请求中方法名称中的特殊字符 header
Special characters in method name in request header
我的 Web 服务器遇到了一个奇怪的问题。在我的 Web 服务器访问日志中,我发现一些请求 header 的方法名称中包含特殊字符。
以下是我的日志截图:
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:14 +0400] "GET /" 200 44
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:14 +0400] "G\xddET /XYZ/entityIndex.jsp HTTP/1.1" 200 6138
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:14 +0400] "\x9fG\xfaET /XYZ/css/bootstrap.min.css HTTP/1.1" 501 1124
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:14 +0400] "G@ET /XYZ/css/XYZstyles.css HTTP/1.1" 501 1118
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:14 +0400] "G\xd9ET /XYZ/img/logo-mom.png HTTP/1.1" 501 1120
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:14 +0400] "G\xefET /XYZ/jquery/api/jquery-2.1.1.min.js HTTP/1.1" 501 1120
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:14 +0400] "G\x0fET /XYZ/jquery/api/jquery-migrate-1.2.1.js HTTP/1.1" 501 1118
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:14 +0400] "G\x92ET /XYZ/js/XYZcommon.js HTTP/1.1" 501 1120
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:16 +0400] "POST /XYZ/doXYZLogin.action HTTP/1.1" 302 -
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:17 +0400] "GET /" 200 44
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:17 +0400] "GET /XYZ/XYZIndexPage HTTP/1.1" 200 5772
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:19 +0400] "GET /" 200 44
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:21 +0400] "G\xc8ET /XYZ/jquery/validation/jquery.validate.js HTTP/1.1" 501 1120
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:21 +0400] "G\xd1ET /XYZ/img/XYZ-currency.png HTTP/1.1" 501 1120
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:21 +0400] "G\x1bET /XYZ/js/bootstrap.min.js HTTP/1.1" 501 1118
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:22 +0400] "GET /" 200 44
您可以看到一些请求具有无效的 GET(例如 G\xddET)方法。知道是什么原因造成的吗?
这是因为网络服务器选择了 CipherSuite 来与浏览器通信。通过以下配置更改,问题现已解决:
SSLHonorCipherOrder On
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!AES128-SHA
我的 Web 服务器遇到了一个奇怪的问题。在我的 Web 服务器访问日志中,我发现一些请求 header 的方法名称中包含特殊字符。 以下是我的日志截图:
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:14 +0400] "GET /" 200 44
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:14 +0400] "G\xddET /XYZ/entityIndex.jsp HTTP/1.1" 200 6138
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:14 +0400] "\x9fG\xfaET /XYZ/css/bootstrap.min.css HTTP/1.1" 501 1124
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:14 +0400] "G@ET /XYZ/css/XYZstyles.css HTTP/1.1" 501 1118
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:14 +0400] "G\xd9ET /XYZ/img/logo-mom.png HTTP/1.1" 501 1120
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:14 +0400] "G\xefET /XYZ/jquery/api/jquery-2.1.1.min.js HTTP/1.1" 501 1120
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:14 +0400] "G\x0fET /XYZ/jquery/api/jquery-migrate-1.2.1.js HTTP/1.1" 501 1118
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:14 +0400] "G\x92ET /XYZ/js/XYZcommon.js HTTP/1.1" 501 1120
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:16 +0400] "POST /XYZ/doXYZLogin.action HTTP/1.1" 302 -
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:17 +0400] "GET /" 200 44
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:17 +0400] "GET /XYZ/XYZIndexPage HTTP/1.1" 200 5772
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:19 +0400] "GET /" 200 44
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:21 +0400] "G\xc8ET /XYZ/jquery/validation/jquery.validate.js HTTP/1.1" 501 1120
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:21 +0400] "G\xd1ET /XYZ/img/XYZ-currency.png HTTP/1.1" 501 1120
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:21 +0400] "G\x1bET /XYZ/js/bootstrap.min.js HTTP/1.1" 501 1118
xxx.xxx.xxx.xxx - - [14/Jul/2016:10:05:22 +0400] "GET /" 200 44
您可以看到一些请求具有无效的 GET(例如 G\xddET)方法。知道是什么原因造成的吗?
这是因为网络服务器选择了 CipherSuite 来与浏览器通信。通过以下配置更改,问题现已解决:
SSLHonorCipherOrder On
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!AES128-SHA