Cookie:java.lang.IllegalArgumentException: An invalid character [32] was present in the Cookie value

25 篇文章 0 订阅
12 篇文章 0 订阅

使用servlet写一个案例:显示用户的上次访问时间分析
爆出一下的错误:
java.lang.IllegalArgumentException: An invalid character [32] was present in the Cookie value
控制台输出如下:

严重: Servlet.service() for servlet [com.zhiyou.servlet.lastaccesstime.LastAccessTimeServlet] in context with path [/stu04] threw exception
java.lang.IllegalArgumentException: An invalid character [32] was present in the Cookie value
    at org.apache.tomcat.util.http.Rfc6265CookieProcessor.validateCookieValue(Rfc6265CookieProcessor.java:182)
    at org.apache.tomcat.util.http.Rfc6265CookieProcessor.generateHeader(Rfc6265CookieProcessor.java:115)
    at org.apache.catalina.connector.Response.generateCookieString(Response.java:976)
    at org.apache.catalina.connector.Response.addCookie(Response.java:928)
    at org.apache.catalina.connector.ResponseFacade.addCookie(ResponseFacade.java:385)
    at com.zhiyou.servlet.lastaccesstime.LastAccessTimeServlet.doGet(LastAccessTimeServlet.java:31)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:634)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
    at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:668)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
    at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408)
    at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
    at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:770)
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1415)
    at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    at java.lang.Thread.run(Unknown Source)

了解到 An invalid character [32] was present in the Cookie value 中32对应的编码是空格,Stack Overflow上的回答:This is due to Tomcat’s cookie processing being changed to a RFC 6265 compliant implementation by default in 8.5, which does not allow space (character 32), among others.

tomcat版本是9.0,cookie存的值确实有空格,改用编码后再存入cookie,可避免出现空格。

修改后的代码如下:

import java.io.IOException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.text.SimpleDateFormat;
import java.util.Date;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@WebServlet("/lastAccessTime")
public class LastAccessTimeServlet extends HttpServlet {
    /** 
    * serialVersionUID:
    */
    private static final long serialVersionUID = -3666204851005119865L;

    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        response.setContentType("text/html;charset=UTF-8");
        //获得当前时间
        Date date = new Date();
        SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd hh:mm:ss");
        String currentTime = format.format(date);

        //1、创建Cookie 记录当前的最新的访问时间
//      Cookie cookie = new Cookie("lastAccessTime",currentTime);//报错地方
        //deBug:格式化后的date值,通过编码存入cookie
        Cookie cookie = new Cookie("lastAccessTime",URLEncoder.encode(currentTime,"UTF-8"));
        cookie.setMaxAge(60*10*500);
        response.addCookie(cookie);

        //2、获得客户端携带cookie ---- lastAccessTime
        String lastAccessTime = null;
        Cookie[] cookies = request.getCookies();
        if(cookies!=null){
            for(Cookie coo : cookies){
                if("lastAccessTime".equals(coo.getName())){
                    lastAccessTime = coo.getValue();
                }
            }
        }
        response.setContentType("text/html;charset=UTF-8");
        if(lastAccessTime==null){
            response.getWriter().write("您是第一次访问");
        }else{
            //
            response.getWriter().write("您上次的访问的时间是:"+lastAccessTime);
            //deBug:cookie取出的值,通过解码显示到页面上
            response.getWriter().write("您上次的访问的时间是:"+URLDecoder.decode(lastAccessTime,"UTF-8"));
        }
    }

    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }
}

归纳总结

关于使用Cookie的一些注意事项:

1. Cookie的兼容性问题

Cookie的格式有2个不同的版本,第一个版本,我们称为Cookie Version 0,是最初由Netscape公司制定的,也被几乎所有的浏览器支持。而较新的版本,Cookie Version 1,则是根据RFC 2109文档制定的。为了确保兼容性,JAVA规定,前面所提到的涉及Cookie的操作都是针对旧版本的Cookie进行的。而新版本的Cookie目前还不被Javax.servlet.http.Cookie包所支持。

2. Cookie的内容

同样的Cookie的内容的字符限制针对不同的Cookie版本也有不同。在Cookie Version 0中,某些特殊的字符,例如:空格,方括号,圆括号,等于号(=),逗号,双引号,斜杠,问号,@符号,冒号,分号都不能作为Cookie的内容。虽然在Cookie Version 1规定中放宽了限制,可以使用这些字符,但是考虑到新版本的Cookie规范目前仍然没有为所有的浏览器所支持,因而为保险起见,我们应该在Cookie的内容中尽量避免使用这些字符。

RFC2109 制定的规范:

这里写图片描述

RFC 2068 制定的规范:

这里写图片描述


Cookie中永远不要存特殊字符,即使要存储也要进行编码以后再存。


【参考】

HTTP cookie: https://en.wikipedia.org/wiki/HTTP_cookie
关于cookie特殊字符的一点理解: http://www.blogjava.net/stone2083/archive/2010/11/03/336923.html

  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值