服务端回调报错。Cookie 的 domain 传入非法字符

报错信息如下:

java.lang.IllegalArgumentException: An invalid domain [.javaex.cn] was specified for this cookie
at org.apache.tomcat.util.http.Rfc6265CookieProcessor.validateDomain(Rfc6265CookieProcessor.java:203)
at org.apache.tomcat.util.http.Rfc6265CookieProcessor.generateHeader(Rfc6265CookieProcessor.java:145)
at org.apache.catalina.connector.Response.generateCookieString(Response.java:1019)
at org.apache.catalina.connector.Response.addCookie(Response.java:967)
at org.apache.catalina.connector.ResponseFacade.addCookie(ResponseFacade.java:386)
at com.pactera.sso.client.utils.CookiesUtil.set(CookiesUtil.java:348)
at com.pactera.sso.client.utils.CookiesUtil.setFilterCookies(CookiesUtil.java:299)


报错原因:

  • tomcat 升级到 8.5 版本 使用了 Rfc6265CookieProcessor 就出现了 cookie domain 

解决方案:

  • 重写 context.setCookieProcessor(new LegacyCookieProcessor());

springboot 1.x

@Configuration
public class WebServletContextConfig {

@Bean
public EmbeddedServletContainerCustomizer cookieProcessorCustomizer() {
return new EmbeddedServletContainerCustomizer() {
@Override
public void customize(ConfigurableEmbeddedServletContainer container) {
if (container instanceof TomcatEmbeddedServletContainerFactory) {
((TomcatEmbeddedServletContainerFactory) container)
.addContextCustomizers(new TomcatContextCustomizer() {
@Override
public void customize(Context context) {
context.setCookieProcessor(new LegacyCookieProcessor());
}

});
}
}
};
}

}


springboot 2.x

@Configuration
public class WebServletContextConfig {

@Bean
public WebServerFactoryCustomizer cookieProcessorCustomizer() {
return new WebServerFactoryCustomizer() {
@Override
public void customize(WebServerFactory container) {
if (container instanceof TomcatServletWebServerFactory) {
((TomcatServletWebServerFactory) container)
.addContextCustomizers(new TomcatContextCustomizer() {
@Override
public void customize(Context context) {
context.setCookieProcessor(new LegacyCookieProcessor());
}
});
}
}
};
}
}