gpt4 book ai didi

java - 将 HttpServletResponse 和 HttpServletRequest 存储为 HttpServlet 的两个字段

转载 作者:塔克拉玛干 更新时间:2023-11-01 22:16:57 24 4
gpt4 key购买 nike

HttpServletRequestHttpServletResponse 临时存储为 HttpServlet 的两个字段(见下文)是否是一种好的做法/安全的做法?如果不是,为什么?

import java.io.IOException;    
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class Test extends HttpServlet
{
private HttpServletRequest req;
private HttpServletResponse resp;
@Override
protected void doPost(
HttpServletRequest req,
HttpServletResponse resp
)
throws ServletException, IOException
{
try
{
this.req=req;
this.resp=resp;
do1();
do2();
}
finally
{
this.req=null;
this.resp=null;
}
}

private void do1() throws ServletException, IOException
{
//use req resp
}
private void do2() throws ServletException, IOException
{
//use req resp
}
}

或者我应该调用类似的东西:

do1(req,resp);
do2(req,resp);

最佳答案

Is it a good practice/safe to temporarily store the HttpServletRequest and the HttpServletResponse as two fields of a HttpServlet (see below) ?

不!

If not, why ?

因为 servlets 必须是线程安全的。多个线程将同时通过该 servlet 对象。如果您将请求/响应存储在字段中,您的线程安全性就会消失。

不要试图采取这种捷径来避免参数传递的视觉不愉快。

如果您真的必须避免使用参数,则将请求/响应存储在 java.lang.ThreadLocal 字段中。这仍然是不好的做法,但至少现在它是线程安全的。

关于java - 将 HttpServletResponse 和 HttpServletRequest 存储为 HttpServlet 的两个字段,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/5309118/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com