Tomcat9报错 The valid characters are defined in RFC 7230 and RFC 3986

tomcat8项目移到tomcat9,出现如下问题

HTTP Status 400 – Bad Request


Type Exception Report

Message Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986

Description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).

Exception

java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986
org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:467)
org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:294)
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:791)
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1417)
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
java.lang.Thread.run(Thread.java:748) url实际请求地址:/systemSet/userR7Role/roleManageShow?jiaosId=52&f_jsmc=ITSS问题审核

经过抓包,url请求地址如下

Tomcat9报错 The valid characters are defined in RFC 7230 and RFC 3986

ie如下:

/systemSet/userR7Role/roleManageShow?jiaosId=50&f_jsmc=ITSS\351\227\256\351\242\230\347\224\263\350\257\267

chrome如下:

/systemSet/userR7Role/roleManageShow?jiaosId=52&f_jsmc=ITSS%E9%97%AE%E9%A2%98%E5%AE%A1%E6%A0%B8

只要用js对url进行编码即可,解决方法

/systemSet/userR7Role/roleManageShow?jiaosId=52&f_jsmc=encodeURIComponent('ITSS问题审核')

后来在网上查资料,说tomcat8.0.53以后,对url的检查就比较严格了。根据笔者工作来说,一部分原因可能是为了防止同url方式跨站(CRSF)、XSS以及sql注入。

上一篇:PHP手册-函数参考-加密扩展


下一篇:简单的线程Thread使用