SpringBoot【The request was rejected because the URL was not normalized】
SpringBoot整合ng-alain
时报错如下:
org.springframework.security.web.firewall.RequestRejectedException: The request was rejected because the URL was not normalized.
org.springframework.security.web.firewall.RequestRejectedException: The request was rejected because the URL was not normalized.at org.springframework.security.web.firewall.StrictHttpFirewall.getFirewalledRequest(StrictHttpFirewall.java:296) ~[spring-security-web-5.1.1.RELEASE.jar:5.1.1.RELEASE]at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:194) ~[spring-security-web-5.1.1.RELEASE.jar:5.1.1.RELEASE]at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178) ~[spring-security-web-5.1.1.RELEASE.jar:5.1.1.RELEASE]at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:357) ~[spring-web-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:270) ~[spring-web-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.12.jar:9.0.12]at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) ~[spring-web-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.12.jar:9.0.12]at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:92) ~[spring-web-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.12.jar:9.0.12]at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:93) ~[spring-web-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.12.jar:9.0.12]at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:200) ~[spring-web-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199) ~[tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) ~[tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490) ~[tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139) ~[tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) ~[tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) ~[tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) ~[tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408) ~[tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) ~[tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:770) ~[tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1415) ~[tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) ~[tomcat-embed-core-9.0.12.jar:9.0.12]at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) ~[na:na]at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) ~[na:na]at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-embed-core-9.0.12.jar:9.0.12]at java.base/java.lang.Thread.run(Thread.java:834) ~[na:na]
查看源码spring
中StrictHttpFirewall.java
中报错源码如下:
判断逻辑在isNormalized(request)
函数中,如果请求路径中包含双斜杠//
,则会抛出这样的错误。
查看我们的请求,请求中确实包含如下路径:
参照 https://stackoverflow.com/questions/48453980/spring-5-0-3-requestrejectedexception-the-request-was-rejected-because-the-url/49116274 解决方案,通过自定义Firewall
的方式允许URL中出现斜杠slash
@Bean
public HttpFirewall allowUrlEncodedSlashHttpFirewall() {StrictHttpFirewall firewall = new StrictHttpFirewall();firewall.setAllowUrlEncodedSlash(true); return firewall;
}
添加之后,正常访问
SpringBoot【The request was rejected because the URL was not normalized】相关推荐
- SpringBoot整合升级Spring Security 报错 【The request was rejected because the URL was not normalized】...
前言 最近LZ给项目框架升级, 从Spring1.x升级到Spring2.x, 在这里就不多赘述两个版本之间的区别以及升级的原因. 关于升级过程中踩的坑,在其他博文中会做比较详细的记录,以便给读者参考 ...
- SpringBoot 提示:RequestRejectedException:The request was rejected because the URL was not normalized.
今天遇到一个问题:本地磁盘通过SpringMVC 资源映射成URL地址可以访问的资源,提示如下错误信息: RequestRejectedException:The request was reject ...
- The request was rejected because the URL was not normalized【翻译】
Spring 5.0.3 RequestRejectedException: The request was rejected because the URL was not normalized s ...
- The request was rejected because the URL was not normalized
背景问题 在升级security时报了一个错:The request was rejected because the URL was not normalized. 字面意思是:不是正规的URL请求 ...
- The request was rejected because the URL was not normalized.解决方案
背景 在单点登录配置url的时候,访问一个url的时候会报如下的错误 2021-05-24 18:28:03.163 ERROR 17350 --- [nio-8082-exec-1] o.a.c.c ...
- The request was rejected because the URL contained a potentially malicious String “//“
报错详情 org.springframework.security.web.firewall.RequestRejectedException: The request was rejected be ...
- The request was rejected because the URL contained a potentially malicious String “;“问题的正确解决姿势
问题的复盘 首先这个问题出现的时机是,当用户访问特定的连接(如http://localhost/index)时没有权限,被重定向到登录页面http://localhost/login.为了登录成功后再 ...
- The request was rejected because the URL contained a potentially malicious String “%2e“
日志出现: [http-nio-80-exec-3] ERROR o.a.c.c.C.[.[localhost].[/].[dispatcherServlet] - Servlet.service() ...
- web.firewall.RequestRejectedException: The request was rejected because the URL contained a potentia
spring security 自带url 校验失败 因为请求的url不合法,但是对接方又不能修改,只能平台适配 org.springframework.security.web.firewall.R ...
最新文章
- aws fargate_我如何在AWS Fargate上部署#100DaysOfCloud Twitter Bot
- python使用函数的优点-Lambda表达式在Python中的优点和缺点
- 继电反馈法自整定_基于继电反馈PID自整定方法在Buck―Boost电路中应用.doc
- 微信支付+服务器+php代码,php 微信支付企业付款(示例代码)
- Android开发进阶1 思维改变 如何知道我需要学什么(上)
- Aspect的简单方法拦截
- 有向图的传递闭包实现三种实现(Warshall+DFS+BFS)
- python循环捕捉异常_python – 如何在for循环迭代器中捕获异常
- 【机器学习系列】概率图模型第六讲:因子图和道德图
- 别催更啦!手淘全链路性能优化下篇--容器极速之路
- 北斗输电杆塔状态在线监测系统
- IDL处理葵花8Himawari-8标准HSD数据——制作大气校正数据集(太阳角度数据集)
- python的循环控制语句while和for的使用详解
- win10修改保存的git用户名和密码
- 我国影视行业的痛点——影视链的目标
- 软件工程应用与实践(2)——application.properties配置文件分析
- 极速办公(ppt)文字如何设置斜体
- 刷算法第五天——P5594 模拟赛
- kudu学习资料总结
- 二叉树的前序遍历,中序遍历,后序遍历
热门文章
- linux cadence教程 pdf,cadence入门教程-修改版.pdf
- java ios 3des_IOS开发入门之iOS 3DES加密 和 java 3DES 解密
- require.js 介绍
- 3.1.2 消费者客户端的线程模型
- 初到北上广打拼的外地人,生活状态是怎样的?
- Windows系统下Qt代码的QMake和CMake简单说明
- 求三角形面积 ← 海伦公式
- 单目视觉定位测距的两种方式
- 计算机毕业设计php+vue基于微信小程序的叽喳音乐播放小程序
- 如何批量查询谷歌PR权重是多少?谷歌PR权重怎么批量查询