java - 由 : java.net.URISyntaxException 引起:索引 111 处的查询中存在非法字符:由于 URI 中的 {} 导致错误

Question

我发现该错误是由于 URI 中的大括号下方造成的 {2019-06-11T00:00:00%20TO%202019-06-11T23:59:59}

我还尝试添加 FilterRegistrationBean，但没有成功

@Bean
public FilterRegistrationBean filterRegistrationBean() {
    FilterRegistrationBean registrationBean = new FilterRegistrationBean();
    CharacterEncodingFilter characterEncodingFilter = new CharacterEncodingFilter();
    characterEncodingFilter.setForceEncoding(false);
    characterEncodingFilter.setEncoding("UTF-8");
    characterEncodingFilter.setForceRequestEncoding(false);
    characterEncodingFilter.setForceResponseEncoding(false);
    registrationBean.setFilter(characterEncodingFilter);
    registrationBean.addUrlPatterns("/*");
    return registrationBean;
}




private static class EmbeddedTomcatCustomizer implements 
        WebServerFactoryCustomizer<TomcatServletWebServerFactory> {

    @Override
    public void customize(TomcatServletWebServerFactory factory) {
        factory.addConnectorCustomizers((TomcatConnectorCustomizer) connector -> {
            connector.setAttribute("relaxedPathChars", "<>[\\]^`:{|}");
            connector.setAttribute("relaxedQueryChars", "<>[\\]^`:{|}");
        });
    }
}

Answer 1

最安全的选择是使用 percent encoding 对 { 和 } 进行编码如 %7B 和 %7D。根据RFC-1738这两个字符被认为是不安全的，在处理时可能会导致问题:

Unsafe:

Characters can be unsafe for a number of reasons. The space character is unsafe because significant spaces may disappear and insignificant spaces may be introduced when URLs are transcribed or typeset or subjected to the treatment of word-processing programs. The characters "<" and ">" are unsafe because they are used as the delimiters around URLs in free text; the quote mark (""") is used to delimit URLs in some systems. The character "#" is unsafe and should always be encoded because it is used in World Wide Web and in other systems to delimit a URL from a fragment/anchor identifier that might follow it. The character "%" is unsafe because it is used for encodings of other characters. Other characters are unsafe because gateways and other transport agents are known to sometimes modify such characters. These characters are "{", "}", "|", "", "^", "~", "[", "]", and "`".

All unsafe characters must always be encoded within a URL. For example, the character "#" must be encoded within URLs even in systems that do not normally deal with fragment or anchor identifiers, so that if the URL is copied into another system that does use them, it will not be necessary to change the URL encoding.