今天调试程序时遇到了java.lang.IllegalStateException org.apache.catalina.connector.ResponseFacade.sendRedirect(ResponseFacade.java:423)这个异常,百度了一下引起这个异常的原因是如下:

jdk5.0文档中很清楚地介绍了出现IllegalStateException异常的可能情况:   1)同一个页面中再次调用response.sendRedirect()方法。 2)提交的URL错误,即不是个有效的URL。   sendRedirect  void sendRedirect(java.lang.String location)  throws java.io.IOException  Sends a temporary redirect response to the client using the specified redirect location URL. This method can accept relative URLs; the servlet container must convert the relative URL to an absolute URL before sending the response to the client. If the location is relative without a leading '/' the container interdivts it as relative to the current request URI. If the location is relative with a leading '/' the container interdivts it as relative to the servlet container root.  If the response has already been committed, this method throws an IllegalStateException. After using this method, the response should be considered to be committed and should not be written to.   Parameters:  location - the redirect location URL  Throws:  java.io.IOException - If an input or output exception occurs  java.lang.IllegalStateException - If the response was committed or if a partial URL is given and cannot be converted into a valid URL

经分析我这边的情况是第一种即在同一个方法中一次以上的连续调用了response.sendRedirect()方法,知道根源解决方法就比较简单了,避免多次连续的调用response.sendRedirect()方法。

这个问题在我们的系统中,是因为判断是否有注入式攻击字符时产生的,因为CR、LF在不同的系统中表示不同的回车换行的意义,在判断是否为注入攻击的字符时他俩也在其列,不过从前台返回的字符中难免不包含这两个字符的,当然,我们现在关心是产生上面的异常的原因,就是上面的1)2)两个原因,而根源和判断是否有注入攻击字符相关

扩展链接:

1:深入理解ServletRequest与ServletResponse

http://lavasoft.blog.51cto.com/62575/275586

2:HttpServletRequest、 ServletRequest、Request

http://blog.163.com/magicc_love/blog/static/185853662201201023521297/

3:关于linux和windows的CR, LF, CR/LF 回车 换行问题

http://www.cnblogs.com/lihong/archive/2011/02/19/1958349.html

http://www.360doc.com/content/11/0113/20/3508740_86319358.shtml

当然,这个问题的解决过程是一个很好的锻炼过程,同时也证明对于问题本身的求解必须具备打破沙锅问到底、不达目的不罢休的态度,才能够对问题本身有比较深入的了解,也才能找到问题的根源,从而从根本上将问题彻底解决!

关于java.lang.IllegalStateException的更多相关文章

  1. myeclipse 无法启动 java.lang.IllegalStateException: Unable to acquire application service. Ensure that the org.eclipse.core.runtime bundle is resolved and started (see config.ini).

    把myeclipse10 按照目录完整拷贝到了另外一台电脑, 另外的目录 原安装目录 D\:\soft\i\myeclipse10 新安装目录 E\:\soft\myeclipse10 双击启动失败, ...

  2. java.lang.IllegalStateException:Couldn't read row 0, col -1 from CursorWindow. Make sure the Cursor is initialized correctly before accessing data from it.

    java.lang.RuntimeException: Unable to start activity ComponentInfo{com.xxx...}: java.lang.IllegalSta ...

  3. java.lang.IllegalStateException: Not allowed to create transaction on shared EntityManager - use Spring transactions or EJB CMT instead

    java.lang.IllegalStateException: Not allowed to create transaction on sharedEntityManager - use Spri ...

  4. java.lang.IllegalStateException: getOutputStream() has already been called for this response

    ERROR [Engine] StandardWrapperValve[jsp]: Servlet.service() for servlet jsp threw exceptionjava.lang ...

  5. 用java实现文件下载,提示java.lang.IllegalStateException: getOutputStream() has already been called for this response

    1. 用java实现文件下载,提示java.lang.IllegalStateException: getOutputStream() has already been called for this ...

  6. eclipse启动报错java.lang.IllegalStateException: LifecycleProcessor not initialized - call 'refresh' befo

    报错: java.lang.IllegalStateException: LifecycleProcessor not initialized - call 'refresh' before invo ...

  7. java.lang.IllegalStateException: Couldn't read row 1, col 0 from CursorWindow. Make sure the Cursor is initialized correctly before accessing data fr

    Android中操作Sqlite遇到的错误:java.lang.IllegalStateException: Couldn't read row 1, col 0 from CursorWindow. ...

  8. java.lang.IllegalStateException: The specified child already has a parent. You must call removeView() on the child's parent first.

    在ViewPager中,用Fragment显示页面时,报错: java.lang.IllegalStateException: The specified child already has a pa ...

  9. java.lang.IllegalStateException:Web app root system property already set to different value 错误原因及解决 Log4j

    Log4j是Apache的一个开放源代码项目,通过使用Log4j,我们可以控制日志信息输送的目的地是控制台.文件.GUI组件.甚至是套接口 服务器.NT的事件记录器.UNIX Syslog守护进程等: ...

  10. 关于viewpager 里嵌套 listview 同时实现翻页功能的“java.lang.IllegalStateException: The specified child..."异常处理

    这几天做项目用到了ViewPager,因为它可以实现左右划动多个页面的效果,然后 再每个页面里使用ListView,运行时总是出现”PagerAdapter java.lang.IllegalStat ...

随机推荐

  1. mysql 学习笔记(一)

    查询:show databases; show status; show tables; desc  table-name: 更改root密码:方法一:mysqladmin -uroot -poldp ...

  2. RedisCacheTool参考其中的文件读写功能

    package com.jr.market.tool; import java.io.BufferedReader; import java.io.File; import java.io.FileI ...

  3. PO_PO系列 - 请购单系统分析(案例)

    2014-07-01 Created By BaoXinjian

  4. (英文版)使用Visual Studio 2015 编写 MASM 汇编程序!

    原文地址:http://kipirvine.com/asm/gettingStartedVS2015/index.htm#CreatingProject Getting Started with MA ...

  5. Rstudio匹配中文

    之前在操作csv文件时一般是将中文字符在excel或用Perl将其中的中文转换成对应的英文,但是最近碰到不得不在R里面进行中文符操作,发现R里面的匹配是无法识别的中文符的.比如: df <- r ...

  6. distinct 多个字段

    select distinct ID,AA,BB from tName与select distinct ID from tName有什么区别??第一种情况,distinct会不会影响AA,或者BB字段 ...

  7. 认识与学习BASH(中)

    1.在设置变量中:单引号与双引号的最大不同:双引号能保有变量的内容,单引号仅能是一般字符 2.反单引号(`)作用:在一串指令中,在‘之内的指令将会被先执行,其结果将作为外部的输入信息. locate指 ...

  8. [Flex] Accordion系列 - Header背景图的设置

    <?xml version="1.0" encoding="utf-8"?> <!--Flex中如何通过getHeaderAt()函数以及se ...

  9. oracle安装—Windows7旗舰版32位安装oracle10g方法

    首先要下载支持Vista版本的Oracle 10g下载完成后解压出来:http://download.oracle.com/otn/nt/oracle10g/10203/10203_vista_w2k ...

  10. 查看sql server数据库文件信息

    --drop table #dbfiles --deallocate cursor1 ------ declare cursor1 cursor for SELECT name from sys.da ...