spring 引导中的请求目标中发现无效字符
Invalid character found in the request target in spring boot
我的应用程序是用 java -jar 启动的,版本为 1.5.6.RELEASE of spring boot.
我的请求之一的内容具有字符“{”。当它被发送到服务器时引发以下异常:
java.lang.IllegalArgumentException: Invalid character found in the
request target. The valid characters are defined in RFC 7230 and RFC
3986 at
org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:472)
at
org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:683)
at
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1455)
at
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
哪里错了?
我该如何解决?
编辑 1:
我的休息是这样的:
var jsonData = {
id: $("#hiddenId").val(),
permitNumber: $("#txtPermitNumber").val(),
permitToDate: $("#txtPermitToDate").val()
}
document.location = restUrl + "/print?reportParams= " + JSON.stringify(jsonData);
您将像这样启动 Spring 启动应用
$ java -jar -Dtomcat.util.http.parser.HttpParser.requestTargetAllow=|{}
demo-0.0.1-SNAPSHOT.jar
或像这样编码 uri
document.location = restUrl + "/print?reportParams= " + encodeURI(JSON.stringify(jsonData));
简单的方法就是将此代码添加到您的主 class
System.setProperty("tomcat.util.http.parser.HttpParser.requestTargetAllow", "{}");
根据 https://tomcat.apache.org/tomcat-8.5-doc/config/systemprops.html,requestTargetAllow 已弃用。对我来说,这里介绍的其他解决方案也不起作用。根据 Tomcat 文档,我找到了一种设置 属性 relaxedQueryChars 的方法:
@Bean
public ConfigurableServletWebServerFactory webServerFactory() {
TomcatServletWebServerFactory factory = new TomcatServletWebServerFactory();
factory.addConnectorCustomizers(new TomcatConnectorCustomizer() {
@Override
public void customize(Connector connector) {
connector.setProperty("relaxedQueryChars", "|{}[]");
}
});
return factory;
}
对于 Spring Boot 1.5。17.RELEASE。以下代码对我有用。
@Configuration
public class ServerConfig {
@Bean
public EmbeddedServletContainerFactory webServerFactory() {
TomcatEmbeddedServletContainerFactory factory = new TomcatEmbeddedServletContainerFactory();
factory.addConnectorCustomizers(new TomcatConnectorCustomizer() {
@Override
public void customize(Connector connector) {
connector.setProperty("relaxedQueryChars", "|{}[]");
}
});
return factory;
}
}
请求端编码为Base 64字符串,控制器端解码
编码
btoa(string)
解码:
String arr = request.getParameter();
arr = new String(Base64.getDecoder().decode(arr))
对于 Spring 引导 (2.X) 应用程序,只需添加到属性文件:
server.tomcat.relaxed-query-chars=|,{,},[,]
还有如下键值:server.tomcat.relaxed-path-chars
对于 Spring 启动应用程序,在属性文件中包含:
server.tomcat.additional-tld-skip-patterns=xercesImpl.jar,xml-apis.jar,serializer.jar,xml-apis.jar,jaxb-core.jar,jaxb-api.jar
如果你使用application.yaml只需添加以下配置
server:
tomcat:
relaxed-query-chars: '|,{,},[,]'
我的应用程序是用 java -jar 启动的,版本为 1.5.6.RELEASE of spring boot.
我的请求之一的内容具有字符“{”。当它被发送到服务器时引发以下异常:
java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986 at org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:472) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:683) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1455) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:745)
哪里错了? 我该如何解决?
编辑 1:
我的休息是这样的:
var jsonData = {
id: $("#hiddenId").val(),
permitNumber: $("#txtPermitNumber").val(),
permitToDate: $("#txtPermitToDate").val()
}
document.location = restUrl + "/print?reportParams= " + JSON.stringify(jsonData);
您将像这样启动 Spring 启动应用
$ java -jar -Dtomcat.util.http.parser.HttpParser.requestTargetAllow=|{}
demo-0.0.1-SNAPSHOT.jar
或像这样编码 uri
document.location = restUrl + "/print?reportParams= " + encodeURI(JSON.stringify(jsonData));
简单的方法就是将此代码添加到您的主 class
System.setProperty("tomcat.util.http.parser.HttpParser.requestTargetAllow", "{}");
根据 https://tomcat.apache.org/tomcat-8.5-doc/config/systemprops.html,requestTargetAllow 已弃用。对我来说,这里介绍的其他解决方案也不起作用。根据 Tomcat 文档,我找到了一种设置 属性 relaxedQueryChars 的方法:
@Bean
public ConfigurableServletWebServerFactory webServerFactory() {
TomcatServletWebServerFactory factory = new TomcatServletWebServerFactory();
factory.addConnectorCustomizers(new TomcatConnectorCustomizer() {
@Override
public void customize(Connector connector) {
connector.setProperty("relaxedQueryChars", "|{}[]");
}
});
return factory;
}
对于 Spring Boot 1.5。17.RELEASE。以下代码对我有用。
@Configuration
public class ServerConfig {
@Bean
public EmbeddedServletContainerFactory webServerFactory() {
TomcatEmbeddedServletContainerFactory factory = new TomcatEmbeddedServletContainerFactory();
factory.addConnectorCustomizers(new TomcatConnectorCustomizer() {
@Override
public void customize(Connector connector) {
connector.setProperty("relaxedQueryChars", "|{}[]");
}
});
return factory;
}
}
请求端编码为Base 64字符串,控制器端解码
编码
btoa(string)
解码:
String arr = request.getParameter();
arr = new String(Base64.getDecoder().decode(arr))
对于 Spring 引导 (2.X) 应用程序,只需添加到属性文件:
server.tomcat.relaxed-query-chars=|,{,},[,]
还有如下键值:server.tomcat.relaxed-path-chars
对于 Spring 启动应用程序,在属性文件中包含:
server.tomcat.additional-tld-skip-patterns=xercesImpl.jar,xml-apis.jar,serializer.jar,xml-apis.jar,jaxb-core.jar,jaxb-api.jar
如果你使用application.yaml只需添加以下配置
server:
tomcat:
relaxed-query-chars: '|,{,},[,]'