我正在编写一个安静的API并尝试使用所有可用的http方法,但PUT方法存在问题。
当我发送http请求whith put方法时,我有“400 Bad request”错误。 如果我使用POST方法,我没有问题。
这是我的http PUT请求:
Remote Address:::1:8080
Request URL:http://localhost:8080/adminRight
Request Method:PUT
Status Code:400 Mauvaise Requête
Request Headersview parsed
PUT /adminRight HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Content-Length: 37
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.114 Safari/537.36
Origin: chrome-extension://hgmloofddffdnphfgcellkdfbfbjeloo
Content-Type: application/json
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4
Cookie: JSESSIONID=41D1CCDF94D3150F0FCA3754E347A4AD
Request Payload
typeList=1&id=2&nom=labelViewerAvance
Response Headersview parsed
HTTP/1.1 400 Mauvaise Requête
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=utf-8
Content-Length: 984
Date: Fri, 30 May 2014 12:55:32 GMT
Connection: close
这是我的http POST请求:
Remote Address:::1:8080
Request URL:http://localhost:8080/adminRight
Request Method:POST
Status Code:200 OK
Request Headersview parsed
POST /adminRight HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Content-Length: 37
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.114 Safari/537.36
Origin: chrome-extension://hgmloofddffdnphfgcellkdfbfbjeloo
Content-Type: application/json
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4
Cookie: JSESSIONID=41D1CCDF94D3150F0FCA3754E347A4AD
Request Payload
typeList=1&id=2&nom=labelViewerAvance
Response Headersview parsed
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: application/json;charset=utf-8
Content-Length: 2
Date: Fri, 30 May 2014 13:09:03 GMT
PUT和POST语法有什么区别?或者,可能是我的web.xml中的一个特殊配置吗?
提前感谢您的帮助。
使用新信息进行修改:
我的请求使用以下两种方法在java中映射:
@RequestMapping(value = "/adminRight",
method = RequestMethod.PUT
)
@ResponseBody
public ResponseEntity<String> updateListRights(@RequestParam(value = "typeList") String typeList,
@RequestParam(value = "id") String idList,
@RequestParam(value = "nom") String nomList)
{
和
@RequestMapping(value = "/adminRight",
method = RequestMethod.POST
)
@ResponseBody
public ResponseEntity<String> addNewListRights(@RequestParam(value = "typeList") String typeList,
@RequestParam(value = "id") String idList,
@RequestParam(value = "nom") String nomList)
{
答案 0 :(得分:0)
您的Server: Apache-Coyote/1.1只是一个HTTP连接器。在该连接器后面有一个Web服务器,例如Apache Tomcat。您必须查找该服务器的手册并检查如何允许HTTP方法。到Tomcat there is a server.xml file,就像这样:
// Sample Security Constraint
<security-constraint>
<web-resource-collection>
<web-resource-name><strong>restricted methods</strong></web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>PUT</http-method>
<http-method>POST</http-method>
<http-method>DELETE</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
</web-resource-collection>
<auth-constraint />
</security-constraint>
您应该将PUT和DELETE添加到该列表中。如果您的REST客户端在浏览器中运行并且它们在不同的域下提供,则您必须启用OPTIONS方法(对于CORS preflight请求),并添加CORS allow headers。通过投放浏览器,您还必须添加some HTTP response headers和set them properly以阻止XSS attacks。
另一个安全问题是你应该hide the version number土狼连接器。
顺便说一下。使用会话Cookie,例如Cookie: JSESSIONID=41D1CCDF94D3150F0FCA3754E347A4AD is not RESTful。
我对Java请求映射知之甚少,但是通过REST,您通常会使用POST将新项资源添加到集合资源,例如POST /rights,以及PUT通常用于编辑整个项目资源,例如PUT /rights/{id}其中{id}应该是唯一的资源ID(可能与您的某个聚合ID相同)。在您的代码中,我无法通过PUT请求查看与此URL结构相关的任何内容。您可能也感兴趣in PATCH。