Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986

Tomcat接收到的请求的URI中包含了不合法的字符,比如  { }  ( )  ^ ` \  | #  \\ 这些字符在RFC (Request Format Comment)文档中有规定,不能被用在Request Header,也就是request的URI中。

查看tomcat源码

apache-tomcat-7.0.73-src\java\org\apache\coyote\http11\InternalInputBuffer.java

public class InternalInputBuffer extends AbstractInputBuffer<Socket> {
   ....省略
    /**
     * Read the request line. This function is meant to be used during the
     * HTTP request header parsing. Do NOT attempt to read the request body
     * using it.
     *
     * @throws IOException If an exception occurs during the underlying socket
     * read operations, or if the given buffer is not big enough to accommodate
     * the whole line.
     */
    @Override
    public boolean parseRequestLine(boolean useAvailableDataOnly)
        throws IOException {
    ...省略
        //
        // Reading the URI
        //
        boolean eol = false;
        while (!space) {
            // Read new bytes if needed
            if (pos >= lastValid) {
                if (!fill())
                    throw new EOFException(sm.getString("iib.eof.error"));
            }
            // Spec says single SP but it also says be tolerant of HT
            if (buf[pos] == Constants.SP || buf[pos] == Constants.HT) {
                space = true;
                end = pos;
            }else if (HttpParser.isNotRequestTarget(buf[pos])) {  
        //如果请求参数中的字符不是被允许的字符,则抛异常  HttpParser这个类 看下面代码片
                throw new IllegalArgumentException(sm.getString("iib.invalidRequestTarget"));
            }
            pos++;
        }
    ... 省略
        return true;
    }
}

apache-tomcat-7.0.73-src\java\org\apache\tomcat\util\http\parser\HttpParser.java

private static final int ARRAY_SIZE = 128;
private static final boolean[] IS_NOT_REQUEST_TARGET = new boolean[ARRAY_SIZE];
static {
        // Digest field types.for (int i = 0; i < ARRAY_SIZE; i++) {
            // Control> 0-31, 127
            if (i < 32 || i == 127) {
                IS_CONTROL[i] = true;
            }// Not valid for request target.
            // Combination of multiple rules from RFC7230 and RFC 3986. Must be
            // ASCII, no controls plus a few additional characters excluded
       // 不合法的字符在这里都会导致请求不合法而抛异常 请求失败
            if (IS_CONTROL[i] || i > 127 ||
                    i == ' ' || i == '\"' || i == '#' || i == '<' || i == '>' || i == '\\' ||
                    i == '^' || i == '`'  || i == '{' || i == '|' || i == '}') {
                IS_NOT_REQUEST_TARGET[i] = true;
            }
        }
    }

HTTP协议说到底只是一个OSI应用层通讯的标准,在tomcat源码中对HTTP进行了实现,可能在一些Tomcat版本中没有实现对请求字符的限制,可以预见,在Tomcat7.0.64之后的版本以及 Tomcat8、9都会对请求头的字符进行限制。

【Tomcat】Invalid character found in the request target的更多相关文章

  1. Tomcat 8 Invalid character found in the request target. The valid characters are defined in RFC 3986

    终极解决方案: Invalid character found in the request target. The valid characters are defined in RFC 3986 ...

  2. Tomcat v7.0 java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986

    十二月 , :: 下午 org.apache.coyote.http11.AbstractHttp11Processor process 信息: Error parsing HTTP request ...

  3. Tomcat : Invalid character found in the request target

    Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC ...

  4. tomcat Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986

      1.情景展示 tomcat 日志时不时会报出如下异常信息,到底是怎么回事? java.lang.IllegalArgumentException: Invalid character found ...

  5. Tomcat报错Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986

    问题描述:后台报错 Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level.java ...

  6. Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC

    解决Invalid character found in the request target. The valid characters are defined in RFC 7230 and RF ...

  7. Invalid character found in the request target.

    背景:springboot项目内置tomcat9.0 调用的接口中有{}就会报错 解决办法: 新的tomcat新版本增加了一个新特性,就是严格按照 RFC 3986规范进行访问解析,而 RFC 398 ...

  8. 后台报错java.lang.IllegalArgumentException: Invalid character found in the request target.

    报错: Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level. java.lang ...

  9. 解决springboot项目请求出现非法字符问题 java.lang.IllegalArgumentException:Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986

    springboot版本: 2.1.5 最近使用springboot搭建了一个App后台服务的项目,开发接口的时候在本机使用postman工具做请求测试,请求返回一直很正常,但是在前端开发使用h5请求 ...

随机推荐

  1. 怎么在linux Ubuntu上部署nodejs

    今天特别开心,同时也有兴趣把最近的一些工作总结一下. 第一,方便记忆. 第二, 给需要的同学做参考 node.js 在本地的话,比较容易运行,node app.js 命令就搞定,但是当需要部署到生产环 ...

  2. Invert a binary tree 翻转一棵二叉树

    Invert a binary tree 翻转一棵二叉树 假设有如下一棵二叉树: 4  / \   2    7  / \   / \ 1  3 6  9翻转后: 4     /    \    7 ...

  3. 20170717_python_爬虫_网页数据解析_BeautifulSoup_数据保存_pymysql

    上午废了老大劲成功登陆后,下午看了下BeautifulSoup和pymysql,晚上记录一下 自己电脑装的sublime,字体颜色竟然拷贝不下来 - - 写的过程中遇到了很多问题: 1.模拟登陆部分 ...

  4. filezilla里怎么解决中文乱码问题

    使用Filezilla client FTP客户端登陆某些FTP站点会出现中文乱码,原因是FTP服务器端编码与filezilla client端编码不一致造成的.解决方法如下:文件-站点管理-选中要登 ...

  5. 【JAVASCRIPT】React学习- 数据流(组件通信)

    摘要 react 学习包括几个部分: 文本渲染 JSX 语法 组件化思想 数据流 一 组件通信如何实现 父子组件之间不存在继承关系 1.1 父=>子通信 父组件可以通过 this.refs.xx ...

  6. 安装j2ee开发环境

    先安装jdk,再安装eclipse ,再安装myeclipse. eclipse与myeclipse必须在图形化界面安装. 1. 挂载光驱/硬盘 mount  /mnt/cdrom/    挂载光驱 ...

  7. tomato dualwan /root目录的特殊用途

    测试发现tomato dualwan /root目录下存储的文件重启后会自动清掉.利用这个特性可以把测试生成的临时文件丢到这里. root下本应该存在的.vimrc 文件 采用如下方法生成: 在/op ...

  8. HDU1113 Word Amalgamation

    Description In millions of newspapers across the United States there is a word game called Jumble. T ...

  9. [COGS 1065] 绿豆蛙的归宿

    先贴题面w 1065. [Nescafe19] 绿豆蛙的归宿 ★   输入文件:ldfrog.in   输出文件:ldfrog.out   简单对比时间限制:1 s   内存限制:128 MB 随着新 ...

  10. spring实现文件上传(图片解析)

    合抱之木,生于毫末,千里之行,始于足下,要想了解spring的文件上传功能,首先要知道spring是通过流的方式将文件进行解析,然后上传.那么是不是所有需要用的文件上传的地方都要写一遍文件解析器呢? ...