需要幫助從 json 決議,我有一個 REST 方法,它回傳帶有排序和過濾的分頁,但我的作業在名稱上以 \ like david\ 結尾,而不是拋出任何例外,而是在代碼中洗掉它。在我的 UserController 類下面:
@PutMapping public PageDTO<UserDTO> find(@RequestBody PageRequest<UserFilter, UserSort> request) { return userService.find(request); }
在 PageRequest 和 UserFilter 下面
@Data @Builder @AllArgsConstructor @NoArgsConstructor public class PageRequestDTO<UserFilter, UserSort> { private Integer size; private Integer page; private UserFilter filter; private UserSort sort; } @Data @Builder @NoArgsConstructor @AllArgsConstructor public class UserFilterDTO { private String name; }
我的例外
2022-sep.-09 15:55:44.786 WARN [http-nio-8083-exec-3] c.e.s.c.a.CommonControllerAdvice - Handling undefined exception: JSON parse error: Illegal unquoted character ((CTRL-CHAR, code 13)): has to be escaped using backslash to be included in string value; nested exception is com.fasterxml.jackson.databind.JsonMappingException: Illegal unquoted character ((CTRL-CHAR, code 13)): has to be escaped using backslash to be included in string value at [Source: (PushbackInputStream); line: 6, column: 35] (through reference chain: com.example.spring.dto.PageRequest["filter"]->com.example.spring.dto.UserFilter["nameSearchText"]) org.springframework.http.converter.HttpMessageNotReadableException: JSON parse error: Illegal unquoted character ((CTRL-CHAR, code 13)): has to be escaped using backslash to be included in string value; nested exception is com.fasterxml.jackson.databind.JsonMappingException: Illegal unquoted character ((CTRL-CHAR, code 13)): has to be escaped using backslash to be included in string value at [Source: (PushbackInputStream); line: 6, column: 35] (through reference chain: com.example.spring.dto.PageRequest["filter"]->com.example.spring.dto.UserFilter["nameSearchText"]) at org.springframework.http.converter.json.AbstractJackson2HttpMessageConverter.readJavaType(AbstractJackson2HttpMessageConverter.java:389) at org.springframework.http.converter.json.AbstractJackson2HttpMessageConverter.read(AbstractJackson2HttpMessageConverter.java:342) at org.springframework.web.servlet.mvc.method.annotation.AbstractMessageConverterMethodArgumentResolver.readWithMessageConverters(AbstractMessageConverterMethodArgumentResolver.java:185) at org.springframework.web.servlet.mvc.method.annotation.RequestResponseBodyMethodProcessor.readWithMessageConverters(RequestResponseBodyMethodProcessor.java:160) at org.springframework.web.servlet.mvc.method.annotation.RequestResponseBodyMethodProcessor.resolveArgument(RequestResponseBodyMethodProcessor.java:133) at org.springframework.web.method.support.HandlerMethodArgumentResolverComposite.resolveArgument(HandlerMethodArgumentResolverComposite.java:122) at org.springframework.web.method.support.InvocableHandlerMethod.getMethodArgumentValues(InvocableHandlerMethod.java:179) at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:146) at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:117) at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:895) at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:808) at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1067) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:963) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006) at org.springframework.web.servlet.FrameworkServlet.doPut(FrameworkServlet.java:920) at javax.servlet.http.HttpServlet.service(HttpServlet.java:684) at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883) at javax.servlet.http.HttpServlet.service(HttpServlet.java:764) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:227) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:197) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:357) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:382) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:895) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1732) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.base/java.lang.Thread.run(Thread.java:829) Caused by: com.fasterxml.jackson.databind.JsonMappingException: Illegal unquoted character ((CTRL-CHAR, code 13)): has to be escaped using backslash to be included in string value at [Source: (PushbackInputStream); line: 6, column: 35] (through reference chain: com.example.spring.dto.PageReques["filter"]->com.example.spring.dto.UserFilter["nameSearchText"]) com.fasterxml.jackson.databind.deser.BeanDeserializer.deserializeFromObject(BeanDeserializer.java:393) org.springframework.http.converter.json.AbstractJackson2HttpMessageConverter.readJavaType(AbstractJackson2HttpMessageConverter.java:378) ... 51 common frames omitted Caused by: com.fasterxml.jackson.core.JsonParseException: Illegal unquoted character ((CTRL-CHAR, code 13)): has to be escaped using backslash to be included in string value at [Source: (PushbackInputStream); line: 6, column: 35]
我在我的 yml 檔案中嘗試了這個屬性“spring:jackson:parser:allow-unquoted-control-chars:true”,但是我得到了這個而不是上面的例外
"JSON parse error: Unexpected character ('s' (code 115)): was expecting comma to separate Object entries; nested exception is com.fasterxml.jackson.databind.JsonMappingException: Unexpected character ('s' (code 115)): was expecting comma to separate Object entries\n at [Source: (PushbackInputStream); line: 6, column: 50] (through reference chain: com.example.service.spring.dto.PageRequest[\"filter\"])"
JSON 示例
{ "pageSize":5, "pageIndex":0, "filter": { "name": "user_2\" } }
uj5u.com熱心網友回復:
在里面
{ "pageSize":5, "pageIndex":0, "filter": { "name": "user_2\" } }
sample JSON 這\"部分意味著你對引號進行了轉義,這會在決議 JSON 時造成麻煩。您需要接收一個字串,其中\字符被轉義,如
{ "pageSize":5, "pageIndex":0, "filter": { "name": "user_2\\" } }
現在,您很可能在某個地方有上面的 JSON,轉義了反斜杠,但這最終在接收端有一個反斜杠。在這種情況下,您需要轉義轉義的反斜杠(是的,這聽起來很奇怪,但有時就是這樣),因為
{ "pageSize":5, "pageIndex":0, "filter": { "name": "user_2\\\\" } }
如果您需要進一步的幫助,那么您還需要提供更多資訊。
uj5u.com熱心網友回復:
正如 Lajos 的回答所解釋的,問題在于\"無意中轉義了雙引號。這導致它不被視為字串結尾。然后將 JSON 的其余部分作為參考字串的一部分進行決議,直到決議器結束。
現在我推測輸入文本實際上以一個CR LF序列結尾。當決議器遇到它時,CR它說
Illegal unquoted character ((CTRL-CHAR, code 13))
因為 ASCII 碼CR是十進制的 13。
該錯誤訊息似乎暗示如果 CR被參考,它將是合法的。事實上,JSON 字串中根本不允許使用小于十進制 32 的字符……除非您將它們表示為 JSON轉義序列。
uj5u.com熱心網友回復:
您示例中的 JSON 字串無效:
由于請求格式錯誤,'{ "pageSize":5, "pageIndex":0, "filter": { "name": "user_2\" } }'
您必須回傳。400 bad request客戶端不是一個合適的 REST 客戶端,而不是支持修復客戶端的錯誤請求將是真正的解決方案。
人們花了很多時間撰寫正確的 JSON 決議器,如果您為格式錯誤的 JSON 添加自定義決議器,這將是一個潛在的安全問題。例如,您通過替換為來修復上述 JSON 字串\,\\然后我添加一個類似的字串,該字串"user_2\"..."將更改為"user_2\\"...",這又是無效的。如果這是用用戶輸入填充的,那么用戶可能能夠在...訊息的一部分中注入另一個屬性,該屬性可用于替換另一個未由用戶填充的屬性。因此,在不知道自己在做什么的情況下修復或撰寫決議器是一個非常糟糕的主意。從編程和資訊安全的角度來看,給你這個作業的人是完全不稱職的。
轉載請註明出處,本文鏈接:https://www.uj5u.com/qukuanlian/508453.html