Java 中的 HTTP 标头编码/解码 [英] HTTP headers encoding/decoding in Java

问题描述

自定义 HTTP 标头被传递到 Servlet 应用程序以进行身份​​验证.标头值必须能够包含重音符号和其他非 ASCII 字符，因此必须采用某种编码(最好是 UTF-8).

A custom HTTP header is being passed to a Servlet application for authentication purposes. The header value must be able to contain accents and other non-ASCII characters, so must be in a certain encoding (ideally UTF-8).

控制认证环境的开发人员向我提供了这段Java代码:

I am provided with this piece of Java code by the developers who control the authentication environment:

String firstName = request.getHeader("my-custom-header"); 
String decodedFirstName = new String(firstName.getBytes(),"UTF-8");

但是这段代码在我看来并不正确:它以标头值的编码为前提，而在我看来，有一种正确的方法可以指定标头值的编码(我相信来自 MIME).

But this code doesn't look right to me: it presupposes the encoding of the header value, when it seemed to me that there was a proper way of specifying an encoding for header values (from MIME I believe).

这是我的问题:处理需要支持 UTF-8 编码的自定义标头值的正确方法 (tm) 是什么:

Here is my question: what is the right way (tm) of dealing with custom header values that need to support a UTF-8 encoding:

• 在电线上(标题在电线上的样子)
• 从解码的角度来看(如何使用 Java Servlet API 对其进行解码，我们是否可以假设 request.getHeader() 已经正确地进行了解码)

这里是一个独立于环境的代码示例，用于将标头视为 UTF-8，以防您无法更改您的服务:

Here is an environment independent code sample to treat headers as UTF-8 in case you can't change your service:

String valueAsISO = request.getHeader("my-custom-header"); 
String valueAsUTF8 = new String(firstName.getBytes("ISO8859-1"),"UTF-8");

推荐答案

再次重申:RFC 2047 并未在实践中实施.HTTP/1.1 的下一个版本将删除对它的任何提及.

Again: RFC 2047 is not implemented in practice. The next revision of HTTP/1.1 is going to remove any mention of it.

因此，如果您需要传输非 ASCII 字符，最安全的方法是将它们编码为 ASCII 序列，例如 Atom 发布协议中的Slug"标头.

So, if you need to transport non-ASCII characters, the safest way is to encode them into a sequence of ASCII, such as the "Slug" header in the Atom Publishing Protocol.

这篇关于Java 中的 HTTP 标头编码/解码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！