API与Html映射中的歧义
我有一个这样的APIAPI与Html映射中的歧义,html,spring,jsp,servlets,Html,Spring,Jsp,Servlets,我有一个这样的API @RequestMapping(value = "api/Download", method = RequestMethod.POST) public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html"); PrintWrit
@RequestMapping(value = "api/Download", method = RequestMethod.POST)
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
String filename = "aman1234.xlsx";
String filepath = "/home/aman/aman1/";
response.setContentType("APPLICATION/OCTET-STREAM");
response.setHeader("Content-Disposition", "attachment; filename=\"" + filename + "\"");
FileInputStream fileInputStream = new FileInputStream(filepath + filename);
int i;
while ((i = fileInputStream.read()) != -1) {
out.write(i);
}
fileInputStream.close();
out.close();
}
我正在用这个函数调用这个API
<form action="api/Download" method="post">
我第一次使用它时,它工作正常,url显示
http://localhost:8080/UploadExcel/api/Download
一切正常,但再次重定向到此页面并发布表单后,url映射到http://localhost:8080/UploadExcel/api/api/Upload
为什么要将此“/api”添加到URL中。当我从方法和html元素中删除“/api”时,一切都会正常工作。因为您使用的是相对url而不是绝对url。在您的表单中,使用/api/Download
而不是api/Download
@M.Deinum的评论应该转换为答案-虽然简短但切中要害。关于您的代码:在doGet
方法中实现POST请求处理程序,首先将响应内容类型设置为“text/html”,然后设置为“APPLICATION/OCTET-STREAM”,您想混淆谁?更不用说文件名的串联(假设它迟早来自一个参数)——我很乐意从您的系统中请求文件。/../../../etc/passwd
,以及其他各种文件。这段代码的问题远不止相对URL