java 接收到包含无效 cookie 的 cookie 标头。
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/36665320/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
A cookie header was received that contained an invalid cookie.
提问by Dhumil Agarwal
I am migratingmy Server from Tomcat-6to Tomcat-9. My website is designed for the protocol of HTTP/1.1 . The server.xml file contains the Connector Protocol of org.apache.coyote.http11.Http11NioProtocol. The server starts up normally without generating any errors. However, when I try to access my website using localhost, I get the following error :-
我正在将我的服务器从Tomcat-6迁移到Tomcat-9。我的网站是为 HTTP/1.1 协议设计的。server.xml 文件包含org.apache.coyote.http11.Http11NioProtocol的连接器协议。服务器正常启动,不会产生任何错误。但是,当我尝试使用 localhost 访问我的网站时,出现以下错误:-
INFO [https-nio-8445-exec-3] org.apache.tomcat.util.http.parser.Cookie.logInvalidHeaderA cookie header was received [ 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 21, 22, 23]; userId=53136] that contained an invalid cookie. That cookie will be ignored.Note: further occurrences of this error will be logged at DEBUG level.
信息 [https-nio-8445-exec-3] org.apache.tomcat.util.http.parser.Cookie.logInvalidHeaderA cookie header was received [2, 3, 4, 5, 6, 7, 8, 9, 10 , 11, 12, 21, 22, 23]; userId=53136] 包含无效的 cookie。该 cookie 将被忽略。注意:此错误的进一步发生将在调试级别记录。
Can anyone please tell me the reason for this error? What causes an invalid cookie? Can this error be avoided if I use a different connector?
谁能告诉我这个错误的原因?是什么导致无效的 cookie?如果我使用不同的连接器,可以避免这个错误吗?
采纳答案by prayagupd
I found the API deployed on tomcat able to grab the cookies when I send a cURL request, though there was tomcat warning.
我发现部署在 tomcat 上的 API 在我发送 cURL 请求时能够抓取 cookie,尽管有 tomcat 警告。
curl -XPOST -H "Content-Type: application/json" --cookie "userId=64ad960c-bb7e-48dd-8191-4f31539bc2c2,accessToken=64ad960c-bb7e-48dd-8191-4f31539bc2c2" -d '{"message":"play porcupine tree"}' http://localhost:9090/nlu/convo
Butto remove the warning, had to update cookie processor (LegacyCookieProcessor) in the tomcat config (conf/context.xml)
但是要删除警告,必须更新LegacyCookieProcessortomcat 配置 ( conf/context.xml)中的cookie 处理器( )
Example,
例子,
cat /usr/local/apache-tomcat-8.5.12/conf/context.xml
<?xml version="1.0" encoding="UTF-8"?>
<!-- The contents of this file will be loaded for each web application -->
<Context>
<WatchedResource>WEB-INF/web.xml</WatchedResource>
<WatchedResource>${catalina.base}/conf/web.xml</WatchedResource>
<!--
<CookieProcessor className="org.apache.tomcat.util.http.Rfc6265CookieProcessor" />
-->
<CookieProcessor className="org.apache.tomcat.util.http.LegacyCookieProcessor" />
</Context>
I thought org.apache.tomcat.util.http.Rfc6265CookieProcessorwould work but did not, LegacyCookieProcessoris required.
我认为org.apache.tomcat.util.http.Rfc6265CookieProcessor会起作用但没有,这LegacyCookieProcessor是必需的。
Reference
参考
https://tools.ietf.org/html/rfc6265
https://tools.ietf.org/html/rfc6265
LegacyCookieProcessorimplements a strict interpretation of the cookie specifications. Due to various interoperability issues with browsers not all strict behaviours are enabled by default and additional options are available to further relax the behaviour of this cookie processor if required.
LegacyCookieProcessor实现对 cookie 规范的严格解释。由于浏览器的各种互操作性问题,并非所有严格行为都默认启用,如果需要,可以使用其他选项进一步放宽此 cookie 处理器的行为。
回答by dtk
Fwiw: I somehow got my Chrome browser into a really b0rken state, getting it to send a malformed cookie with mismatched quotes: "XSRF-TOKEN=93926112-aa12-440e-8e06-02b7fbce27d5;
Fwiw:我以某种方式让我的 Chrome 浏览器进入了一个真正的 b0rken 状态,让它发送一个格式不正确的 cookie 和不匹配的引号: "XSRF-TOKEN=93926112-aa12-440e-8e06-02b7fbce27d5;
Just clearing the cookie from the developer tools wasn't sufficient, but Clear storagefrom the sidebar of the Applicationtab seems to have done it.
仅从开发人员工具中清除 cookie 是不够的,但从选项卡Clear storage的侧边栏Application似乎已经完成了。
