The valid characters are defined in RFC 7230 and RFC 3986

原因就不说了,网上一大堆,直接说解决办法吧。

意思就是。8.5之前可以使用使用tomcat.util.http.parser.HttpParser.requestTargetAllow=|{}

8.5以后就不好使了。需要使用relaxedQueryChars="|,{,}"  如果有更多的特殊字符,逗号隔开。

具体要加那些,要看你url设计,可以参考。

http://www.cnblogs.com/panchanggui/p/9436348.html

我的请求参数为:query: {"chains":["Schema-BELONG_TO>DataSource-BELONG_TO>BusinessSystem"],"page":{"skip":0,"limit":10},"params":{}}

经过编码后的   :query={%22chains%22:[%22Schema-BELONG_TO%3EDataSource-BELONG_TO%3EBusinessSystem%22],%22page%22:{%22skip%22:0,%22limit%22:10},%22params%22:{}}

所以我应该relaxedQueryChars="{,},[,]"。

<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" relaxedQueryChars="{,},[,]"/>

<和>千万不要出现在relaxedQueryChars中否则tomcat启动就会报错。

如果你url中有特殊字符,编号后还是出现这样的问题,可以向我这样。

PS:

我之前的tomcat版本为9以上,网上搜了一大堆玩意,因为最开始的错是:Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level

问题是Tomcat的header缓冲区大小不够,我设置了maxHttpHeaderSize="30720'  (30*1024,听说默认是8*2014)  完全不行,巨坑是不是它的问题,而是URL编码的问题。

 

我设置了tomcat.util.http.parser.HttpParser.requestTargetAllow=|{},还是不行,降为8.5.34还是不行,无意间瞟见老外的回答。

按上面的试了下,还是不行,我又好好看来URL,尝试下加上[,]     尼玛,经常果成了, [ 和 ]明明说是RFC398的保留字段,真坑。

 

原来是我写错,也就是说我原本可以不降版本的,甚至用tomcat.util.http.parser.HttpParser.requestTargetAllow=|{}也是可以的,但我不想尝试,反正tomcat官方都不建议了。

 

We found the same issue . After analyzing the issue , found the solution . Below are the details for issue and solution.

Issue: Tomcat (7.0.88) is throwing below exception which leads to 400 – Bad Request. java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986. This issue is occurring most of the tomcat versions from 7.0.88 onwards.

Solution: (Suggested by Apache team):

Tomcat increased their security and no longer allows raw square brackets in the query string. In the request we have [,] (Square brackets) so hotel request is not processing by server.
As a solution below are the steps needs to be incorporate to make it work as expected. 1. We need to add relaxedQueryChars attribute under tag under server.xml (%TOMCAT_HOME%/conf)

   <Connector port="80" 
           protocol="HTTP/1.1"
           maxThreads="150"
           connectionTimeout="20000"
           redirectPort="443"
           compression="on"
           compressionMinSize="2048"
           noCompressionUserAgents="gozilla, traviata"
           compressableMimeType="text/html,text/xml"
                                     relaxedQueryChars="[,]"
             />

If application needs more special characters which is not supported by tomcat by default then we need add those special characters in relaxedQueryChars attribute with comma separated as above.

posted on 2018-11-01 14:25  M_calm  阅读(445)  评论(0编辑  收藏  举报

导航