异常:Invalid character found in the request target. The valid characters are defined in RFC 3986
2017-09-08 11:28
423 查看
请求参数含有特殊字符时后台报这个错误:
信息: Error parsing HTTP request header
Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level.
java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986
at org.apache.coyote.http11.InternalAprInputBuffer.parseRequestLine(InternalAprInputBuffer.java:235)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1000)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)
at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2517)
at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2506)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
查了资料原因是 Tomcat在 7.0.73,
8.0.39, 8.5.7 版本后,添加了对于http头的验证。
RFC3986文档规定,Url中只允许包含英文字母(a-zA-Z)、数字(0-9)、-_.~4个特殊字符以及所有保留字符。
RFC3986中指定了以下字符为保留字符:
!*'();:@&=+$,/?#[]
不安全字符
还有一些字符,当他们直接放在Url中的时候,可能会引起解析程序的歧义。这些字符被视为不安全字符,原因有很多。
->空格Url在传输的过程,或者用户在排版的过程,或者文本处理程序在处理Url的过程,都有可能引入无关紧要的空格,或者将那些有意义的空格给去掉
->引号以及<>引号和尖括号通常用于在普通文本中起到分隔Url的作用
->#通常用于表示书签或者锚点
->%百分号本身用作对不安全字符进行编码时使用的特殊字符,因此本身需要编码
->{}|\^[]`~某一些网关或者传输代理会篡改这些字符
具体来说 :
request target
转换过来就是以下字符(对应10进制ASCII看):
键盘上那些控制键:(
非英文字符(
查阅了大量资料后,有三种解决方案:
Plan 1:
更换低版本的Tomcat来规避这种问题。
我于是下载了一个7.0.41的tomcat,配置到idea或者eclipse,就可以了
Plan 2:
在conf/catalina.properties中最后添加一行:
org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true
添加或者修改:
重启服务器后,解决问题。
Plan 3:
But eventually you want to encode your URL on client:
or just query string:
官方指南地址:http://tomcat.apache.org/tomcat-8.5-doc/config/systemprops.html
官方说明:
org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH
If this is true ‘%2F’ and ‘%5C’ will be permitted as path.delimiters.If not specified, the default value of false will be used.
信息: Error parsing HTTP request header
Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level.
java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986
at org.apache.coyote.http11.InternalAprInputBuffer.parseRequestLine(InternalAprInputBuffer.java:235)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1000)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)
at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2517)
at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2506)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
查了资料原因是 Tomcat在 7.0.73,
8.0.39, 8.5.7 版本后,添加了对于http头的验证。
RFC3986文档规定,Url中只允许包含英文字母(a-zA-Z)、数字(0-9)、-_.~4个特殊字符以及所有保留字符。
RFC3986中指定了以下字符为保留字符:
!*'();:@&=+$,/?#[]
不安全字符
还有一些字符,当他们直接放在Url中的时候,可能会引起解析程序的歧义。这些字符被视为不安全字符,原因有很多。
->空格Url在传输的过程,或者用户在排版的过程,或者文本处理程序在处理Url的过程,都有可能引入无关紧要的空格,或者将那些有意义的空格给去掉
->引号以及<>引号和尖括号通常用于在普通文本中起到分隔Url的作用
->#通常用于表示书签或者锚点
->%百分号本身用作对不安全字符进行编码时使用的特殊字符,因此本身需要编码
->{}|\^[]`~某一些网关或者传输代理会篡改这些字符
具体来说 :
org.apache.tomcat.util.http.parser.HttpParser#IS_NOT_REQUEST_TARGET[]中定义了一堆not
request target
if(IS_CONTROL[i] || i > 127 || i == 32 || i == 34 || i == 35 || i == 60 || i == 62 || i == 92 || i == 94 || i == 96 || i == 123 || i == 124 || i == 125) {
IS_NOT_REQUEST_TARGET[i] = true;
}转换过来就是以下字符(对应10进制ASCII看):
键盘上那些控制键:(
<32或者=127)
非英文字符(
>127)
空格(
32)
双引号(
34)
#(
35)
<(
60)
>(
62)
反斜杠(
92)
^(
94)
TAB上面那个键,我也不晓得嫩个读(
96)
{(123)
}(
124)
|(
125)
查阅了大量资料后,有三种解决方案:
Plan 1:
更换低版本的Tomcat来规避这种问题。
我于是下载了一个7.0.41的tomcat,配置到idea或者eclipse,就可以了
Plan 2:
在conf/catalina.properties中最后添加一行:
org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true
添加或者修改:
tomcat.util.http.parser.HttpParser.requestTargetAllow=|{}重启服务器后,解决问题。
Plan 3:
But eventually you want to encode your URL on client:
encodeURI("http://localhost:8080/app/handleResponse?msg=name|id|")
> http://localhost:8080/app/handleResponse?msg=name%7Cid%7Cor just query string:
encodeURIComponent("msg=name|id|")
> msg%3Dname%7Cid%7C官方指南地址:http://tomcat.apache.org/tomcat-8.5-doc/config/systemprops.html
官方说明:
org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH
If this is true ‘%2F’ and ‘%5C’ will be permitted as path.delimiters.If not specified, the default value of false will be used.
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 异常:Invalid character found in the request target. The valid characters are defined in RFC 3986
- 异常:Invalid character found in the request target. The valid characters are defined in RFC 3986
- Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986
- Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986
- 解决Invalid character found in the request target. The valid characters are defined in RFC 7230 and RF
- Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC
- Invalid character found in the request target.The valid characters are defined in RFC 7230 /RF3986
- 解决Invalid character found in the request target. The valid characters are defined in RFC 7230 and RF
- 解决:Invalid character found in the request target.The valid characters are defined in RFC 7230 and RF
- Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC
- 解决Invalid character found in the request target. The valid characters are defined in RFC 7230 and RF
- 解决Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 问题
- invalid character found in the request target the valid characters are defined in rfc 7230 and rfc
- invalid character found in the request target the valid characters are defined in rfc 7230 and rfc 3
- 解决Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 问题
- Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC
- Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC
- invalid character found in the request target the valid characters are defined in rfc 7230 and rfc 3
- 解决Invalid character found in the request target. The valid characters are defined in RFC 7230 and RF
- tomcat请求参数问题解决: Invalid character found in the request target. The valid characters are defined in