如何从 java servlet 中的 POST 数据中分离出查询字符串参数
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/459441/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How do I separate out query string params from POST data in a java servlet
提问by stu
When you get a doGet or doPost call in a servlet you can use getparameterxxx()to get either the query string or the post data in one easy place.
If the call was a GET, you get data from the url/query string.
If the call was a POST, you get the post data all parsed out for you.
当您在 servlet 中收到 doGet 或 doPost 调用时,您可以使用getparameterxxx()它在一个简单的地方获取查询字符串或发布数据。
如果调用是 GET,则从 url/query 字符串中获取数据。
如果调用是 POST,您会为您解析所有的 post 数据。
Except as it turns out, if you don't put an 'action' attribute in your form call. If you specify a fully qualified or partially qualified url for the action param everything works great, if you don't, the browser will call the same url as it did on the previous page submit, and if there happens to be query string data there, you'll get that as well as POST data, and there's no way to tell them apart.
除非事实证明,如果您没有在表单调用中放置“动作”属性。如果您为 action 参数指定了完全限定或部分限定的 url 一切正常,如果您不这样做,浏览器将调用与上一页提交时相同的 url,并且如果那里碰巧有查询字符串数据,您将获得该数据以及 POST 数据,并且无法区分它们。
Or is there? I'm looking through the request object, I see where the post data comes from, I'm just trying to figure out where the GET data comes from, so I can erase the GET data on a post call and erase the post data on a GET call before it parses it out if possible.
或者有吗?我正在查看请求对象,我看到发布数据的来源,我只是想弄清楚 GET 数据的来源,所以我可以在发布调用时删除 GET 数据并删除发布数据如果可能,在解析它之前调用 GET。
Any idea what the safe way to do this is?
知道这样做的安全方法是什么吗?
And lemme guess: you never tried to not put an action field in a form tag. :-)
并且让我猜测:您从未尝试过不在表单标签中放置操作字段。:-)
采纳答案by MatthieuP
回答by David Z
You're right, I never tried not to put an action field in a form tag ;-) and I wouldn't, because of exactly what you're talking about. (Also, I think it's not valid HTML)
你是对的,我从来没有试过不在表单标签中放置一个操作字段 ;-) 并且我不会,因为正是你在说什么。(另外,我认为它不是有效的 HTML)
I don't know of any "clean" way to distinguish between GET and POST parameters, but you can access the raw query string using the getQueryString()method of HttpServletRequest, and you can access the raw POST data using the getInputStream()method of ServletRequest. (I'm looking at the Tomcat API docs specifically here, although I think those are both part of the standard Servlet API) Then you could parse the POST data and GET data separately if you want. They will (or should normally) both be formatted the same way, i.e.
我不知道有什么“干净”的方法来区分 GET 和 POST 参数,但是您可以使用 的getQueryString()方法访问原始查询字符串HttpServletRequest,您可以使用 的getInputStream()方法访问原始 POST 数据ServletRequest。(我在这里专门查看 Tomcat API 文档,尽管我认为它们都是标准 Servlet API 的一部分)然后您可以根据需要分别解析 POST 数据和 GET 数据。它们将(或通常应该)都以相同的方式格式化,即
name1=value1&name2=value2&...
though possibly with the ampersands replaced by semicolons (which you can technically do in HTTP/1.1, I didn't know that until recently)
虽然可能用分号代替&符号(技术上可以在 HTTP/1.1 中做到这一点,直到最近我才知道)
回答by Hilton Campbell
The HttpServletRequest.getParameterxxx() methods don't distinguish between GET and POST parameters. If you really need to distinguish between them, you'll need to parse them manually using getQueryString() for the GET parameters and getInputStream()/getReader() for the POST data.
HttpServletRequest.getParameterxxx() 方法不区分 GET 和 POST 参数。如果您确实需要区分它们,则需要使用 getQueryString() 对 GET 参数和 getInputStream()/getReader() 对 POST 数据手动解析它们。
回答by kipz
I would write a ServletFilter and decorate the request object to clean things up a bit (using what Hilton suggested above). This is the classic decorator pattern in an intercepting filter.
我会编写一个 ServletFilter 并装饰请求对象以清理一些东西(使用希尔顿上面的建议)。这是拦截过滤器中的经典装饰器模式。
