收到的cookie标头包含无效的cookie。 [英] A cookie header was received that contained an invalid cookie.
问题描述
我正在将服务器从 Tomcat-6 迁移到 Tomcat-9 。我的网站是为HTTP / 1.1协议设计的。 server.xml文件包含 org.apache.coyote.http11.Http11NioProtocol 的连接器协议。服务器正常启动,不会产生任何错误。但是,当我尝试使用本地主机访问我的网站时,出现以下错误:-
I am migrating my Server from Tomcat-6 to Tomcat-9. My website is designed for the protocol of HTTP/1.1 . The server.xml file contains the Connector Protocol of org.apache.coyote.http11.Http11NioProtocol . The server starts up normally without generating any errors. However, when I try to access my website using localhost, I get the following error :-
INFO [https-nio-8445-exec-3] org .apache.tomcat.util.http.parser.Cookie.logInvalidHeader 收到了Cookie标头[2,3,4,5,6,7,8,9,10,11,12,21,22, 23]; userId = 53136]包含无效的cookie。该cookie将被忽略。注意:此错误的进一步发生将在DEBUG级别记录。
INFO [https-nio-8445-exec-3] org.apache.tomcat.util.http.parser.Cookie.logInvalidHeader A cookie header was received [ 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 21, 22, 23]; userId=53136] that contained an invalid cookie. That cookie will be ignored.Note: further occurrences of this error will be logged at DEBUG level.
有人可以告诉我此错误的原因吗?
是什么原因导致无效的cookie?
如果我使用其他连接器,是否可以避免此错误?
Can anyone please tell me the reason for this error? What causes an invalid cookie? Can this error be avoided if I use a different connector?
推荐答案
我发现部署在tomcat上的API能够我发送了cURL请求时抓住了cookie,尽管有tomcat警告。
I found the API deployed on tomcat able to grab the cookies when I send a cURL request, though there was tomcat warning.
curl -XPOST -H "Content-Type: application/json" --cookie "userId=64ad960c-bb7e-48dd-8191-4f31539bc2c2,accessToken=64ad960c-bb7e-48dd-8191-4f31539bc2c2" -d '{"message":"play porcupine tree"}' http://localhost:9090/nlu/convo
但是要删除警告,不得不在tomcat配置( conf / context.xml )
But to remove the warning, had to update cookie processor (LegacyCookieProcessor) in the tomcat config (conf/context.xml)
例如,
cat /usr/local/apache-tomcat-8.5.12/conf/context.xml
<?xml version="1.0" encoding="UTF-8"?>
<!-- The contents of this file will be loaded for each web application -->
<Context>
<WatchedResource>WEB-INF/web.xml</WatchedResource>
<WatchedResource>${catalina.base}/conf/web.xml</WatchedResource>
<!--
<CookieProcessor className="org.apache.tomcat.util.http.Rfc6265CookieProcessor" />
-->
<CookieProcessor className="org.apache.tomcat.util.http.LegacyCookieProcessor" />
</Context>
我认为 org.apache.tomcat.util.http.Rfc6265CookieProcessor 可以工作,但是不起作用, LegacyCookieProcessor 是必需的。
I thought org.apache.tomcat.util.http.Rfc6265CookieProcessor would work but did not, LegacyCookieProcessor is required.
https://tools.ietf.org/html / rfc6265
LegacyCookieProcessor实现对Cookie规范的严格解释。
由于浏览器存在各种互操作性问题,默认情况下并非所有严格的
行为都处于启用状态,并且还有其他可用选项
,以便在需要时进一步放松该Cookie处理器的行为。 $ b
LegacyCookieProcessorimplements a strict interpretation of the cookie specifications. Due to various interoperability issues with browsers not all strict behaviours are enabled by default and additional options are available to further relax the behaviour of this cookie processor if required.
这篇关于收到的cookie标头包含无效的cookie。的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
