search

venusdrogon / feilong-platform

:gem:all feilong projects's parent
http://feitianbenyue.iteye.com/
Apache License 2.0
94 stars 58 forks source link

增加自动转义-请求参数放在路径中的配置 #257

Closed venusdrogon closed 6 years ago

venusdrogon commented 6 years ago

see 支持将请求参数放在路径中的配置 #233

如果路径中包含非ASCII字符,不会转义,从而造成请求出错。

例如: https://test.example.com/a 中文 c

建议增加自动转义功能。

例如:

    String scheme = "https";

    String host = "test.example.com";

    String path = "/" + uriPath;

    URI uri = new URI(scheme, host, path, null);

    String regex = scheme + "://" + host + "/";

   uri.toASCIIString().replaceFirst(regex, "");
ijiangtao commented 6 years ago

报错信息如下:

image

venusdrogon commented 6 years ago

image


  @Test
    public void testTemplate12(){
        Member member = new Member();
        member.setCode("fei long");
        String resolve = resolve("http://www.baidu.com/${member.code}", member);

        HttpClientUtil.get(resolve);

    }


com.feilong.net.UncheckedHttpException: httpRequest:[    {
        "fullEncodedUrl": "http://www.baidu.com/fei long",
        "requestBody": "",
        "httpMethodType": "GET",
        "paramMap": null,
        "headerMap": null,
        "uri": "http://www.baidu.com/fei long"
    }],cause by:[java.net.URISyntaxException: Illegal character in path at index 24: http://www.baidu.com/fei long]
    at com.feilong.net.httpclient4.builder.httpurirequest.URIBuilderBuilder.builder(URIBuilderBuilder.java:85)
com.feilong.net.httpclient4.builder.HttpRequestExecuter.execute(HttpRequestExecuter.java:65)
    at com.feilong.net.httpclient4.HttpClientUtil.getResponseBodyAsString(HttpClientUtil.java:984)
    at com.feilong.net.httpclient4.HttpClientUtil.getResponseBodyAsString(HttpClientUtil.java:892)
com.feilong.context.invoker.http.HttpRequestUriResolverTest.testTemplate12(HttpRequestUriResolverTest.java:53)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:206)
Caused by: java.net.URISyntaxException: Illegal character in path at index 24: http://www.baidu.com/fei long
    at java.net.URI$Parser.fail(URI.java:2829)
    at org.apache.http.client.utils.URIBuilder.<init>(URIBuilder.java:81)
    at com.feilong.net.httpclient4.builder.httpurirequest.URIBuilderBuilder.builder(URIBuilderBuilder.java:64)
    ... 33 more
venusdrogon commented 6 years ago

http://127.0.0.1:8223/cfei%20long-jinxin

image

venusdrogon commented 6 years ago

https://blog.csdn.net/u014240933/article/details/26728237

venusdrogon commented 6 years ago

先只支持 空格转义

其他的以后再说


   /**
     * Rework.
     *
     * @param result
     *            the result
     * @return the string
     * @since 1.12.9
     * @see <a href="https://github.com/venusdrogon/feilong-platform/issues/257">增加自动转义-请求参数放在路径中的配置</a>
     */
    private static String rework(String result){
        if (result.contains(SPACE)){
            //W3C标准规定, 当Content-Type为application/x-www-form-urlencoded时,URL中查询参数名和参数值中空格要用加号+替代,
            //所以几乎所有使用该规范的浏览器在表单提交后,URL查询参数中空格都会被编成加号+。

            //而在另一份规范(RFC 2396,定义URI)里, URI里的保留字符都需转义成%HH格式(Section 3.4 Query Component),因此空格会被编码成%20,加号+本身也作为保留字而被编成%2B,
            //对于某些遵循RFC 2396标准的应用来说,它可能不接受查询字符串中出现加号+,认为它是非法字符。

            //所以一个安全的举措是URL中统一使用%20来编码空格字符。
            result = result.replaceAll(SPACE, "%20");
        }
        return result;
    }