Tomcat8, Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level.

最新推荐文章于 2024-10-16 10:44:30 发布

测试？不，打杂的

最新推荐文章于 2024-10-16 10:44:30 发布

阅读量1k

点赞数

分类专栏： docker 应用随记

本文链接：https://blog.csdn.net/jt_121217/article/details/106134542

版权

docker 应用随记专栏收录该内容

6 篇文章 0 订阅

订阅专栏

13-May-2020 18:53:36.568 INFO [http-nio-8080-exec-4] org.apache.coyote.http11.Http11Processor.service Error parsing HTTP request header
Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level.
java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986

说明：

1、由于开发对服务包改动，需要用到tomcat8，tomcat7及以下版本不支持

2、构建环境是Jenkins+docker持续构建

3、docker基础镜像为tomcat8+jre8，已经有服务正常运行

遇到问题：

在构建后测试环境正常运行，但是通过http协议直接请求接口，无反应

排查：

1、查看服务日志，无任何报错

2、进容器看tomcat日志，无报错（实际报错了，在第一次请求的时候报错，后面请求不再报错无响应）

报错如下：

13-May-2020 18:53:36.568 INFO [http-nio-8080-exec-4] org.apache.coyote.http11.Http11Processor.service Error parsing HTTP request header
 Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level.
 java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986
	at org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:479)
	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:687)
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:790)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1468)
	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.lang.Thread.run(Thread.java:748)

原因分析：

1、http请求接口带的内容过长

2、http请求中带了特殊字符，tomcat8、9是对特殊字符进行了屏蔽，tomcat7及以下不进行限制

3、请求中包含‘{’、‘}’、‘[’、‘]’、‘|’

处理：

把docker中tomcat配置文件catalina.properties、server.xml复制出来，进行修改：

1、修改server.xml，添加提升请求长度maxHttpHeaderSize="81920，relaxedQueryChars="[,]"

    <Connector port="8080" protocol="HTTP/1.1" maxHttpHeaderSize="81920"
               connectionTimeout="20000" relaxedQueryChars="[,]"
               redirectPort="8443" />

2、修改catalina.properties

在配置最后添加tomcat.util.http.parser.HttpParser.requestTargetAllow=|{}

# This system property is deprecated. Use the relaxedPathChars relaxedQueryChars
# attributes of the Connector instead. These attributes permit a wider range of
# characters to be configured as valid.
# Allow for changes to HTTP request validation
# WARNING: Using this option may expose the server to CVE-2016-6816
#tomcat.util.http.parser.HttpParser.requestTargetAllow=|
tomcat.util.http.parser.HttpParser.requestTargetAllow=|{}

至此基本上就处理了，覆盖原有的这两个文件，验证通过

docker用的基础镜像只有重新做一个