件請求最大限制 spring.servlet.multipart.max-request-size=100MB ~~~ MultipartFile 是 Spring 上傳?文件的封裝類，包含了文件的二進制流和文件屬性等信息除過以上配置，常?用的配置信息如下: * spring.servlet.multipart.enabled=true，是否?支持 multipart 上傳?文件 * spring.servlet.multipart.file-size-threshold=0，支持文件寫?入磁盤 * spring.servlet.multipart.location=，上傳?文件的臨時?目錄 * spring.servlet.multipart.max-file-size=10Mb，最大支持?件大小 * spring.servlet.multipart.max-request-sizee=10Mb，最?大?支持請求?小 * spring.servlet.multipart.resolve-lazily=false，是否?支持 multipart 上傳?文件時懶加載 # 啟動類 ~~~ public class UserApplication { public static void main(String[] args) { ApplicationContext context = SpringApplication.run(UserApplication.class, args); } @Bean public TomcatServletWebServerFactory tomcatEmbedded() { TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory(); tomcat.addConnectorCustomizers( (TomcatConnectorCustomizer) connector -> { if ( (connector.getProtocolHandler() instanceof AbstractHttp11JsseProtocol<?>)) { //-1 means unlimited ((AbstractHttp11JsseProtocol<?>)connector.getProtocolHandler()).setMaxSwallowSize(-1); } } ); return tomcat; } } ~~~ TomcatServletWebServerFactory() ?方法主要是為了了解決上傳?文件?大于 10M 出現連接重置的問題，此異常內容 GlobalException 也捕獲不不到。 ![](https://img.kancloud.cn/63/b4/63b48b1525e53c10a5d2e98f02363d87_688x662.png) # 前端頁面 **上傳頁面** ~~~ <!DOCTYPE html> <html lang="zh-CN" xmlns:th="http://www.thymeleaf.org"> <head> <meta charset="UTF-8"> <title>Title</title> </head> <body> <h1>spring boot file upload example</h1> <form method="post" action="/upload" enctype="multipart/form-data"> <input type="file" name="file" /> <br /> <input type="submit" value="submit" /> </form> </body> </html> ~~~ **上傳狀態頁面** ~~~ <!DOCTYPE html> <html lang="zh-CN" xmlns:th="http://www.thymeleaf.org"> <head> <meta charset="UTF-8"> <title>Title</title> </head> <body> <h1>spring boot - upload status</h1> <div th:if="${message}"> <h2 th:text="${message}" /> </div> </body> </html> ~~~ # 上傳控制類 ~~~ private static final String UPLOADED_FOLDER = "/Users/jdxia/Desktop/MyFile/"; ~~~ ~~~ @GetMapping("/upload") public String uploadTest(Model model) { return "upload.html"; } @PostMapping("/upload") public String singleFileUpload(@RequestParam("file")MultipartFile file, RedirectAttributes redirectAttributes) { if (file.isEmpty()) { redirectAttributes.addFlashAttribute("message", "Please select a file"); return "uploadStatus.html"; } try { //Get the file and save it somewhere byte[] bytes = file.getBytes(); //UPLOADED_FOLDER 文件本地存儲地址 Path path = Paths.get(UPLOADED_FOLDER + file.getOriginalFilename()); Files.write(path, bytes); redirectAttributes.addFlashAttribute("message", "You successfully uploaded " + file.getOriginalFilename()); } catch (IOException e) { e.printStackTrace(); } return "uploadStatus.html"; } ~~~ 通過MultipartFile讀取文件信息,如果文件為空跳轉到結果頁并給出提示. 如果不為空讀取文件流并寫入到指定目錄,最后將結果展示到頁面. ~~~ @ControllerAdvice public class GlobalExceptionHandler { @ExceptionHandler(MultipartException.class) public String handleError1(MultipartException e, RedirectAttributes redirectAttributes) { redirectAttributes.addFlashAttribute("message", e.getCause().getMessage()); } } ~~~ 設置一個 @ControllerAdvice 用來監控 Multipart 上傳的文件大小是否受限，當出現此異常時在前端頁面給出提示 # 上傳多個文件 ## 前端 ~~~ <!DOCTYPE html> <html lang="zh-CN" xmlns:th="http://www.thymeleaf.org"> <head> <meta charset="UTF-8"> <title>Title</title> </head> <body> <h1>spring boot files upload example</h1> <form method="post" action="/uploadMore" enctype="multipart/form-data"> 文件1: <input type="file" name="file" /> <br /> 文件2: <input type="file" name="file" /> <br /> 文件3: <input type="file" name="file" /> <br /> <input type="submit" value="submit" /> </form> </body> </html> ~~~ ## 后端 ~~~ private static final String UPLOADED_FOLDER = "/Users/jdxia/Desktop/MyFile/"; ~~~ ~~~ @GetMapping("/more") public String uploadMore() { return "uploadMore"; } @PostMapping("/uploadMore") public String moreFileUpload(@RequestParam("file")MultipartFile[] files, RedirectAttributes redirectAttributes) { if(files.length == 0) { redirectAttributes.addFlashAttribute("message", "Please select a file to upload"); return "uploadStatus"; } for (MultipartFile file:files) { try { byte[] bytes = file.getBytes(); Path path = Paths.get(UPLOADED_FOLDER + file.getOriginalFilename()); Files.write(path, bytes); } catch (IOException e) { e.printStackTrace(); } } redirectAttributes.addFlashAttribute("message", "You successfully uploaded all"); return "uploadStatus"; } ~~~ 同時是先判斷數組是否是空. 然后循環遍歷將內容寫入到指定目錄下 # 文件后綴 ~~~ // 文件名 String fileName = file.getOriginalFilename(); System.out.println("文件名： " + fileName); // 文件后綴 String suffixName = fileName.substring(fileName.lastIndexOf(".")); System.out.println("文件后綴名： " + suffixName); ~~~ ~~~ //文件類型 public static String IMG_TYPE_PNG = "PNG"; public static String IMG_TYPE_JPG = "JPG"; public static String IMG_TYPE_JPEG = "JPEG"; public static String IMG_TYPE_DMG = "BMP"; public static String IMG_TYPE_GIF = "GIF"; public static String IMG_TYPE_SVG = "SVG"; ~~~ ~~~ @PostMapping("/uploadFlatMap") public Result<String> uploadFlatMap( @RequestPart(value = "file",required = true) MultipartFile file){ if(StringUtils.isEmpty(file.getName())){ return sendFailedMsg(EnumUtil.BUS_ENUM.FILE_NOTFONUD_ERROR.KEY,file.getOriginalFilename()); } log.info("正在做上傳操作，上傳文件為：{}",file.getOriginalFilename()); String suffix = file.getOriginalFilename().substring(file.getOriginalFilename().lastIndexOf(".") + 1); if(!(Consts.IMG_TYPE_DMG.equals(suffix.toUpperCase()) || Consts.IMG_TYPE_GIF.equals(suffix.toUpperCase()) || Consts.IMG_TYPE_JPEG.equals(suffix.toUpperCase()) || Consts.IMG_TYPE_JPG.equals(suffix.toUpperCase()) || Consts.IMG_TYPE_PNG.equals(suffix.toUpperCase()) || Consts.IMG_TYPE_SVG.equals(suffix.toUpperCase()))) { return sendFailedMsg(EnumUtil.BUS_ENUM.FILE_TYPE_ERROR.KEY,file.getOriginalFilename()); } ~~~ # 文件頭判斷類型 | 文件類型 | 文件頭 | | --- | --- | | JPEG (jpg)， | 文件頭：FFD8FF | | PNG (png)， | 文件頭：89504E47 | | GIF (gif)， | 文件頭：47494638 | | TIFF (tif)， | 文件頭：49492A00? | | Windows Bitmap (bmp)， | 文件頭：424D | | CAD (dwg)， | 文件頭：41433130 | | Adobe Photoshop (psd)， | 文件頭：38425053 | | Rich Text Format (rtf)， | 文件頭：7B5C727466 | | XML (xml)， | 文件頭：3C3F786D6C | HTML (html)， | 文件頭：68746D6C3E | Email \[thorough only\] (eml)， | 文件頭：44656C69766572792D646174653A | | Outlook Express (dbx)， | 文件頭：CFAD12FEC5FD746F? | | Outlook (pst)， | 文件頭：2142444E? | | MS Word/Excel (xls.or.doc)， | 文件頭：D0CF11E0 | | MS Access (mdb)， | 文件頭：5374616E64617264204A | | WordPerfect (wpd)， | 文件頭：FF575043 | | Postscript. (eps.or.ps)， | 文件頭：252150532D41646F6265 | | Adobe Acrobat (pdf)， | 文件頭：255044462D312E | | Quicken (qdf)， | 文件頭：AC9EBD8F? | | Windows Password (pwl)， | 文件頭：E3828596? | | ZIP Archive (zip)， | 文件頭：504B0304? | | RAR Archive (rar)， | 文件頭：52617221? | | Wave (wav)， | 文件頭：57415645? | | AVI (avi)， | 文件頭：41564920? | | Real Audio (ram)， | 文件頭：2E7261FD? | | Real Media (rm)， | 文件頭：2E524D46? | | MPEG (mpg)， | 文件頭：000001BA? | | MPEG (mpg)， | 文件頭：000001B3 | | Quicktime (mov)， | 文件頭：6D6F6F76? | | Windows Media (asf)， | 文件頭：3026B2758E66CF11? | | MIDI (mid)， | 文件頭：4D546864 | ## 配置文件 checkFileHeader.properties 在src/main/resources中增加配置文件checkFileHeader.properties，文件內容： ~~~ JPEG=FFD8FF PNG=89504E47 GIF=47494638 TXT=75736167 PDF=255044462D312E DOC=D0CF11E0 XML=3C3F786D6C DOCX=504B0304 APK=504B030414000808 IPA=504B03040A000000 ~~~ ##讀取properties文件類讀取checkFileHeader.properties文件內容，用于攔截器判斷 ~~~ /** * 讀取文件流頭信息 */ public class FileHeaderHelper { private static FileHeaderHelper me ; private static List<String> headerList ; private FileHeaderHelper(){} public static FileHeaderHelper getInstance(){ if(me == null){ me = new FileHeaderHelper() ; } return me ; } public List<String> getHeaderList(){ if(headerList == null){ headerList = new ArrayList<String>() ; PathMatchingResourcePatternResolver resolver = new PathMatchingResourcePatternResolver(); String classpathResource = ResourcePatternResolver.CLASSPATH_ALL_URL_PREFIX + "/fileheader.properties"; Properties p = new Properties(); try { Resource[] res = resolver.getResources(classpathResource) ; for (Resource re : res) { p.load(re.getInputStream()); break ; } } catch (IOException e) { e.printStackTrace(); } for (Map.Entry<Object, Object> item : p.entrySet()) { headerList.add(item.getValue().toString()) ; } } return headerList ; } } ~~~ ## 編寫攔截器攔截去中，獲取文件流，讀取文件流前8個字節，根據需要可以讀取更多字節判讀，8個字節轉成16進制為16個字符串，我這里最長的APK/IPA文件也就16個字節，所以讀取8個字節，讀取字節后判斷是否checkFileHeader.properties文件中字符串 ~~~ public class FileHeaderCheckInterceptor implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { // 判斷是否為文件上傳請求 if (request != null && request instanceof MultipartHttpServletRequest) { MultipartHttpServletRequest multipartRequest = (MultipartHttpServletRequest) request; Map<String, MultipartFile> files = multipartRequest.getFileMap(); Iterator<String> iterator = files.keySet().iterator(); while (iterator.hasNext()) { String formKey = (String) iterator.next(); MultipartFile multipartFile = multipartRequest.getFile(formKey); //String filename = multipartFile.getOriginalFilename(); byte[] file = multipartFile.getBytes() ; ////獲取字節流前8字節，差不多夠了，不行再加 int HEADER_LENGTH = 8 ; if(file.length>HEADER_LENGTH){ //轉成16進制 StringBuilder sb = new StringBuilder(); for(int i=0;i<HEADER_LENGTH;i++){ int v = file[i] & 0xFF; String hv = Integer.toHexString(v); if (hv.length() < 2) { sb.append(0); } sb.append(hv); } boolean isFound = false ; String fileHead = sb.toString().toUpperCase() ; List<String> headerList = FileHeaderHelper.getInstance().getHeaderList() ; for(String header : headerList){ if(fileHead.startsWith(header)){ isFound = true ; break ; } } if(!isFound){ // throw new BaseRunException("上傳文件有異常，已被系統禁止！") ; System.out.println("----------上傳文件有異常，已被系統禁止！頭部信息："+fileHead); response.setCharacterEncoding("UTF-8"); response.setContentType("application/json;charset=utf-8"); PrintWriter printWriter = response.getWriter(); printWriter.write("上傳文件有異常，已被系統禁止！"); return false; } } } } return true; } @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { // TODO Auto-generated method stub } @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { // TODO Auto-generated method stub } } ~~~ ## 配置攔截文件攔截器寫完了，配置下讓它生效，在Configuration中配置攔截器，攔截文件流進行判斷 ~~~ @Configuration public class MyfWebAppConfiguration extends WebMvcConfigurerAdapter { //攔截器，攔截文件流 public void addInterceptors(InterceptorRegistry registry) { registry.addInterceptor(new FileHeaderCheckInterceptor()) .addPathPatterns("/**"); } // //注冊過濾 // @Bean // public FilterRegistrationBean myFilterRegistration() { // // FilterRegistrationBean registration = new FilterRegistrationBean(); // registration.setFilter(new LoginFilter()); // registration.addUrlPatterns("/serviceInvoke"); // //registration.addInitParameter("paramName", "paramValue"); // registration.setName("loginFilter"); // registration.setOrder(1); // return registration; // } // // // //注冊servlet // @Bean // public ServletRegistrationBean myServletRegistration() { // ServletRegistrationBean registration = new ServletRegistrationBean(new DownloadServlet()); // registration.addUrlMappings("/download"); // return registration; // } } ~~~