+ 和 = Base64 编码数据中的字符

Question

我正在将 SAML XML 字符串转换为 base 64 编码的数据，并从 JSP 发布到 Java 应用程序中的控制器。出于某种原因，当我在服务器端接收数据时，所有'+'字符都更改为，+并且所有'='字符都更改为= .请解释那里发生了什么。目前，我已经编写了代码来查找任何此类字符串以替换为+和=字符。也让我知道我怎样才能阻止这种情况。

我的代码和设计是：testSSO.jsp -> TestServletSSO.java -> SSOController.java -> CustomRequestWrapper.java

JSP：

<html>
<title>Test page for SSO</title>
<body>
    <h3>Test page for SSO</h3>
    Please enter SAML in the input box below and submit the page. It will perform SSO with the application. 
    <form id="form1" method="post" action="testsso">
        <TEXTAREA NAME="saml" id="saml" COLS=40 ROWS=6></TEXTAREA>
        <input type="submit" />
    </form>

</body>

</html>

测试服务程序

package com.testsso;

import java.io.IOException;

import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class TestServletSSO extends HttpServlet {

    /**
     * 
     */
    private static final long serialVersionUID = 1L;

    public void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        CustomRequestWrapper requestWrapper = new CustomRequestWrapper(request);
        RequestDispatcher dispatcher = getServletContext().getRequestDispatcher("/sso/fetchAndRegister");  
        dispatcher.forward(requestWrapper, response);
    }

}

单点登录控制器

package com.controller;

import javax.servlet.http.HttpServletRequest;

import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationEventPublisher;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.RememberMeServices;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.ModelAndView;

@RequestMapping("/sso")
public class SSOController {

    @RequestMapping("/fetchAndRegister")
    public ModelAndView fetchAndRegister(HttpServletRequest request) {

        /**
         * This will call CustomRequestWrapper.getHeader() method.
         */
        String authHeaderStr = (String) request
                .getHeader("Authorization");

        
        System.out.println(authHeaderStr); // authHeaderStr has changed here.
        
        UserDetails userDetails = SSOService
                .fetchAndRegister(authHeaderStr);
        login(request, userDetails);
        return new ModelAndView("redirect:/account/eligibility");

    }

CustomRequestWrapper.java：

package com.testsso;

import java.util.ArrayList;
import java.util.Collections;
import java.util.Enumeration;
import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;

public class CustomRequestWrapper extends HttpServletRequestWrapper {
     
    public CustomRequestWrapper(HttpServletRequest request) {
        super(request);
    }
     
    public String getHeader(String name) {
        //get the request object and cast it
        HttpServletRequest request = (HttpServletRequest)getRequest();
        String value = "";
        
        if ("Authorization".equals(name)){
            value = (String) request.getParameter("saml");
            return value;
        }   
        
        return request.getHeader(name);
    }
}

Answer 1

我在使用 Handlebars 时遇到了这个问题。

var htmlsrc64 = '{{posting.html64}}';

结果：

var htmlsrc64 = '... wvZGl2Pgo=';

将语句更改为 3 个大括号后，它不再转义=

var htmlsrc64 = '{{{posting.html64}}}';

结果：

var htmlsrc64 = '... wvZGl2Pgo=';