zoukankan      html  css  js  c++  java
  • Tomcat9报错 The valid characters are defined in RFC 7230 and RFC 3986

    tomcat8项目移到tomcat9,出现如下问题

    HTTP Status 400 – Bad Request


    Type Exception Report

    Message Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986

    Description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).

    Exception

    java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986
    	org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:467)
    	org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:294)
    	org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
    	org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:791)
    	org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1417)
    	org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
    	java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    	java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    	org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    	java.lang.Thread.run(Thread.java:748)

    url实际请求地址:/systemSet/userR7Role/roleManageShow?jiaosId=52&f_jsmc=ITSS问题审核

    经过抓包,url请求地址如下

    ie如下:

    /systemSet/userR7Role/roleManageShow?jiaosId=50&f_jsmc=ITSS351227256351242230347224263350257267

    chrome如下:

    /systemSet/userR7Role/roleManageShow?jiaosId=52&f_jsmc=ITSS%E9%97%AE%E9%A2%98%E5%AE%A1%E6%A0%B8

    只要用js对url进行编码即可,解决方法

    /systemSet/userR7Role/roleManageShow?jiaosId=52&f_jsmc=encodeURIComponent('ITSS问题审核')

    后来在网上查资料,说tomcat8.0.53以后,对url的检查就比较严格了。根据笔者工作来说,一部分原因可能是为了防止同url方式跨站(CRSF)、XSS以及sql注入。

  • 相关阅读:
    nginx 安装ab小工具方法
    ab小工具的Failed requests多的问题
    linux webbench测试高并发方法
    html5 video获取实时播放进度的方法
    html5 video获取实时播放进度的方法
    下载网站上的视频的方法
    带宽的深入理解
    redis 清除minerd进程的方法
    php 500报错解决方案
    GIT和SVN之间的五个基本区别
  • 原文地址:https://www.cnblogs.com/passedbylove/p/10106567.html
Copyright © 2011-2022 走看看