堆栈内存溢出
  简体   繁体   English

Spring错误页面和web.xml的问题

[英]Issue with spring error-page and web.xml

 原文  2017-04-07 09:19:07       java/ xml/ spring

问题描述

here is my web.xml: 这是我的web.xml: 

<error-page>
    <error-code>404</error-code>
    <location>/error/404</location>
</error-page>

Below is my Controller class : 下面是我的Controller类: 

import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;


@RequestMapping(value = "/error")
@Controller
public class ErrorController {

@RequestMapping(value = {"/307", "/400", "/401", "/403", "/404", "/405", "500", "503"})
public ModelAndView error(HttpServletRequest request) throws Exception {
    String path = request.getServletPath().replace("/error/", "");
    return new ModelAndView("redirect:/error/view/"+path);
}

if I request error url like this 如果我这样请求错误网址 

http://localhost:8080/erro/

it display 404 error-page but it change url 它显示404错误页面,但它更改了网址 

http://localhost:8080/error/view/404

If invalid URL is requested, the error page appears but old url has changed. 如果请求的URL无效,则会显示错误页面,但旧的url已更改。 What do I need to fix so that old url does not change and only the error page appears? 我需要修复什么,以使旧的URL保持不变,而仅显示错误页面?

thanks :) 谢谢 :)

2 个解决方案

解决方案1
 2 已采纳  2017-04-07 09:35:09

In this case you need to use forward: instead of redirect: 在这种情况下,您需要使用forward:而不是redirect:

Redirect is working on client side by sending Location header to the browser, that's why URL is changing. 通过将Location标头发送到浏览器, 重定向在客户端上起作用,这就是URL更改的原因。

Forward is working on the server side by choosing the file that will be send as a response to the browser. 转发通过选择将作为响应发送到浏览器的文件在服务器端进行。

But be very careful with forward , because it could lead to a security issue if you will use it with user-controlled input. 但是,请务必谨慎处理forward ,因为如果将其与用户控制的输入一起使用,可能会导致安全问题。 In that case attacker will be able to download any file from your WAR (it depends on your configuration but in some extremely cases he will be able to download even compiled java classes). 在这种情况下,攻击者将能够从WAR下载任何文件 (这取决于您的配置,但在某些极端情况下,他将能够下载甚至编译的Java类)。

解决方案2
 1  2017-04-07 09:34:09

Remove the "redirect:". 删除“重定向:”。 This will avoid the redirect and the url will not change. 这样可以避免重定向,并且网址不会更改。 

@RequestMapping(value = {"/307", "/400", "/401", "/403", "/404", "/405", "500", "503"})
public ModelAndView error(HttpServletRequest request) throws Exception {
   String path = request.getServletPath().replace("/error/", "");
   return new ModelAndView("/error/view/"+path);

} }

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 @ResponseStatus和web.xml <error-page> - @ResponseStatus and web.xml <error-page> 关于web.xml中的错误页面 - About error-page in web.xml <error-page> web.xml无法正常工作 - <error-page> web.xml is not working web.xml错误页面404错误路径 - web.xml error-page 404 error path 以编程方式从web.xml获取错误页面 - Programmatically get error-page from web.xml web.xml 中的条件错误页面/使用 Jersey 跳过错误页面 - Conditional error-page's in web.xml / skip error-page with Jersey Spring MVC JavaConfig webapp中的“error-page”配置? (没有web.xml) - “error-page” configuration in Spring MVC JavaConfig webapp? (no web.xml) 加 <error-page> 在web.xml中指定servlet - Add <error-page> to specifc servlet within web.xml 没有web.xml错误的Servlet 3.0-页面javaconfig - Servlet 3.0 without web.xml error-page javaconfig 使用Jersey的ExceptionMapper忽略web.xml错误页面 - Ignoring web.xml error-page with Jersey's ExceptionMapper
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM