0

我有一个在 tomcat6 上运行的 webApplication(Java+Struts2+...)。我不知道日志显示这种异常的问题是什么:

WARNING: Could not find action or result
There is no Action mapped for action name ><script src=. - [unknown location]

OR

There is no Action mapped for action name li><li><a href='. - [unknown location]

OR

There is no Action mapped for action name dth: 342,maxHeight: 400}). - [unknown location]

and more and more...!!!!

这是异常堆栈跟踪的示例:

May 18, 2012 12:28:48 AM com.opensymphony.xwork2.util.logging.commons.CommonsLogger warn
WARNING: Could not find action or result
There is no Action mapped for action name ><script src=. - [unknown location]
    at com.opensymphony.xwork2.DefaultActionProxy.prepare(DefaultActionProxy.java:178)
    at org.apache.struts2.impl.StrutsActionProxy.prepare(StrutsActionProxy.java:61)
    at org.apache.struts2.impl.StrutsActionProxyFactory.createActionProxy(StrutsActionProxyFactory.java:39)
    at com.opensymphony.xwork2.DefaultActionProxyFactory.createActionProxy(DefaultActionProxyFactory.java:47)
    at org.apache.struts2.dispatcher.Dispatcher.serviceAction(Dispatcher.java:478)
    at org.apache.struts2.dispatcher.FilterDispatcher.doFilter(FilterDispatcher.java:395)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:857)
    at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588)
    at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
    at java.lang.Thread.run(Thread.java:636)

你觉得问题出在哪里?!或者我怎样才能找到更多关于这个的信息?!谢谢小伙伴。

4

2 回答 2

1

看起来像是试图在您的应用程序中查找 XSS 漏洞。如果是这样,请注意有人试图攻击您的应用程序。

于 2012-05-21T11:31:14.633 回答
0

看起来您可能输入了脚本 src=。在需要表单操作或 ajax url(即操作名称)的地方,显然不会有名为 script src= 的操作。在您的 struts.xml 文件中。

于 2012-05-21T19:03:55.923 回答