通过我们的测试,在tomcat7.0.73版本以上都会出现下列描述的问题。
1、测试报错:
Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level.
java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986
at org.apache.coyote.http11.InternalInputBuffer.parseRequestLine(InternalInputBuffer.java:192)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1028)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:316)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
2、通过抓包看出,当get请求为:
http://localhost:8080/sma-scm/interface.do?req={"hard":"FD89C82352A9B0940BC5C86D9F1E36DF4F8E70382D265975","channel":"ADDB1A3E0F6EDA9AE89B542B977107C0A25B1EE205A42BE1"}
会出现这种报错,因为升级tomcat后有一些字符(例如“{,}“),当他们直接放在Url中的时候,可能会引起解析程序的歧义
Tomcat8.5,当Get请求中包含了未经编码的非法字符时,会报以下错误,请求未到应用程序在Tomcat层就被拦截了。
经过测试,paphone控件和老版本的APP SDK请求时都会报此错