使用查询字符串参数进行Ajaxical重定向

Question

使用以下部分响应重定向（在Servlet过滤器内）。当用户成功登录时，它尝试重定向到目标资源。

private void redirect(HttpServletRequest request, HttpServletResponse response, String redirectURL) throws IOException {
    if ("partial/ajax".equals(request.getHeader("Faces-Request"))) {
        response.setContentType("text/xml");
        response.setCharacterEncoding("UTF-8");
        response.getWriter()
                .append("<?xml version=\"1.0\" encoding=\"UTF-8\"?>")
                .printf("<partial-response><redirect url=\"%s\"></redirect></partial-response>", redirectURL);
    } else {
        response.sendRedirect(response.encodeRedirectURL(redirectURL));
    }
}

请求/响应标头：

General

    Request URL:https://localhost:8443/ContextRoot/utility/Login
    Request Method:POST
    Status Code:302 Found
    Remote Address:127.0.0.1:8443

Response Headers

    Cache-Control:no-cache, no-store, must-revalidate
    Connection:keep-alive
    Content-Length:0
    Date:Thu, 17 Mar 2016 11:12:58 GMT
    Expires:Thu, 01 Jan 1970 00:00:00 GMT
    Location:https://localhost:8443/ContextRoot/admin/Home.xhtml
    Pragma:no-cache
    Server:WildFly/10
    X-Powered-By:Undertow/1

Request Headers

    Accept:application/xml, text/xml, */*; q=0.01
    Accept-Encoding:gzip, deflate
    Accept-Language:en-US,en;q=0.8
    Connection:keep-alive
    Content-Length:256
    Content-Type:application/x-www-form-urlencoded; charset=UTF-8
    Cookie:JSESSIONID=0a-fKcNyfWx_Cu30m5fZUusrQ4g-qbHqhvojrNCU.om-f6b0ea3ad206; __utma=111872281.616526714.1454485589.1454485589.1454485589.1; __utmz=111872281.1454485589.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
    Faces-Request:partial/ajax
    Host:localhost:8443
    Origin:https://localhost:8443
    Referer:https://localhost:8443/ContextRoot/admin/RatingDetails?product=10&id=2
    User-Agent:Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36
    X-Requested-With:XMLHttpRequest

Form Data

    view URL encoded
    javax.faces.partial.ajax:true
    javax.faces.source:login
    javax.faces.partial.execute:loginForm
    javax.faces.partial.render:loginForm
    login:login
    loginForm:loginForm
    userName:admin
    password:admin
    javax.faces.ViewState:-5804174403308424993:4075605247268615317

可以看出，响应状态代码是“302 Found”，但不会重定向到目标资源。

查询字符串中的罪魁祸首是&：

https://localhost:8443/ContextRoot/admin/RatingDetails?product=10&id=2

以下单个查询字符串参数可以正常工作：

https://localhost:8443/ContextRoot/admin/RatingDetails?product=10

有一个解析错误：

<partial-response>
    <parsererror style="display: block; white-space: pre; border: 2px solid #c77; padding: 0 1em 0 1em; margin: 1em; background-color: #fdd; color: black">
        <h3>This page contains the following errors:</h3>
        <div style="font-family:monospace;font-size:12px">error on line 1 at column 118: EntityRef: expecting ';'
        </div>
        <h3>Below is a rendering of the page up to the first error.</h3>
    </parsererror>
</partial-response>

在这种情况下，

response.encodeURL(redirectURL)或response.encodeRedirectURL(redirectURL)也无济于事。

有什么建议吗？

Answer 1

  第118行第1行的

错误：EntityRef：期待';'

&是XML中的一个特殊字符，表示实体的开头，该实体应该以{{1​​}}字符结尾，例如;，<等。这解释了错误消息的一部分。

但是，您将该字符用作查询字符串参数分隔符，而没有任何实体引用名称和结束字符 。因此，XML解析器将落在它上面。

将;转换为&应解决此问题。重定向网址必须以这种格式结束：

&

https://localhost:8443/ContextRoot/admin/RatingDetails?product=10&id=2 / encodeURL()有不同的用途，详见In the context of Java Servlet what is the difference between URL Rewriting and Forwarding?

另见：

• The entity name must immediately follow the '&' in the entity reference