zoukankan      html  css  js  c++  java

  • Tomcat9报错 The valid characters are defined in RFC 7230 and RFC 3986

    tomcat8项目移到tomcat9,出现如下问题

    HTTP Status 400 – Bad Request

    Type Exception Report

    Message Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986

    Description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).

    Exception

    java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986
	org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:467)
	org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:294)
	org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
	org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:791)
	org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1417)
	org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
	java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	java.lang.Thread.run(Thread.java:748)

    url实际请求地址:/systemSet/userR7Role/roleManageShow?jiaosId=52&f_jsmc=ITSS问题审核

    经过抓包,url请求地址如下

    ie如下:

    /systemSet/userR7Role/roleManageShow?jiaosId=50&f_jsmc=ITSS351227256351242230347224263350257267

    chrome如下:

    /systemSet/userR7Role/roleManageShow?jiaosId=52&f_jsmc=ITSS%E9%97%AE%E9%A2%98%E5%AE%A1%E6%A0%B8

    只要用js对url进行编码即可,解决方法

    /systemSet/userR7Role/roleManageShow?jiaosId=52&f_jsmc=encodeURIComponent('ITSS问题审核')

    后来在网上查资料,说tomcat8.0.53以后,对url的检查就比较严格了。根据笔者工作来说,一部分原因可能是为了防止同url方式跨站(CRSF)、XSS以及sql注入。
  • 相关阅读:
    如何使用VS2013进行单元测试和查看代码覆盖率
    荔枝架构演进历程读后感
    关于海尔电商峰值系统架构读后感
    苏宁易购:商品详情系统架构设计读后感
    第二阶段冲刺第四天
    第二阶段冲刺第五天
    第二阶段冲刺第三天
    第二阶段冲刺第二天
    第二阶段冲刺第一天
    第一阶段末尾
  • 原文地址:https://www.cnblogs.com/passedbylove/p/10106567.html
Copyright © 2011-2022 走看看