我最近已从Spring 3升级到Spring。早些时候,我能够在URL值包含分号的情况下发布并获取资源。但是升级后我得到了500错误。以下是我的获取请求
/ rest / logindomains / grouptorolemapping / 13 / Atl; BasGroup
有人知道如何解决此问题吗?
答案 0 :(得分:2)
要在网址中启用分号,必须调整UrlPathHelper
。例如:
@Configuration
public class WebConfig implements WebMvcConfigurer {
@Override
public void configurePathMatch(PathMatchConfigurer configurer) {
UrlPathHelper urlPathHelper = new UrlPathHelper();
urlPathHelper.setRemoveSemicolonContent(false);
configurer.setUrlPathHelper(urlPathHelper);
}
}
答案 1 :(得分:1)
Spring 5包含默认启用的StrictHttpFirewall。为了允许在URL中使用分号,需要使用setAllowSemicolon(boolean)方法。
答案 2 :(得分:1)
通过将以下xml添加到security-config.xml解决了该问题。这将允许在URL中使用分号和百分比字符。
<bean id="myHttpFirewall" class="org.springframework.security.web.firewall.StrictHttpFirewall">
<property name="allowSemicolon" value="true"/>
<property name="allowUrlEncodedPercent" value="true"/>
</bean>
<security:http-firewall ref="myHttpFirewall"/>
Java解决方案:
@Component
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter
{
private static final DebugLog LOG = new DebugLog("WebSecurityConfig", WebSecurityConfig.class);
@Bean
public HttpFirewall allowUrlEncodedSlashHttpFirewall() {
StrictHttpFirewall firewall = new StrictHttpFirewall();
firewall.setAllowUrlEncodedPercent(true);;
firewall.setAllowSemicolon(true);
return firewall;
}
@Override
public void configure(WebSecurity web) throws Exception {
super.configure(web);
// @formatter:off
web.httpFirewall(allowUrlEncodedSlashHttpFirewall());
}