{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 女痞 的问题《Why is this URL returning error 400 from Tomcat?》','https://www.manongdao.com/q-231378.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I have a Tomcat server running Java servlets. I'm trying to make a servlet that returns stored files, given their encrypted IDs.
ID: 100
Encrypted ID: +e4/E5cR/aM=
URL-encoded ID: %2Be4%2FE5cR%2FaM%3D
Resulting URL: http://localhost/file/demo/%2Be4%2FE5cR%2FaM%3D
When I try to follow that link, I don't even get into my servlet's code - the server returns this error: Failed to load resource: the server responded with a status of 400 (Bad Request)
What's wrong with this URL that's making Tomcat reject it before reaching my code? I ran it though a URL-encoder, and I don't see any invalid characters in it.
You are likely experiencing one of 2 issues:
1) You have not included the port in your URL. Either you have configured the Tomcat port to port 80, in which case the port is not needed, or you need to include the port, which defaults to 8080, for example:
2) You are adding the encrypted ID as part of the URL itself, which would have to be mapped to a Servlet/JSP/View of some sort in your URL mappings and is not likely. Tomcat is not going to recognize a unique ID and know a corresponding handler to call to process the mapping. Assuming you intend to call the servlet/JSP/controller that is mapped to '/file/demo', you would more likely want to pass the ID as a request parameter, for example:
You have slash "/" encoded in the url. Apache doesn't allow them due to potential atacks. There is setting to allow them:
or
See similar post.