The request was rejected because the URL was not normalized【翻译】

Spring 5.0.3 RequestRejectedException: The request was rejected because the URL was not normalized

spring security配置拦截请求报错：不是正规的URL请求被拒绝。

解决办法：

Spring security文档提到请求阻塞的问题。

例如：它可能包含路径遍历序列（像/../）或者多转发斜杠(//),也可能是因为模式匹配失败。一些正规化的容器在执行Servlet映射之前输出这些异常，但是其它的不会。为了保护这里不利的问题，FilterChainProxy使用HttpFirewall 策略去检查和封装请求。非正规的请求默认自动拒绝，路径参数和和双斜杠为了匹配目的被移除。

因此这里有两个可能的解决方法：

1、移除双斜杠（首选的方式）

2、在spring security通过自定义的StrictHttpFirewall允许双斜杠,使用如下代码

步骤1，创建自定义firewall，允许斜杠URL

注意：文章到这里还没有完，由于篇幅限制，完整内容请到hongfu951博客上查看

完整内容URL地址：Spring 5.0.3 RequestRejectedException: The request was rejected because the URL was not normalized

The request was rejected because the URL was not normalized【翻译】相关推荐

SpringBoot整合升级Spring Security 报错【The request was rejected because the URL was not normalized】...
前言最近LZ给项目框架升级, 从Spring1.x升级到Spring2.x, 在这里就不多赘述两个版本之间的区别以及升级的原因. 关于升级过程中踩的坑,在其他博文中会做比较详细的记录,以便给读者参考 ...
SpringBoot【The request was rejected because the URL was not normalized】
SpringBoot整合ng-alain时报错如下: org.springframework.security.web.firewall.RequestRejectedException: The r ...
SpringBoot 提示：RequestRejectedException:The request was rejected because the URL was not normalized.
今天遇到一个问题:本地磁盘通过SpringMVC 资源映射成URL地址可以访问的资源,提示如下错误信息: RequestRejectedException:The request was reject ...
The request was rejected because the URL was not normalized
背景问题在升级security时报了一个错:The request was rejected because the URL was not normalized. 字面意思是:不是正规的URL请求 ...
The request was rejected because the URL was not normalized.解决方案
背景在单点登录配置url的时候,访问一个url的时候会报如下的错误 2021-05-24 18:28:03.163 ERROR 17350 --- [nio-8082-exec-1] o.a.c.c ...
The request was rejected because the URL contained a potentially malicious String “//“
报错详情 org.springframework.security.web.firewall.RequestRejectedException: The request was rejected be ...
The request was rejected because the URL contained a potentially malicious String “；“问题的正确解决姿势
问题的复盘首先这个问题出现的时机是,当用户访问特定的连接(如http://localhost/index)时没有权限,被重定向到登录页面http://localhost/login.为了登录成功后再 ...
The request was rejected because the URL contained a potentially malicious String “%2e“
日志出现: [http-nio-80-exec-3] ERROR o.a.c.c.C.[.[localhost].[/].[dispatcherServlet] - Servlet.service() ...
web.firewall.RequestRejectedException: The request was rejected because the URL contained a potentia
spring security 自带url 校验失败因为请求的url不合法,但是对接方又不能修改,只能平台适配 org.springframework.security.web.firewall.R ...

The request was rejected because the URL was not normalized【翻译】

The request was rejected because the URL was not normalized【翻译】相关推荐

最新文章

热门文章