springboot学习(七十一)解决问题:the URL contained a potentially malicious String “;“

最新推荐文章于 2024-08-16 14:24:43 发布
最新推荐文章于 2024-08-16 14:24:43 发布
阅读量3.5k 收藏 2
点赞数
分类专栏: spring boot 文章标签: spring boot spring HttpFirewall springsecurity
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/u011943534/article/details/123844834
版权
本文介绍了解决Spring Security框架中因URL包含分号而引发的安全拦截问题。通过配置防火墙允许分号,可以确保应用程序正常运行。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

访问某个请求报错:

org.springframework.security.web.firewall.RequestRejectedException: The request was rejected because the URL contained a potentially malicious String ";"

这是因为使用了SpringSecurity,其中有个防火墙:org.springframework.security.web.firewall.StrictHttpFirewall阻止了分号的使用。一般是jessionid出现在了路径中造成的。

解决办法如下:
如果想继续让分号出现在URL路径中,需要放开安全防火墙中对分号的限制

 @Bean
    public HttpFirewall allowUrlSemicolonHttpFirewall() {
        StrictHttpFirewall firewall = new StrictHttpFirewall();
        firewall.setAllowSemicolon(true);
        return firewall;
    }
The request was rejected because the URL contained a potentially malicious String “;“问题的正确解决姿势
m0_67392010的博客
09-12 2195
深知大多数初中级Java工程师,想要提升技能,往往是自己摸索成长或者是报班学习,但对于培训机构动则近万的学费,着实压力不小。自己不成体系的自学效果低效又漫长,而且极易碰到天花板技术停滞不前!因此收集整理了一份《Java开发全套学习资料》送给大家,初衷也很简单,就是希望能够帮助到想自学提升又不知道该从何学起的朋友,同时减轻大家的负担。
项目服务间访问提示The request was rejected because the URL contained a potentially malicious String “//“
喜羊羊love红太狼
01-23 1361
1.开发过程最好是按照规范开发,可以避免诸如此类低级问题。比如项目中前缀是那么controller统一这样的话拼接到一起就不会有双横线问题了2.当然如果允许路径中存在双横线则可以在security中添加配置@Bean//此处可添加别的规则,目前只设置 允许双 //
the URL contained a potentially malicious String “//“
张子豪的博客
02-21 1088
这个问题是因为前端的请求url后面多加了一个斜杠,把后面的斜杠删了就行,
报错: The request was rejected because the URL contained a potentially malicious String “//“
最新发布
比个帽的博客
08-16 5707
Spring Security 框架中提供了一个 HttpFirewall,这是一个请求防火墙,它可以自动处理掉一些非法请求,请求地址格式中不能包含;等字符或编码,必须是标准化 URL。如果希望请求地址中可以出现 %,在SpringSecurity中进行如下配置。
jar包启动报错:The request was rejected because the URL contained a potentially malicious String “%25“
IT小辉同学
08-16 2729
晚安,玛卡巴卡——
The request was rejected because the URL contained a potentially malicious String “//“
愤怒的苹果ext的博客
02-07 4628
报错详情 org.springframework.security.web.firewall.RequestRejectedException: The request was rejected because the URL contained a potentially malicious String “//” at org.springframework.security.web.firewall.StrictHttpFirewall.rejectedBlacklistedUrls(StrictH
The request was rejected because the URL contained a potentially malicious String ";
06-15
当你遇到"The request was rejected because the URL contained a potentially malicious string";这样的错误时,通常意味着服务器检测到了你提交的URL可能存在安全风险或SQL注入攻击。这可能包含了一些特殊字符或...
The request was rejected because the URL contained a potentially malicious String “;
06-14
遇到"The request was rejected because the URL contained a potentially malicious string ‘;’"这样的错误提示,通常意味着服务器检测到了URL中存在可能被视为安全威胁的字符序列。在HTTP请求中,特别是...
he request was rejected because the URL contained a potentially malicious String "//"
09-03
这个错误信息"The request was rejected because the URL contained a potentially malicious String "//""是由Spring Security的StrictHttpFirewall拦截器引发的。这个拦截器会检查URL是否包含可能导致安全问题的...
【SSM_bugs】The request was rejected because the URL contained a potentially malicious String “//“
m0_46308522的博客
06-06 367
The request was rejected because the URL contained a potentially malicious String "//"
解决 The request was rejected because the URL contained a potentially malicious String “;“
jingchao1998的博客
06-04 592
Spring Security 项目中,默认使用 StrictHttpFirewall 对象,该对象对一些疑似恶意攻击的请求也进行了拒绝处理。假如该对象对我们的项目来说过于严格,那我们可以通过配置的方式定制哪些请求需要被拒绝,当然相应的,我们的应用程序也更容易受到攻击。URL地址中携带 jsessionid 包含 “;
The request was rejected because the URL contained a potentially malicious String “%2e“
脑神
01-11 4855
日志出现: [http-nio-80-exec-3] ERROR o.a.c.c.C.[.[localhost].[/].[dispatcherServlet] - Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception org.springframework.security.web.firewall.RequestRejectedException: The request w
BootDo框架中启动报RequestRejectedException:URL contained a potentially malicious String ";"
shunzi1046的博客
06-23 5413
用过bootdo框架的同仁,想必都认得下面的错误: org.springframework.security.web.firewall.RequestRejectedException: The request was rejected because the URL contained a potentially malicious String ";" at org.spring...
The request was rejected because the URL contained a potentially malicious String ";"报错解决,
热门推荐
weixin_45313055的博客
04-30 2万+
解决问题 方法一:修改项目中出现“//”双斜杠的URL路径,哈哈 方法二:自定义FireWall方式允许URL出现双斜杠“//” 参考:Spring 5.0.3 RequestRejectedException: The request was rejected because the URL was not normalized https://stackoverflow.com/q...
SpringSecurity:request was rejected because the URL contained a potentially malicious String “//“
Ricardo.M.Yu的博客
03-15 3167
spring security路径问题
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值