Node.js的报告网址为200,而不是404
问题描述:
我有一个Node.js的应用期运用在http://bartonlp.org:8080运行express.js。我看到这一点,例如,在我的日志输出:Node.js的报告网址为200,而不是404
"GET http://www.baidu.com/?rnd=19712180733831423955225532 HTTP/1.0" 200 2749
我本来期望所有其他的要求来生产一个404错误,而不是200。这看起来像请求www.baidu.com实际上得到回答。
这怎么会发生?我在我的app.get唯一(“/” ......是一个主要的页面。
这是一个很小的node.js加express.js app.js和路由/ index.js。 这给了相同的结果与原始文件,这里是我的日志文件的副本:
::ffff:94.102.49.174 - - [22/Sep/2016:23:22:29 +0000] "GET http://www.baidu.com/cache/global/img/gs.gif HTTP/1.1" 404 975 "-" "Mozilla"
::ffff:61.157.96.111 - - [22/Sep/2016:23:49:10 +0000] "GET http://www.baidu.com/?rnd=3342104796019809757566816 HTTP/1.0" 200 197 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2;Windows NT 5.1;Windows NT 5.3; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
::ffff:61.157.96.111 - - [22/Sep/2016:23:49:10 +0000] "GET http://50.117.47.67:43530/?rnd=2031422537804277052916912 HTTP/1.0" 200 197 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2;Windows NT 5.1;Windows NT 5.3; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
::ffff:61.157.96.111 - - [22/Sep/2016:23:49:11 +0000] "GET http://123.249.29.201:/?rnd=173003480482578803940608 HTTP/1.0" 200 197 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2;Windows NT 5.1;Windows NT 5.3; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
::ffff:61.157.96.112 - - [22/Sep/2016:23:56:31 +0000] "GET http://123.249.29.201:/?rands=_518421966013600083518500 HTTP/1.0" 200 197 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
::ffff:61.157.96.112 - - [22/Sep/2016:23:56:31 +0000] "GET http://www.baidu.com/?rands=_14790662340951392923112 HTTP/1.0" 200 197 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
::ffff:61.157.96.112 - - [22/Sep/2016:23:56:32 +0000] "GET http://50.117.47.15:28712/?rands=_71269649426275522095128 HTTP/1.0" 200 197 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
::ffff:61.157.96.112 - - [22/Sep/2016:23:56:33 +0000] "GET http://50.117.86.106/?rands=_146883056102225940108720 HTTP/1.0" 200 197 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
::ffff:62.210.162.182 - - [23/Sep/2016:00:04:23 +0000] "GET/HTTP/1.1" 200 197 "-" "Ruby"
::ffff:62.210.162.182 - - [23/Sep/2016:00:04:29 +0000] "GET/HTTP/1.1" 200 197 "-" "Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
::ffff:62.210.162.182 - - [23/Sep/2016:00:04:30 +0000] "GET /HNAP1/ HTTP/1.1" 404 975 "-" "Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
“的底部/ HNAP1 /”失败,一个404,这是我所期望 但这些日志行。所有获得200:
::ffff:61.157.96.111 - - [22/Sep/2016:23:49:10 +0000] "GET http://www.baidu.com/?rnd=3342104796019809757566816 HTTP/1.0" 200 197 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2;Windows NT 5.1;Windows NT 5.3; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
::ffff:61.157.96.111 - - [22/Sep/2016:23:49:10 +0000] "GET http://50.117.47.67:43530/?rnd=2031422537804277052916912 HTTP/1.0" 200 197 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2;Windows NT 5.1;Windows NT 5.3; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
::ffff:61.157.96.111 - - [22/Sep/2016:23:49:11 +0000] "GET http://123.249.29.201:/?rnd=173003480482578803940608 HTTP/1.0" 200 197 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2;Windows NT 5.1;Windows NT 5.3; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
::ffff:61.157.96.112 - - [22/Sep/2016:23:56:31 +0000] "GET http://123.249.29.201:/?rands=_518421966013600083518500 HTTP/1.0" 200 197 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
::ffff:61.157.96.112 - - [22/Sep/2016:23:56:31 +0000] "GET http://www.baidu.com/?rands=_14790662340951392923112 HTTP/1.0" 200 197 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
::ffff:61.157.96.112 - - [22/Sep/2016:23:56:32 +0000] "GET http://50.117.47.15:28712/?rands=_71269649426275522095128 HTTP/1.0" 200 197 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
::ffff:61.157.96.112 - - [22/Sep/2016:23:56:33 +0000] "GET http://50.117.86.106/?rands=_146883056102225940108720 HTTP/1.0" 200 197 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
这里是我的app.js:
var express = require('express');
var path = require('path');
var favicon = require('serve-favicon');
var logger = require('morgan');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var routes = require('./routes/index');
var app = express();
// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'jade');
// uncomment after placing your favicon in /public
app.use(favicon(path.join(__dirname, 'public', 'favicon.ico')));
app.use(logger('combined'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));
app.use('/', routes);
// catch 404 and forward to error handler
app.use(function(req, res, next) {
var err = new Error('Not Found');
err.status = 404;
next(err);
});
// error handlers
// development error handler
// will print stacktrace
if (app.get('env') === 'development') {
app.use(function(err, req, res, next) {
res.status(err.status || 500);
res.render('error', {
message: err.message,
error: err
});
});
}
// production error handler
// no stacktraces leaked to user
app.use(function(err, req, res, next) {
res.status(err.status || 500);
res.render('error', {
message: err.message,
error: {}
});
});
module.exports = app;
这里是我的路线/ index.js
var express = require('express');
var router = express.Router();
/* GET home page. */
router.get('/', function(req, res, next) {
res.render('index', { title: 'My Test Node App' });
});
module.exports = router;
这里是斌/ WWW脚本
#!/usr/bin/env node
/**
* Module dependencies.
*/
var app = require('../app');
var debug = require('debug')('newnode:server');
var http = require('http');
/**
* Get port from environment and store in Express.
*/
var port = normalizePort(process.env.PORT || '3000');
console.log("PORT: ", port);
app.set('port', port);
/**
* Create HTTP server.
*/
var server = http.createServer(app);
/**
* Listen on provided port, on all network interfaces.
*/
server.listen(port);
server.on('error', onError);
server.on('listening', onListening);
/**
* Normalize a port into a number, string, or false.
*/
function normalizePort(val) {
var port = parseInt(val, 10);
if (isNaN(port)) {
// named pipe
return val;
}
if (port >= 0) {
// port number
return port;
}
return false;
}
/**
* Event listener for HTTP server "error" event.
*/
function onError(error) {
if (error.syscall !== 'listen') {
throw error;
}
var bind = typeof port === 'string'
? 'Pipe ' + port
: 'Port ' + port;
// handle specific listen errors with friendly messages
switch (error.code) {
case 'EACCES':
console.error(bind + ' requires elevated privileges');
process.exit(1);
break;
case 'EADDRINUSE':
console.error(bind + ' is already in use');
process.exit(1);
break;
default:
throw error;
}
}
/**
* Event listener for HTTP server "listening" event.
*/
function onListening() {
var addr = server.address();
var bind = typeof addr === 'string'
? 'pipe ' + addr
: 'port ' + addr.port;
console.log('Listening on ' + bind);
}
这个环境做 '表达newnode' 之后。
我希望这可以解释不够好。
我的问题又是为什么那些“http://www.baidu.com ...”记录最终得到一个200而不是404吗?
答
这不是一个“不可能的URL”。它完全有效,但完整的URL(例如http://example.org/foo)而不是路径(/foo)通常用于HTTP代理,其中完整的URL是客户端希望通过代理服务器访问的站点。
编辑:在审查了最近发布的服务器端路由代码后,路由设置没有错误。相反,它似乎有一个Express中的错误it only inspects the path portion of a request url(忽略任何其他解析的部分)。我提交了一个问题here。
所以在您的特定情况下,那些要求一个完整的URL(即有没有路径)的客户目前正在接受来自您的/路由处理的响应。其他完整网址(例如http://www.baidu.com/cache/global/img/gs.gif)不匹配,因为您没有./public/cache/global/img/gs.gif,也没有明确的路由处理程序/cache/global/img/gs.gif)。对于那些在服务器端日志中正确看到404的人。
编辑2:令人惊讶的,这是没有考虑由快递维护一个bug,所以你将不得不在每个路由执行的检查req.originalUrl和/或类似性质或包括通用中间件处理程序(之前任何其他请求处理程序(可能是日志记录中间件除外),如果您关心拒绝这些完整的URL请求,它将检查这些完整的URL并正确处理它们。
这里有一个例子中间件,你会增加第一到您的中间件/路由处理器堆栈:
app.use(function(req, res, next) {
if (req.originalUrl.charCodeAt(0) !== 47/*'/'*/)
return res.sendStatus(400);
next();
});
这里不通过电子邮件发送答案。这个网站是在这里的问题和答案。如果您不想回到网站寻找答案,那么您将需要找到一个不同的网站来使用。 – jfriend00
为什么Stackoverflow在问题已回答时不能发送电子邮件?许多其他网站都这样做。 – bartonlp
@ user1807480它可以;请转到[您的用户首选项](http://stackoverflow.com/users/preferences/1807480)并选中“通过电子邮件将我的未读收件箱邮件发送给我。” – NobodyNada