初级网站开发的自我推荐,电子商务网站建设策划书模板,电子商务网站规划与管理,cms网站建设方案Tomcat的maxParameterCountmaxPostSize参数 Tomcat的maxParameterCountmaxPostSize参数1.问题1.1问题现象1.2 参数总结1.3 问题总结 2 Tomcat官网的解释2.1 到https://tomcat.apache.org/找到文档入口2.2 找到文档的Reference2.3 查看配置文件的参数 3 文档看不明白maxPostSize参数 Tomcat的maxParameterCountmaxPostSize参数1.问题1.1问题现象1.2 参数总结1.3 问题总结 2 Tomcat官网的解释2.1 到https://tomcat.apache.org/找到文档入口2.2 找到文档的Reference2.3 查看配置文件的参数 3 文档看不明白自己做实验吧。3.1 maxParameterCount 参数个数3.2 maxPostSizePOST请求参数大小 4.实验配置 Tomcat的maxParameterCountmaxPostSize参数
参考文章 嵌入式Tomcat容器的参数(maxParameterCountmaxPostSize)设定参数过多解决方案
1.问题
1.1问题现象
周五同事说请求的参数拿不到了。但是同一个接口请求参数太大就没有参数了参数少的话服务端是有参数的。 打开浏览器的控制台发现POST的请求参数中的有一个参数很大所有的参数加起来有2.8M了。网上查了一下Tomcat的配置 原来配置文件中有一个masPostSize的参数。因此这个博客来看看tomcat的maxParameterCountmaxPostSize参数看看是不是这个问题导致的。 这里截图看到线上是Content-Type: application/x-www-form-urlencoded;charsetUTF-8的POST请求类型Content-Length:有问题的是2.8M并不是这个截图所示的234B。
1.2 参数总结
maxParameterCount控制请求参数的个数对于application/x-www-form-urlencoded or multipart/form-data的POST请求来说是请求参数和请求体参数总个数。超出的参数获取不到maxPostSize控制POST请求参数大小的限制。 application/x-www-form-urlencoded大小超过的参数获取不到。 multipart/form-data 大小超过异常报错。
1.3 问题总结
tomcat的maxPostSize没有设置默认的是2M请求是application/x-www-form-urlencoded 类型的所以也不会报错。参数字节数小的可以获取到参数字节数大的就获取不到了。
2 Tomcat官网的解释
2.1 到https://tomcat.apache.org/找到文档入口 2.2 找到文档的Reference 2.3 查看配置文件的参数
maxParameterCount The maximum total number of request parameters (including uploaded files) obtained from the query string and, for POST requests, the request body if the content type is application/x-www-form-urlencoded or multipart/form-data. Request parameters beyond this limit will be ignored. A value of less than 0 means no limit. If not specified, a default of 10000 is used. Note that FailedRequestFilter filter can be used to reject requests that exceed the limit.参数个数超出的部分会被忽略默认是1w个参数 maxPostSize The maximum size in bytes of the POST which will be handled by the container FORM URL parameter parsing. The limit can be disabled by setting this attribute to a value less than zero. If not specified, this attribute is set to 2097152 (2 MiB). Note that the FailedRequestFilter can be used to reject requests that exceed this limit.POST请求体参数的大小字节单位这里没说超过了会怎么样。
?xml version1.0 encodingUTF-8?
!--Licensed to the Apache Software Foundation (ASF) under one or morecontributor license agreements. See the NOTICE file distributed withthis work for additional information regarding copyright ownership.The ASF licenses this file to You under the Apache License, Version 2.0(the License); you may not use this file except in compliance withthe License. You may obtain a copy of the License athttp://www.apache.org/licenses/LICENSE-2.0Unless required by applicable law or agreed to in writing, softwaredistributed under the License is distributed on an AS IS BASIS,WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.See the License for the specific language governing permissions andlimitations under the License.
--
!-- Note: A Server is not itself a Container, so you may notdefine subcomponents such as Valves at this level.Documentation at /docs/config/server.html--
Server port8005 shutdownSHUTDOWNListener classNameorg.apache.catalina.startup.VersionLoggerListener /!-- Security listener. Documentation at /docs/config/listeners.htmlListener classNameorg.apache.catalina.security.SecurityListener /--!-- APR library loader. Documentation at /docs/apr.html --Listener classNameorg.apache.catalina.core.AprLifecycleListener SSLEngineon /!-- Prevent memory leaks due to use of particular java/javax APIs--Listener classNameorg.apache.catalina.core.JreMemoryLeakPreventionListener /Listener classNameorg.apache.catalina.mbeans.GlobalResourcesLifecycleListener /Listener classNameorg.apache.catalina.core.ThreadLocalLeakPreventionListener /!-- Global JNDI resourcesDocumentation at /docs/jndi-resources-howto.html--GlobalNamingResources!-- Editable user database that can also be used byUserDatabaseRealm to authenticate users--Resource nameUserDatabase authContainertypeorg.apache.catalina.UserDatabasedescriptionUser database that can be updated and savedfactoryorg.apache.catalina.users.MemoryUserDatabaseFactorypathnameconf/tomcat-users.xml //GlobalNamingResources!-- A Service is a collection of one or more Connectors that sharea single Container Note: A Service is not itself a Container,so you may not define subcomponents such as Valves at this level.Documentation at /docs/config/service.html--Service nameCatalina!--The connectors can use a shared executor, you can define one or more named thread pools--!--Executor nametomcatThreadPool namePrefixcatalina-exec-maxThreads150 minSpareThreads4/--!-- A Connector represents an endpoint by which requests are receivedand responses are returned. Documentation at :Java HTTP Connector: /docs/config/http.htmlJava AJP Connector: /docs/config/ajp.htmlAPR (HTTP/AJP) Connector: /docs/apr.htmlDefine a non-SSL/TLS HTTP/1.1 Connector on port 8080--Connector port8080 protocolHTTP/1.1connectionTimeout20000redirectPort8443maxPostSize7maxParameterCount2/!-- A Connector using the shared thread pool--!--Connector executortomcatThreadPoolport8080 protocolHTTP/1.1connectionTimeout20000redirectPort8443maxParameterCount1000/--!-- Define an SSL/TLS HTTP/1.1 Connector on port 8443This connector uses the NIO implementation. The defaultSSLImplementation will depend on the presence of the APR/nativelibrary and the useOpenSSL attribute of the AprLifecycleListener.Either JSSE or OpenSSL style configuration may be used regardless ofthe SSLImplementation selected. JSSE style configuration is used below.--!--Connector port8443 protocolorg.apache.coyote.http11.Http11NioProtocolmaxThreads150 SSLEnabledtruemaxParameterCount1000SSLHostConfigCertificate certificateKeystoreFileconf/localhost-rsa.jkstypeRSA //SSLHostConfig/Connector--!-- Define an SSL/TLS HTTP/1.1 Connector on port 8443 with HTTP/2This connector uses the APR/native implementation which always usesOpenSSL for TLS.Either JSSE or OpenSSL style configuration may be used. OpenSSL styleconfiguration is used below.--!--Connector port8443 protocolorg.apache.coyote.http11.Http11AprProtocolmaxThreads150 SSLEnabledtruemaxParameterCount1000UpgradeProtocol classNameorg.apache.coyote.http2.Http2Protocol /SSLHostConfigCertificate certificateKeyFileconf/localhost-rsa-key.pemcertificateFileconf/localhost-rsa-cert.pemcertificateChainFileconf/localhost-rsa-chain.pemtypeRSA //SSLHostConfig/Connector--!-- Define an AJP 1.3 Connector on port 8009 --!--Connector protocolAJP/1.3address::1port8009redirectPort8443maxParameterCount1000/--!-- An Engine represents the entry point (within Catalina) that processesevery request. The Engine implementation for Tomcat stand aloneanalyzes the HTTP headers included with the request, and passes themon to the appropriate Host (virtual host).Documentation at /docs/config/engine.html --!-- You should set jvmRoute to support load-balancing via AJP ie :Engine nameCatalina defaultHostlocalhost jvmRoutejvm1--Engine nameCatalina defaultHostlocalhost!--For clustering, please take a look at documentation at:/docs/cluster-howto.html (simple how to)/docs/config/cluster.html (reference documentation) --!--Cluster classNameorg.apache.catalina.ha.tcp.SimpleTcpCluster/--!-- Use the LockOutRealm to prevent attempts to guess user passwordsvia a brute-force attack --Realm classNameorg.apache.catalina.realm.LockOutRealm!-- This Realm uses the UserDatabase configured in the global JNDIresources under the key UserDatabase. Any editsthat are performed against this UserDatabase are immediatelyavailable for use by the Realm. --Realm classNameorg.apache.catalina.realm.UserDatabaseRealmresourceNameUserDatabase//RealmHost namelocalhost appBasewebappsunpackWARstrue autoDeploytrue!-- SingleSignOn valve, share authentication between web applicationsDocumentation at: /docs/config/valve.html --!--Valve classNameorg.apache.catalina.authenticator.SingleSignOn /--!-- Access log processes all example.Documentation at: /docs/config/valve.htmlNote: The pattern used is equivalent to using patterncommon --Valve classNameorg.apache.catalina.valves.AccessLogValve directorylogsprefixlocalhost_access_log suffix.txtpattern%h %l %u %t quot;%rquot; %s %b //Host/Engine/Service
/Server3 文档看不明白自己做实验吧。 Connector port8080 protocolHTTP/1.1connectionTimeout20000redirectPort8443maxPostSize7maxParameterCount2/参数个数最大2个POST请求大小最大7个
3.1 maxParameterCount 参数个数
GET请求参数的个数超过之后多出来的就取不到了。
~/data/
~/data/ curl -s --location http://localhost:8080/?mmm1m1m2m2 | jq .
{m: [m],m1: [m1]
}
~/data/
~/data/ curl -s --location http://localhost:8080/?mmm1m1 | jq .
{m: [m],m1: [m1]
}
~/data/ POST的请求参数个数超过过之后多出来的就取不到了。
~/data/
~/data/ curl -s --location --request POST http://localhost:8080/test?mmm1m1m2m2 | jq .
{m: [m],m1: [m1]
}
~/data/
~/data/
~/data/ curl -s --location --request POST http://localhost:8080/test?mmm1m1 | jq .
{m: [m],m1: [m1]
}
~/data/
~/data/ curl --location http://localhost:8080/test?mmm1m1m2m2 \
--header Content-Type: application/x-www-form-urlencoded -s \
--data-urlencode m3m3 | jq .
{m: [m],m1: [m1]
}
~/data/
~/data/ curl --location http://localhost:8080/test?mm \
--header Content-Type: application/x-www-form-urlencoded \
--data-urlencode m3m3 -s | jq .
{m: [m],m3: [m3]
}
~/data/
~/data/ 3.2 maxPostSizePOST请求参数大小
Content-Type: application/x-www-form-urlencoded大小没有超过都可以获取到超过大小都获取不到
~/data/
~/data/ curl --location http://localhost:8080/test -s \
--header Content-Type: application/x-www-form-urlencoded \
--data-urlencode j12345 | jq .
{j: [12345]
}
~/data/
~/data/
~/data/
~/data/ curl --location http://localhost:8080/test -s \
--header Content-Type: application/x-www-form-urlencoded \
--data-urlencode j123456 | jq .
{}
~/data/
~/data/ curl --location http://localhost:8080/test -s \
--header Content-Type: application/x-www-form-urlencoded \
--data-urlencode j1 \
--data-urlencode i2 | jq .
{j: [1],i: [2]
}
~/data/
~/data/
~/data/ curl --location http://localhost:8080/test -s \
--header Content-Type: application/x-www-form-urlencoded \
--data-urlencode j1 \
--data-urlencode i23 | jq .
{}
~/data/
~/data/ multipart/form-data; boundarycalculated when request is sent 大小没有超过都可以获取到超过大小报错
~/data/
~/data/ curl --location http://localhost:8080/test \
--form j1234 -s | jq .
{j: [1234]
}
~/data/ curl --location http://localhost:8080/test -s \
--form j12345|jq .
{timestamp: 1705816422926,status: 500,error: Internal Server Error,exception: org.springframework.web.multipart.MultipartException,message: Could not parse multipart servlet request; nested exception is java.lang.IllegalStateException: The multi-part request contained parameter data (excluding uploaded files) that exceeded the limit for maxPostSize set on the associated connector,path: /test
}
~/data/ 4.实验配置
~/data/ docker pull tomcat:8.5.98
~/data/ docker run -d -p 8080:8080 -v /Users/admin/data/tomcat/webapps:/usr/local/tomcat/webapps tomcat:8.5.98
90f2cfa859c67e3886f67d8b862005c196944cbc037efc64e2e1417b450ae174
~/data/ server.xml的配置见上文
~/data/ docker cp ./server.xml 90f2cfa859c6:/usr/local/tomcat/conf/server.xml
~/data/ java 代码https://github.com/xiaolixi/spring/tree/main/springboot-resttemplatehttps://tomcat.apache.org/tomcat-8.5-doc/servletapi/javax/servlet/ServletRequest.html#getParameterMap()
