Invalid character found in the request target. The valid characters are defined in RFC 3986
问题描述
请求参数含有特殊字符时后台报这个错误:java
信息: Error parsing HTTP request header Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level. java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986 at org.apache.coyote.http11.InternalAprInputBuffer.parseRequestLine(InternalAprInputBuffer.java:235) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1000) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637) at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2517) at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2506) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:745)
查了资料缘由是 Tomcat在 7.0.73, 8.0.39, 8.5.7 版本后,添加了对于http头的验证。apache
安全定义
安全字符tomcat
- 英文字母 : a-zA-Z
- 数字 : 0-9
- 特殊字符 : -_.~
- 保留字符 : !*'();:@&=+$,/?#[]
不安全字符安全
- 空格 : Url在传输的过程,或者用户在排版的过程,或者文本处理程序在处理Url的过程,都有可能引入可有可无的空格,或者将那些有意义的空格给去掉
- "(双引号) 以及 <>(尖括号) : 引号和尖括号一般用于在普通文本中起到分隔Url的做用
- # : 一般用于表示书签或者锚点
- % : 百分号自己用做 对 不安全字符进行转码 的特殊字符 , 因此必需要转码
- {}|^[]`~ : 某一些网关或者传输代理会篡改这些字符
- 中文 : 中文做为一个特殊编码 , 对tomcat来讲 ,也是不识别的.因此必须转码
org.apache.tomcat.util.http.parser.HttpParser#IS_NOT_REQUEST_TARGET[] 中定义了一堆not request targetapp
if(IS_CONTROL[i] || i > 127 || i == 32 || i == 34 || i == 35 || i == 60 || i == 62 || i == 92 || i == 94 || i == 96 || i == 123 || i == 124 || i == 125) {
IS_NOT_REQUEST_TARGET[i] = true;
}
- 键盘上那些控制键:(<32或者=127)
- 非英文字符(>127)
- 空格(32)
- 双引号(34)
- #(35)
- <(60)
- >(62)
- 反斜杠(92)
- ^(94)
- ` : TAB上面那个键(96)
- {(123)
- }(124)
- |(125)
三种解决方案
方案一:post
更换低版本的Tomcat来规避这种问题。编码
使用 7.0.73 以前的版本url
方案二:.net
在conf/catalina.properties中最后添加一行:代理
org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true
或者,把要安全使用的放到配置后面
tomcat.util.http.parser.HttpParser.requestTargetAllow=|{}
方案三:
- get 请求,参数转码
- post请求,放到body中
参数转码
encodeURI("http://localhost:8080/app/handleResponse?msg=name|id|")
> http://localhost:8080/app/handleResponse?msg=name%7Cid%7C
我的问题
升级Tomcat到8.5 后 , 出现这个问题. 经查证, 是Request url 中 , 出现了中文.
将参数encode后,问题解决!
参考
[异常:Invalid character found in the request target. The valid characters are defined in RFC 3986 : 做者:码上笔记]https://blog.csdn.net/ak57193856/article/details/77892749
相关文章
- 1. springboot Invalid character found in the request target. The valid characters are defined in RFC 72...
- 2. Invalid character... request target. The valid characters are defined in RFC 7230 and RFC 3986
- 3. Tomcat 8 Invalid character found in the request target. The valid characters are defined in RFC 3986
- 4. 异常:Invalid character found in the request target. The valid characters are defined in RFC 3986
- 5. 解决Tomcat报Invalid character found in the request target. The valid characters are defined in RFC 3986
- 6. Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC
- 7. invalid character found in the request target the valid characters are defined in rfc 7230 and rfc
- 8. The valid characters are defined in RFC 7230and RFC 3986
- 9. 解决Invalid character found in the request target. The valid characters are defined in RFC 7230 and RF
- 10. 项目报错:Invalid character found in the request target. The valid characters are defined in RFC 7230 and
- 更多相关文章...
- • SQL IN 操作符 - SQL 教程
- • Swift for-in 循环 - Swift 教程
- • 为了进字节跳动,我精选了29道Java经典算法题,带详细讲解
- • Kotlin学习(一)基本语法
相关标签/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. 字节跳动21届秋招运营两轮面试经验分享
- 2. Java 3 年,25K 多吗?
- 3. mysql安装部署
- 4. web前端开发中父链和子链方式实现通信
- 5. 3.1.6 spark体系之分布式计算-scala编程-scala中trait特性
- 6. dataframe2
- 7. ThinkFree在线
- 8. 在线画图
- 9. devtools热部署
- 10. 编译和链接
欢迎关注本站公众号,获取更多信息
相关文章
- 1. springboot Invalid character found in the request target. The valid characters are defined in RFC 72...
- 2. Invalid character... request target. The valid characters are defined in RFC 7230 and RFC 3986
- 3. Tomcat 8 Invalid character found in the request target. The valid characters are defined in RFC 3986
- 4. 异常:Invalid character found in the request target. The valid characters are defined in RFC 3986
- 5. 解决Tomcat报Invalid character found in the request target. The valid characters are defined in RFC 3986
- 6. Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC
- 7. invalid character found in the request target the valid characters are defined in rfc 7230 and rfc
- 8. The valid characters are defined in RFC 7230and RFC 3986
- 9. 解决Invalid character found in the request target. The valid characters are defined in RFC 7230 and RF
- 10. 项目报错:Invalid character found in the request target. The valid characters are defined in RFC 7230 and