zoukankan      html  css  js  c++  java
  • Tomcat9报错 The valid characters are defined in RFC 7230 and RFC 3986

    tomcat8项目移到tomcat9,出现如下问题

    HTTP Status 400 – Bad Request


    Type Exception Report

    Message Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986

    Description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).

    Exception

    java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986
    	org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:467)
    	org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:294)
    	org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
    	org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:791)
    	org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1417)
    	org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
    	java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    	java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    	org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    	java.lang.Thread.run(Thread.java:748)

    url实际请求地址:/systemSet/userR7Role/roleManageShow?jiaosId=52&f_jsmc=ITSS问题审核

    经过抓包,url请求地址如下

    ie如下:

    /systemSet/userR7Role/roleManageShow?jiaosId=50&f_jsmc=ITSS351227256351242230347224263350257267

    chrome如下:

    /systemSet/userR7Role/roleManageShow?jiaosId=52&f_jsmc=ITSS%E9%97%AE%E9%A2%98%E5%AE%A1%E6%A0%B8

    只要用js对url进行编码即可,解决方法

    /systemSet/userR7Role/roleManageShow?jiaosId=52&f_jsmc=encodeURIComponent('ITSS问题审核')

    后来在网上查资料,说tomcat8.0.53以后,对url的检查就比较严格了。根据笔者工作来说,一部分原因可能是为了防止同url方式跨站(CRSF)、XSS以及sql注入。

  • 相关阅读:
    题解 CF934A 【A Compatible Pair】 ——贪心
    洛谷 P3381 【【模板】最小费用最大流】
    洛谷 P3376 【【模板】网络最大流】
    洛谷 P1027 【Car的旅行路线】
    TYVJ P1039 【忠诚2】
    洛谷 P1273 【有线电视网】
    斯特林数相关
    从 简单容斥 到 min-max 容斥 与 二项式反演
    POI2011 Lightning Conductor
    LOJ6089 小 Y 的背包计数问题
  • 原文地址:https://www.cnblogs.com/passedbylove/p/10106567.html
Copyright © 2011-2022 走看看