升级到Jetty 9.3后的标头解析错误 [英] Header parse error after upgrade to Jetty 9.3

问题描述

当我将码头发行版从9.2更改为9.3时，我遇到了问题。在9.2下我的应用程序完美无缺，但是当运行相同的war文件并从同一客户端连接时，我在9.3下运行时会收到以下错误消息：

I'm having an issue when I change my jetty distro from 9.2 to 9.3. Under 9.2 my app works flawlessly however when running the same war file and connecting from the same client I get the following error messages when running under 9.3:

015-08-30 14：55：32.174：警告：oejh.HttpParser：qtp1100439041-12：缓冲区HeapByteBuffer @ 26dab36的状态= HEADER_IN_NAME中的非法字符0x20 [p = 62，l = 654，c = 8192，r = 592 ] = {POST /api/v1/time...0.1:8080\r\\\
Key<<< Info Header：... erica / Toronto}>>> \ x00 \ x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 ... \\ \\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00}

2015-08-30 14：55：32.175：警告：oejh.HttpParser：qtp1100439041-12：错误的HTTP解析：400非法字符0x20 for HttpChannelOverHttp @ 6765bf81 {r = 0，c = false，a = IDLE，uri = - }

据我所知，标题中有一个非法字符，但是为什么一个版本会抛出此错误而另一个版本没有？

From what I understand, there is an illegal character in the header, however why does one version throw this error and the other does not?

另外我使用Apache httpclient 4.4.1发送数据。

Also I am using Apache httpclient 4.4.1 to send the data.

推荐答案

从Jetty 9.2升级到9.3意味着您进入了HTTP / 1.1更新规范和rfcs的新世界，和新的HTTP / 2要求，甚至包括对HTTP / 1.1的更改以支持HTTP / 2升级（h2c）。

The upgrade from Jetty 9.2 to 9.3 meant you entered in the new world of HTTP/1.1 updated specs and rfcs, and new HTTP/2 requirements, even including changes to the HTTP/1.1 to support HTTP/2 upgrade (h2c).

Jetty 9.2遵循RFC2616（现已废弃：RFC7230） ，RFC7231，RFC7232，RFC7233，RFC7234，RFC7235和更新：RFC2817，RFC5785，RFC6266，RFC6585）

Jetty 9.2 followed RFC2616 (Now Obsoleted by: RFC7230, RFC7231, RFC7232, RFC7233, RFC7234, RFC7235 and Updated by: RFC2817, RFC5785, RFC6266, RFC6585)

Jetty 9.3遵循对古老的更新（从1999年开始！） RFC2616规范。许多过去有效的东西不再有效。我们还放弃了对Jetty 9.3中HTTP / 0.9的支持。

Jetty 9.3 follows the updates to the venerable (from 1999!) RFC2616 spec. Many things that were valid in the past are no longer valid. We also dropped support for HTTP/0.9 in Jetty 9.3

HTTP / 1.1的许多部分已经整理好，以利用更新的RFC，其中一些可能有点咬你。

There are a many parts of HTTP/1.1 that were tidied up to take advantage of the updated RFCs, some of them might have bit you.

查看规范， RFC7230：第3.2节 - 标题字段，您会看到标题字段声明为...

Looking at the spec, RFC7230: Section 3.2 - Header Fields, you see the header field declared as...

 header-field   = field-name ":" OWS field-value OWS

 field-name     = token
 field-value    = *( field-content / obs-fold )
 field-content  = field-vchar [ 1*( SP / HTAB ) field-vchar ]
 field-vchar    = VCHAR / obs-text

 obs-fold       = CRLF 1*( SP / HTAB )
                ; obsolete line folding
                ; see Section 3.2.4

定义令牌在 RFC7230：附录B - 收集的ABNF 中......

with token defined in RFC7230: Appendix B - Collected ABNF as ...

tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" / "+" / "-" / "." /
        "^" / "_" / "`" / "|" / "~" / DIGIT / ALPHA
token = 1*tchar

这意味着你的（空格）信息标题：每个规格无效。

which means that your " " (space) in "Info Header:" is invalid per spec.

如果它是Info-Header或更准确地遵循规范X-Info-会更好标题（以免与规范保留的标题名称冲突）

It would be better if it were "Info-Header" or more accurately following the spec as "X-Info-Header" (so as to not conflict with spec reserved header names)

这篇关于升级到Jetty 9.3后的标头解析错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！