{"id":59146,"date":"2026-01-13T12:40:54","date_gmt":"2026-01-13T04:40:54","guid":{"rendered":"https:\/\/www.wsisp.com\/helps\/59146.html"},"modified":"2026-01-13T12:40:54","modified_gmt":"2026-01-13T04:40:54","slug":"http-%e7%8a%b6%e6%80%81%e7%a0%81%ef%bc%9a%e5%ae%a2%e6%88%b7%e7%ab%af%e4%b8%8e%e6%9c%8d%e5%8a%a1%e5%99%a8%e7%9a%84%e9%80%9a%e4%bf%a1%e8%af%ad%e8%a8%80-%e7%ac%ac%e5%9b%9b%e9%83%a8","status":"publish","type":"post","link":"https:\/\/www.wsisp.com\/helps\/59146.html","title":{"rendered":"HTTP \u72b6\u6001\u7801\uff1a\u5ba2\u6237\u7aef\u4e0e\u670d\u52a1\u5668\u7684\u901a\u4fe1\u8bed\u8a00\u2014\u2014\u7b2c\u56db\u90e8\u5206\uff1a\u5ba2\u6237\u7aef\u9519\u8bef\u72b6\u6001\u7801\uff084xx\uff09\u6df1\u5ea6\u89e3\u8bfb\uff08\u4e00\uff09"},"content":{"rendered":"<h3>\u7b2c16\u7ae0&#xff1a;400 Bad Request &#8211; \u9519\u8bef\u8bf7\u6c42\u6df1\u5ea6\u5206\u6790<\/h3>\n<h4>16.1 \u5b9a\u4e49\u4e0e\u8bed\u4e49<\/h4>\n<p>400 Bad Request\u8868\u793a\u670d\u52a1\u5668\u7531\u4e8e\u88ab\u8ba4\u4e3a\u662f\u5ba2\u6237\u7aef\u9519\u8bef&#xff08;\u4f8b\u5982&#xff0c;\u8bf7\u6c42\u8bed\u6cd5\u9519\u8bef\u3001\u65e0\u6548\u7684\u8bf7\u6c42\u6d88\u606f\u5e27\u6216\u6b3a\u9a97\u6027\u8bf7\u6c42\u8def\u7531&#xff09;\u800c\u65e0\u6cd5\u6216\u4e0d\u4f1a\u5904\u7406\u8bf7\u6c42\u3002<\/p>\n<p>\u5173\u952e\u7279\u6027&#xff1a;<\/p>\n<ul>\n<li>\n<p>\u901a\u7528\u578b\u5ba2\u6237\u7aef\u9519\u8bef\u72b6\u6001\u7801<\/p>\n<\/li>\n<li>\n<p>\u4e0d\u533a\u5206\u5177\u4f53\u9519\u8bef\u7c7b\u578b\u65f6\u7684\u9ed8\u8ba4\u9009\u62e9<\/p>\n<\/li>\n<li>\n<p>\u901a\u5e38\u610f\u5473\u7740\u8bf7\u6c42\u672c\u8eab\u5b58\u5728\u95ee\u9898<\/p>\n<\/li>\n<\/ul>\n<h4>16.2 \u5e38\u89c1\u89e6\u53d1\u573a\u666f<\/h4>\n<h5>16.2.1 \u8bed\u6cd5\u4e0e\u683c\u5f0f\u9519\u8bef<\/h5>\n<p>http<\/p>\n<p># \u793a\u4f8b1&#xff1a;\u65e0\u6548\u7684HTTP\u534f\u8bae\u683c\u5f0f<br \/>\nGET \/api\/users HTTP\/1.1<br \/>\nHost: example.com<br \/>\n# \u7f3a\u5c11\u5fc5\u8981\u7684\u7a7a\u884c\u5206\u9694\u5934\u90e8\u548c\u4e3b\u4f53<\/p>\n<p># \u793a\u4f8b2&#xff1a;JSON\u683c\u5f0f\u9519\u8bef<br \/>\nPOST \/api\/users HTTP\/1.1<br \/>\nContent-Type: application\/json<\/p>\n<p>{<br \/>\n  &#034;name&#034;: &#034;John&#034;,<br \/>\n  &#034;age&#034;: 30,<br \/>\n  &#034;email&#034;: &#034;john&#064;example.com&#034;<br \/>\n  # \u6ce8\u610f&#xff1a;\u672b\u5c3e\u7f3a\u5c11\u95ed\u5408\u7684\u5927\u62ec\u53f7<br \/>\n}<\/p>\n<h5>16.2.2 \u6570\u636e\u9a8c\u8bc1\u5931\u8d25<\/h5>\n<p>json<\/p>\n<p>\/\/ \u8bf7\u6c42\u4f53\u6570\u636e\u4e0d\u7b26\u5408\u6a21\u5f0f\u8981\u6c42<br \/>\n{<br \/>\n  &#034;username&#034;: &#034;ab&#034;,        \/\/ \u957f\u5ea6\u4e0d\u8db33\u5b57\u7b26<br \/>\n  &#034;email&#034;: &#034;invalid-email&#034;, \/\/ \u90ae\u7bb1\u683c\u5f0f\u9519\u8bef<br \/>\n  &#034;age&#034;: -5                \/\/ \u5e74\u9f84\u4e3a\u8d1f\u6570<br \/>\n}<\/p>\n<h5>16.2.3 \u5fc5\u9700\u53c2\u6570\u7f3a\u5931<\/h5>\n<p>http<\/p>\n<p># \u5fc5\u9700\u67e5\u8be2\u53c2\u6570\u672a\u63d0\u4f9b<br \/>\nGET \/api\/search?query&#061; HTTP\/1.1  # query\u53c2\u6570\u4e3a\u7a7a<\/p>\n<p>POST \/api\/register HTTP\/1.1<br \/>\nContent-Type: application\/json<\/p>\n<p>{<br \/>\n  &#034;username&#034;: &#034;john&#034;,<br \/>\n  &#034;email&#034;: &#034;john&#064;example.com&#034;<br \/>\n  # \u7f3a\u5931\u5fc5\u9700\u7684password\u5b57\u6bb5<br \/>\n}<\/p>\n<h4>16.3 \u8be6\u7ec6\u5b9e\u73b0\u4e0e\u6700\u4f73\u5b9e\u8df5<\/h4>\n<h5>16.3.1 \u9519\u8bef\u54cd\u5e94\u7ed3\u6784\u8bbe\u8ba1<\/h5>\n<p>json<\/p>\n<p>{<br \/>\n  &#034;error&#034;: {<br \/>\n    &#034;code&#034;: &#034;VALIDATION_ERROR&#034;,<br \/>\n    &#034;message&#034;: &#034;\u8bf7\u6c42\u6570\u636e\u9a8c\u8bc1\u5931\u8d25&#034;,<br \/>\n    &#034;details&#034;: [<br \/>\n      {<br \/>\n        &#034;field&#034;: &#034;email&#034;,<br \/>\n        &#034;error&#034;: &#034;INVALID_FORMAT&#034;,<br \/>\n        &#034;message&#034;: &#034;\u90ae\u7bb1\u5730\u5740\u683c\u5f0f\u4e0d\u6b63\u786e&#034;<br \/>\n      },<br \/>\n      {<br \/>\n        &#034;field&#034;: &#034;password&#034;,<br \/>\n        &#034;error&#034;: &#034;LENGTH_TOO_SHORT&#034;,<br \/>\n        &#034;message&#034;: &#034;\u5bc6\u7801\u957f\u5ea6\u81f3\u5c11\u4e3a8\u4e2a\u5b57\u7b26&#034;,<br \/>\n        &#034;constraint&#034;: {<br \/>\n          &#034;min&#034;: 8,<br \/>\n          &#034;actual&#034;: 5<br \/>\n        }<br \/>\n      }<br \/>\n    ],<br \/>\n    &#034;timestamp&#034;: &#034;2024-01-15T10:30:00Z&#034;,<br \/>\n    &#034;request_id&#034;: &#034;req_1234567890abcdef&#034;<br \/>\n  }<br \/>\n}<\/p>\n<h5>16.3.2 \u670d\u52a1\u5668\u7aef\u9a8c\u8bc1\u903b\u8f91\u5b9e\u73b0<\/h5>\n<p>python<\/p>\n<p># Python\u793a\u4f8b&#xff1a;\u8bf7\u6c42\u9a8c\u8bc1\u4e2d\u95f4\u4ef6<br \/>\nfrom typing import Dict, List, Optional<br \/>\nfrom pydantic import BaseModel, ValidationError, validator<br \/>\nimport json<\/p>\n<p>class ValidationResult:<br \/>\n    def __init__(self):<br \/>\n        self.is_valid &#061; True<br \/>\n        self.errors &#061; []<\/p>\n<p>    def add_error(self, field: str, code: str, message: str):<br \/>\n        self.is_valid &#061; False<br \/>\n        self.errors.append({<br \/>\n            &#034;field&#034;: field,<br \/>\n            &#034;code&#034;: code,<br \/>\n            &#034;message&#034;: message<br \/>\n        })<\/p>\n<p>class RequestValidator:<br \/>\n    &#064;staticmethod<br \/>\n    def validate_json_syntax(body: str) -&gt; ValidationResult:<br \/>\n        result &#061; ValidationResult()<br \/>\n        try:<br \/>\n            json.loads(body)<br \/>\n        except json.JSONDecodeError as e:<br \/>\n            result.add_error(<br \/>\n                field&#061;&#034;$body&#034;,<br \/>\n                code&#061;&#034;INVALID_JSON&#034;,<br \/>\n                message&#061;f&#034;JSON\u8bed\u6cd5\u9519\u8bef: {str(e)}&#034;<br \/>\n            )<br \/>\n        return result<\/p>\n<p>    &#064;staticmethod<br \/>\n    def validate_content_type(headers: Dict) -&gt; ValidationResult:<br \/>\n        result &#061; ValidationResult()<br \/>\n        content_type &#061; headers.get(&#034;Content-Type&#034;, &#034;&#034;)<\/p>\n<p>        if not content_type:<br \/>\n            result.add_error(<br \/>\n                field&#061;&#034;Content-Type&#034;,<br \/>\n                code&#061;&#034;MISSING_HEADER&#034;,<br \/>\n                message&#061;&#034;Content-Type\u5934\u5fc5\u987b\u63d0\u4f9b&#034;<br \/>\n            )<br \/>\n        elif &#034;application\/json&#034; not in content_type:<br \/>\n            result.add_error(<br \/>\n                field&#061;&#034;Content-Type&#034;,<br \/>\n                code&#061;&#034;UNSUPPORTED_MEDIA_TYPE&#034;,<br \/>\n                message&#061;&#034;\u4ec5\u652f\u6301application\/json\u683c\u5f0f&#034;<br \/>\n            )<br \/>\n        return result<\/p>\n<p># \u4f7f\u7528Pydantic\u8fdb\u884c\u6570\u636e\u9a8c\u8bc1<br \/>\nclass UserCreateRequest(BaseModel):<br \/>\n    username: str<br \/>\n    email: str<br \/>\n    password: str<\/p>\n<p>    &#064;validator(&#039;username&#039;)<br \/>\n    def validate_username(cls, v):<br \/>\n        if len(v) &lt; 3:<br \/>\n            raise ValueError(&#039;\u7528\u6237\u540d\u81f3\u5c113\u4e2a\u5b57\u7b26&#039;)<br \/>\n        if not v.isalnum():<br \/>\n            raise ValueError(&#039;\u7528\u6237\u540d\u53ea\u80fd\u5305\u542b\u5b57\u6bcd\u548c\u6570\u5b57&#039;)<br \/>\n        return v<\/p>\n<p>    &#064;validator(&#039;email&#039;)<br \/>\n    def validate_email(cls, v):<br \/>\n        # \u7b80\u5316\u7684\u90ae\u7bb1\u9a8c\u8bc1<br \/>\n        if &#039;&#064;&#039; not in v or &#039;.&#039; not in v.split(&#039;&#064;&#039;)[-1]:<br \/>\n            raise ValueError(&#039;\u65e0\u6548\u7684\u90ae\u7bb1\u5730\u5740&#039;)<br \/>\n        return v<\/p>\n<p>    &#064;validator(&#039;password&#039;)<br \/>\n    def validate_password(cls, v):<br \/>\n        if len(v) &lt; 8:<br \/>\n            raise ValueError(&#039;\u5bc6\u7801\u81f3\u5c118\u4e2a\u5b57\u7b26&#039;)<br \/>\n        return v<\/p>\n<h5>16.3.3 \u5168\u5c40\u5f02\u5e38\u5904\u7406<\/h5>\n<p>javascript<\/p>\n<p>\/\/ Node.js\/Express\u793a\u4f8b&#xff1a;\u5168\u5c40400\u9519\u8bef\u5904\u7406<br \/>\napp.use((err, req, res, next) &#061;&gt; {<br \/>\n  if (err instanceof SyntaxError &amp;&amp; err.status &#061;&#061;&#061; 400 &amp;&amp; &#039;body&#039; in err) {<br \/>\n    \/\/ JSON\u89e3\u6790\u9519\u8bef<br \/>\n    return res.status(400).json({<br \/>\n      error: {<br \/>\n        code: &#039;INVALID_JSON&#039;,<br \/>\n        message: &#039;\u8bf7\u6c42\u4f53\u5305\u542b\u65e0\u6548\u7684JSON&#039;,<br \/>\n        details: {<br \/>\n          position: err.message.match(\/at position (\\\\d&#043;)\/)?.[1],<br \/>\n          suggestion: &#039;\u8bf7\u68c0\u67e5JSON\u683c\u5f0f\u662f\u5426\u6b63\u786e&#039;<br \/>\n        }<br \/>\n      }<br \/>\n    });<br \/>\n  }<\/p>\n<p>  if (err instanceof ValidationError) {<br \/>\n    \/\/ Joi\u6216\u7c7b\u4f3c\u9a8c\u8bc1\u5e93\u7684\u9519\u8bef<br \/>\n    return res.status(400).json({<br \/>\n      error: {<br \/>\n        code: &#039;VALIDATION_FAILED&#039;,<br \/>\n        message: &#039;\u8bf7\u6c42\u6570\u636e\u9a8c\u8bc1\u5931\u8d25&#039;,<br \/>\n        details: err.details.map(detail &#061;&gt; ({<br \/>\n          field: detail.path.join(&#039;.&#039;),<br \/>\n          type: detail.type,<br \/>\n          message: detail.message<br \/>\n        }))<br \/>\n      }<br \/>\n    });<br \/>\n  }<\/p>\n<p>  \/\/ \u5176\u4ed6400\u9519\u8bef<br \/>\n  if (err.status &#061;&#061;&#061; 400) {<br \/>\n    return res.status(400).json({<br \/>\n      error: {<br \/>\n        code: err.code || &#039;BAD_REQUEST&#039;,<br \/>\n        message: err.message || &#039;\u8bf7\u6c42\u683c\u5f0f\u4e0d\u6b63\u786e&#039;,<br \/>\n        details: err.details<br \/>\n      }<br \/>\n    });<br \/>\n  }<\/p>\n<p>  next(err);<br \/>\n});<\/p>\n<h4>16.4 \u5ba2\u6237\u7aef\u5904\u7406\u7b56\u7565<\/h4>\n<h5>16.4.1 \u81ea\u52a8\u91cd\u8bd5\u7b56\u7565<\/h5>\n<p>javascript<\/p>\n<p>\/\/ \u5ba2\u6237\u7aef&#xff1a;\u667a\u80fd\u91cd\u8bd5\u903b\u8f91<br \/>\nclass RequestHandler {<br \/>\n  constructor(maxRetries &#061; 3) {<br \/>\n    this.maxRetries &#061; maxRetries;<br \/>\n  }<\/p>\n<p>  async sendRequest(requestFn, data) {<br \/>\n    let lastError;<\/p>\n<p>    for (let attempt &#061; 1; attempt &lt;&#061; this.maxRetries; attempt&#043;&#043;) {<br \/>\n      try {<br \/>\n        return await requestFn(data);<br \/>\n      } catch (error) {<br \/>\n        lastError &#061; error;<\/p>\n<p>        if (error.response?.status &#061;&#061;&#061; 400) {<br \/>\n          \/\/ \u5206\u6790\u9519\u8bef\u7c7b\u578b<br \/>\n          const errorData &#061; error.response.data;<\/p>\n<p>          \/\/ \u5982\u679c\u662f\u53ef\u4fee\u590d\u7684\u9519\u8bef&#xff0c;\u5c1d\u8bd5\u4fee\u590d\u540e\u91cd\u8bd5<br \/>\n          if (this.isFixableError(errorData)) {<br \/>\n            data &#061; this.fixRequestData(data, errorData);<br \/>\n            continue;<br \/>\n          }<\/p>\n<p>          \/\/ \u5982\u679c\u662f\u5ba2\u6237\u7aef\u4ee3\u7801\u95ee\u9898&#xff0c;\u4e0d\u91cd\u8bd5<br \/>\n          if (this.isClientBug(errorData)) {<br \/>\n            throw new Error(&#039;\u5ba2\u6237\u7aef\u4ee3\u7801\u9700\u8981\u4fee\u590d: &#039; &#043;<br \/>\n              JSON.stringify(errorData));<br \/>\n          }<br \/>\n        }<\/p>\n<p>        \/\/ \u5176\u4ed6\u9519\u8bef&#xff0c;\u6839\u636e\u9000\u907f\u7b56\u7565\u7b49\u5f85\u540e\u91cd\u8bd5<br \/>\n        if (attempt &lt; this.maxRetries) {<br \/>\n          await this.delay(this.calculateBackoff(attempt));<br \/>\n        }<br \/>\n      }<br \/>\n    }<\/p>\n<p>    throw lastError;<br \/>\n  }<\/p>\n<p>  isFixableError(errorData) {<br \/>\n    \/\/ \u68c0\u67e5\u9519\u8bef\u662f\u5426\u53ef\u4ee5\u901a\u8fc7\u5ba2\u6237\u7aef\u4fee\u590d<br \/>\n    const fixableCodes &#061; [<br \/>\n      &#039;MISSING_FIELD&#039;,<br \/>\n      &#039;INVALID_FORMAT&#039;,<br \/>\n      &#039;VALUE_TOO_SHORT&#039;<br \/>\n    ];<\/p>\n<p>    return errorData.details?.some(detail &#061;&gt;<br \/>\n      fixableCodes.includes(detail.code)<br \/>\n    );<br \/>\n  }<\/p>\n<p>  fixRequestData(data, errorData) {<br \/>\n    \/\/ \u6839\u636e\u9519\u8bef\u8be6\u60c5\u4fee\u590d\u6570\u636e<br \/>\n    const fixedData &#061; { &#8230;data };<\/p>\n<p>    errorData.details?.forEach(detail &#061;&gt; {<br \/>\n      if (detail.code &#061;&#061;&#061; &#039;MISSING_FIELD&#039;) {<br \/>\n        \/\/ \u6dfb\u52a0\u7f3a\u5931\u7684\u5b57\u6bb5&#xff08;\u5982\u679c\u77e5\u9053\u9ed8\u8ba4\u503c&#xff09;<br \/>\n        if (detail.field &#061;&#061;&#061; &#039;timezone&#039;) {<br \/>\n          fixedData.timezone &#061; &#039;UTC&#039;;<br \/>\n        }<br \/>\n      }<br \/>\n    });<\/p>\n<p>    return fixedData;<br \/>\n  }<\/p>\n<p>  calculateBackoff(attempt) {<br \/>\n    \/\/ \u6307\u6570\u9000\u907f<br \/>\n    return Math.min(1000 * Math.pow(2, attempt), 10000);<br \/>\n  }<\/p>\n<p>  delay(ms) {<br \/>\n    return new Promise(resolve &#061;&gt; setTimeout(resolve, ms));<br \/>\n  }<br \/>\n}<\/p>\n<h5>16.4.2 \u7528\u6237\u754c\u9762\u53cd\u9988<\/h5>\n<p>jsx<\/p>\n<p>\/\/ React\u7ec4\u4ef6&#xff1a;\u7528\u6237\u53cb\u597d\u7684\u9519\u8bef\u5c55\u793a<br \/>\nfunction BadRequestDisplay({ error }) {<br \/>\n  const [expanded, setExpanded] &#061; useState(false);<\/p>\n<p>  const groupErrors &#061; (details) &#061;&gt; {<br \/>\n    const groups &#061; {<br \/>\n      required: [],<br \/>\n      format: [],<br \/>\n      validation: [],<br \/>\n      other: []<br \/>\n    };<\/p>\n<p>    details?.forEach(detail &#061;&gt; {<br \/>\n      if (detail.code.includes(&#039;MISSING&#039;) || detail.code.includes(&#039;REQUIRED&#039;)) {<br \/>\n        groups.required.push(detail);<br \/>\n      } else if (detail.code.includes(&#039;FORMAT&#039;) || detail.code.includes(&#039;INVALID&#039;)) {<br \/>\n        groups.format.push(detail);<br \/>\n      } else if (detail.code.includes(&#039;VALIDATION&#039;)) {<br \/>\n        groups.validation.push(detail);<br \/>\n      } else {<br \/>\n        groups.other.push(detail);<br \/>\n      }<br \/>\n    });<\/p>\n<p>    return groups;<br \/>\n  };<\/p>\n<p>  const renderFieldError &#061; (detail) &#061;&gt; (<br \/>\n    &lt;div key&#061;{&#096;${detail.field}-${detail.code}&#096;} className&#061;&#034;field-error&#034;&gt;<br \/>\n      &lt;strong&gt;{detail.field}:&lt;\/strong&gt;<br \/>\n      &lt;span&gt;{detail.message}&lt;\/span&gt;<br \/>\n      {detail.suggestion &amp;&amp; (<br \/>\n        &lt;div className&#061;&#034;suggestion&#034;&gt;<br \/>\n          &#x1f4a1; \u5efa\u8bae: {detail.suggestion}<br \/>\n        &lt;\/div&gt;<br \/>\n      )}<br \/>\n    &lt;\/div&gt;<br \/>\n  );<\/p>\n<p>  const errorGroups &#061; groupErrors(error.details);<\/p>\n<p>  return (<br \/>\n    &lt;div className&#061;&#034;error-container bad-request&#034;&gt;<br \/>\n      &lt;div className&#061;&#034;error-header&#034;&gt;<br \/>\n        &lt;AlertTriangle size&#061;{24} \/&gt;<br \/>\n        &lt;h3&gt;{error.message}&lt;\/h3&gt;<br \/>\n        &lt;button<br \/>\n          onClick&#061;{() &#061;&gt; setExpanded(!expanded)}<br \/>\n          className&#061;&#034;toggle-details&#034;<br \/>\n        &gt;<br \/>\n          {expanded ? &#039;\u9690\u85cf\u8be6\u60c5&#039; : &#039;\u663e\u793a\u8be6\u60c5&#039;}<br \/>\n        &lt;\/button&gt;<br \/>\n      &lt;\/div&gt;<\/p>\n<p>      {expanded &amp;&amp; (<br \/>\n        &lt;div className&#061;&#034;error-details&#034;&gt;<br \/>\n          {errorGroups.required.length &gt; 0 &amp;&amp; (<br \/>\n            &lt;div className&#061;&#034;error-group&#034;&gt;<br \/>\n              &lt;h4&gt;\u274c \u7f3a\u5931\u5fc5\u8981\u4fe1\u606f&lt;\/h4&gt;<br \/>\n              {errorGroups.required.map(renderFieldError)}<br \/>\n            &lt;\/div&gt;<br \/>\n          )}<\/p>\n<p>          {errorGroups.format.length &gt; 0 &amp;&amp; (<br \/>\n            &lt;div className&#061;&#034;error-group&#034;&gt;<br \/>\n              &lt;h4&gt;&#x1f4dd; \u683c\u5f0f\u95ee\u9898&lt;\/h4&gt;<br \/>\n              {errorGroups.format.map(renderFieldError)}<br \/>\n            &lt;\/div&gt;<br \/>\n          )}<\/p>\n<p>          {errorGroups.validation.length &gt; 0 &amp;&amp; (<br \/>\n            &lt;div className&#061;&#034;error-group&#034;&gt;<br \/>\n              &lt;h4&gt;\u26a1 \u9a8c\u8bc1\u9519\u8bef&lt;\/h4&gt;<br \/>\n              {errorGroups.validation.map(renderFieldError)}<br \/>\n            &lt;\/div&gt;<br \/>\n          )}<\/p>\n<p>          {error.code &amp;&amp; (<br \/>\n            &lt;div className&#061;&#034;technical-info&#034;&gt;<br \/>\n              &lt;small&gt;\u9519\u8bef\u4ee3\u7801: {error.code}&lt;\/small&gt;<br \/>\n              {error.request_id &amp;&amp; (<br \/>\n                &lt;small&gt;\u8bf7\u6c42ID: {error.request_id}&lt;\/small&gt;<br \/>\n              )}<br \/>\n            &lt;\/div&gt;<br \/>\n          )}<br \/>\n        &lt;\/div&gt;<br \/>\n      )}<\/p>\n<p>      &lt;div className&#061;&#034;error-actions&#034;&gt;<br \/>\n        &lt;button onClick&#061;{() &#061;&gt; window.location.reload()}&gt;<br \/>\n          \u5237\u65b0\u9875\u9762<br \/>\n        &lt;\/button&gt;<br \/>\n        &lt;button onClick&#061;{() &#061;&gt; window.history.back()}&gt;<br \/>\n          \u8fd4\u56de\u4e0a\u4e00\u9875<br \/>\n        &lt;\/button&gt;<br \/>\n        &lt;button onClick&#061;{() &#061;&gt; {\/* \u663e\u793a\u5e2e\u52a9\u6587\u6863 *\/}}&gt;<br \/>\n          \u67e5\u770b\u5e2e\u52a9<br \/>\n        &lt;\/button&gt;<br \/>\n      &lt;\/div&gt;<br \/>\n    &lt;\/div&gt;<br \/>\n  );<br \/>\n}<\/p>\n<h4>16.5 \u76d1\u63a7\u4e0e\u8c03\u8bd5<\/h4>\n<h5>16.5.1 \u670d\u52a1\u5668\u7aef\u76d1\u63a7<\/h5>\n<p>python<\/p>\n<p># \u76d1\u63a7400\u9519\u8bef\u7684\u4e2d\u95f4\u4ef6<br \/>\nimport time<br \/>\nfrom collections import defaultdict<br \/>\nfrom typing import Dict, Any<br \/>\nimport logging<br \/>\nfrom dataclasses import dataclass, asdict<br \/>\nfrom datetime import datetime<\/p>\n<p>&#064;dataclass<br \/>\nclass BadRequestMetrics:<br \/>\n    endpoint: str<br \/>\n    error_count: int &#061; 0<br \/>\n    error_types: Dict[str, int] &#061; None<br \/>\n    user_agents: Dict[str, int] &#061; None<br \/>\n    last_occurrence: datetime &#061; None<\/p>\n<p>    def __post_init__(self):<br \/>\n        if self.error_types is None:<br \/>\n            self.error_types &#061; defaultdict(int)<br \/>\n        if self.user_agents is None:<br \/>\n            self.user_agents &#061; defaultdict(int)<\/p>\n<p>    def record_error(self, error_code: str, user_agent: str):<br \/>\n        self.error_count &#043;&#061; 1<br \/>\n        self.error_types[error_code] &#043;&#061; 1<br \/>\n        self.user_agents[user_agent] &#043;&#061; 1<br \/>\n        self.last_occurrence &#061; datetime.utcnow()<\/p>\n<p>class BadRequestMonitor:<br \/>\n    def __init__(self):<br \/>\n        self.metrics: Dict[str, BadRequestMetrics] &#061; {}<br \/>\n        self.logger &#061; logging.getLogger(&#039;bad_request_monitor&#039;)<\/p>\n<p>    def record(self, request, error_code: str):<br \/>\n        endpoint &#061; request.path<\/p>\n<p>        if endpoint not in self.metrics:<br \/>\n            self.metrics[endpoint] &#061; BadRequestMetrics(endpoint&#061;endpoint)<\/p>\n<p>        metrics &#061; self.metrics[endpoint]<br \/>\n        metrics.record_error(error_code, request.headers.get(&#039;User-Agent&#039;, &#039;unknown&#039;))<\/p>\n<p>        # \u8bb0\u5f55\u8be6\u7ec6\u65e5\u5fd7<br \/>\n        self.logger.warning({<br \/>\n            &#039;event&#039;: &#039;bad_request&#039;,<br \/>\n            &#039;endpoint&#039;: endpoint,<br \/>\n            &#039;error_code&#039;: error_code,<br \/>\n            &#039;method&#039;: request.method,<br \/>\n            &#039;user_agent&#039;: request.headers.get(&#039;User-Agent&#039;),<br \/>\n            &#039;referer&#039;: request.headers.get(&#039;Referer&#039;),<br \/>\n            &#039;ip&#039;: request.remote_addr,<br \/>\n            &#039;timestamp&#039;: datetime.utcnow().isoformat()<br \/>\n        })<\/p>\n<p>    def get_report(self) -&gt; Dict[str, Any]:<br \/>\n        report &#061; {<br \/>\n            &#039;total_errors&#039;: sum(m.error_count for m in self.metrics.values()),<br \/>\n            &#039;endpoints&#039;: {}<br \/>\n        }<\/p>\n<p>        for endpoint, metrics in self.metrics.items():<br \/>\n            report[&#039;endpoints&#039;][endpoint] &#061; {<br \/>\n                &#039;error_count&#039;: metrics.error_count,<br \/>\n                &#039;error_types&#039;: dict(metrics.error_types),<br \/>\n                &#039;top_user_agents&#039;: dict(<br \/>\n                    sorted(<br \/>\n                        metrics.user_agents.items(),<br \/>\n                        key&#061;lambda x: x[1],<br \/>\n                        reverse&#061;True<br \/>\n                    )[:5]<br \/>\n                ),<br \/>\n                &#039;last_occurrence&#039;: metrics.last_occurrence.isoformat()<br \/>\n                if metrics.last_occurrence else None<br \/>\n            }<\/p>\n<p>        return report<\/p>\n<p>    def reset_metrics(self):<br \/>\n        self.metrics.clear()<\/p>\n<p># Flask\u4e2d\u95f4\u4ef6\u793a\u4f8b<br \/>\nfrom flask import request, g<br \/>\nimport json<\/p>\n<p>bad_request_monitor &#061; BadRequestMonitor()<\/p>\n<p>&#064;app.before_request<br \/>\ndef start_request_timer():<br \/>\n    g.start_time &#061; time.time()<\/p>\n<p>&#064;app.after_request<br \/>\ndef monitor_bad_requests(response):<br \/>\n    if response.status_code &#061;&#061; 400:<br \/>\n        try:<br \/>\n            error_data &#061; json.loads(response.get_data(as_text&#061;True))<br \/>\n            error_code &#061; error_data.get(&#039;error&#039;, {}).get(&#039;code&#039;, &#039;UNKNOWN&#039;)<br \/>\n        except:<br \/>\n            error_code &#061; &#039;UNKNOWN&#039;<\/p>\n<p>        bad_request_monitor.record(request, error_code)<\/p>\n<p>    # \u8bb0\u5f55\u54cd\u5e94\u65f6\u95f4<br \/>\n    if hasattr(g, &#039;start_time&#039;):<br \/>\n        response_time &#061; (time.time() &#8211; g.start_time) * 1000<br \/>\n        response.headers[&#039;X-Response-Time&#039;] &#061; f&#039;{response_time:.2f}ms&#039;<\/p>\n<p>    return response<\/p>\n<h5>16.5.2 \u5ba2\u6237\u7aef\u8bca\u65ad\u5de5\u5177<\/h5>\n<p>javascript<\/p>\n<p>\/\/ \u6d4f\u89c8\u5668\u5f00\u53d1\u8005\u5de5\u5177\u6269\u5c55&#xff1a;\u8bf7\u6c42\u8bca\u65ad<br \/>\nclass RequestDiagnosticTool {<br \/>\n  constructor() {<br \/>\n    this.capturedRequests &#061; [];<br \/>\n    this.init();<br \/>\n  }<\/p>\n<p>  init() {<br \/>\n    \/\/ \u62e6\u622aXMLHttpRequest\u548cFetch\u8bf7\u6c42<br \/>\n    this.interceptXMLHttpRequest();<br \/>\n    this.interceptFetch();<\/p>\n<p>    \/\/ \u6dfb\u52a0UI\u5230\u5f00\u53d1\u8005\u5de5\u5177<br \/>\n    this.addToDevTools();<br \/>\n  }<\/p>\n<p>  interceptXMLHttpRequest() {<br \/>\n    const originalOpen &#061; XMLHttpRequest.prototype.open;<br \/>\n    const originalSend &#061; XMLHttpRequest.prototype.send;<\/p>\n<p>    XMLHttpRequest.prototype.open &#061; function(method, url) {<br \/>\n      this._diagnostic &#061; {<br \/>\n        method,<br \/>\n        url,<br \/>\n        startTime: Date.now(),<br \/>\n        headers: {}<br \/>\n      };<\/p>\n<p>      return originalOpen.apply(this, arguments);<br \/>\n    };<\/p>\n<p>    XMLHttpRequest.prototype.send &#061; function(body) {<br \/>\n      this._diagnostic.requestBody &#061; body;<br \/>\n      this._diagnostic.requestHeaders &#061; this.getAllResponseHeaders();<\/p>\n<p>      this.addEventListener(&#039;load&#039;, () &#061;&gt; {<br \/>\n        this._diagnostic.endTime &#061; Date.now();<br \/>\n        this._diagnostic.status &#061; this.status;<br \/>\n        this._diagnostic.response &#061; this.responseText;<\/p>\n<p>        if (this.status &#061;&#061;&#061; 400) {<br \/>\n          this.analyzeBadRequest(this._diagnostic);<br \/>\n        }<br \/>\n      });<\/p>\n<p>      return originalSend.apply(this, arguments);<br \/>\n    };<br \/>\n  }<\/p>\n<p>  analyzeBadRequest(request) {<br \/>\n    const analysis &#061; {<br \/>\n      url: request.url,<br \/>\n      method: request.method,<br \/>\n      duration: request.endTime &#8211; request.startTime,<br \/>\n      issues: []<br \/>\n    };<\/p>\n<p>    try {<br \/>\n      const response &#061; JSON.parse(request.response);<\/p>\n<p>      \/\/ \u5206\u6790\u5e38\u89c1\u95ee\u9898\u6a21\u5f0f<br \/>\n      if (response.error?.details) {<br \/>\n        response.error.details.forEach(detail &#061;&gt; {<br \/>\n          analysis.issues.push({<br \/>\n            type: &#039;VALIDATION_ERROR&#039;,<br \/>\n            field: detail.field,<br \/>\n            message: detail.message,<br \/>\n            suggestion: this.getSuggestion(detail)<br \/>\n          });<br \/>\n        });<br \/>\n      }<\/p>\n<p>      \/\/ \u68c0\u67e5\u8bf7\u6c42\u5934<br \/>\n      if (!request.headers[&#039;Content-Type&#039;]?.includes(&#039;application\/json&#039;)) {<br \/>\n        analysis.issues.push({<br \/>\n          type: &#039;HEADER_ISSUE&#039;,<br \/>\n          field: &#039;Content-Type&#039;,<br \/>\n          message: &#039;\u53ef\u80fd\u7f3a\u5c11\u6216\u9519\u8bef\u7684Content-Type\u5934&#039;,<br \/>\n          suggestion: &#039;\u6dfb\u52a0: Content-Type: application\/json&#039;<br \/>\n        });<br \/>\n      }<\/p>\n<p>      this.capturedRequests.push(analysis);<br \/>\n      this.displayAnalysis(analysis);<br \/>\n    } catch (e) {<br \/>\n      console.error(&#039;Failed to analyze bad request:&#039;, e);<br \/>\n    }<br \/>\n  }<\/p>\n<p>  getSuggestion(detail) {<br \/>\n    const suggestions &#061; {<br \/>\n      &#039;INVALID_JSON&#039;: &#039;\u68c0\u67e5JSON\u8bed\u6cd5&#xff0c;\u786e\u4fdd\u5f15\u53f7\u5339\u914d\u3001\u9017\u53f7\u6b63\u786e&#039;,<br \/>\n      &#039;MISSING_FIELD&#039;: &#039;\u68c0\u67e5\u8bf7\u6c42\u4f53\u662f\u5426\u5305\u542b\u6240\u6709\u5fc5\u9700\u5b57\u6bb5&#039;,<br \/>\n      &#039;INVALID_EMAIL&#039;: &#039;\u4f7f\u7528\u6709\u6548\u7684\u90ae\u7bb1\u683c\u5f0f: user&#064;example.com&#039;,<br \/>\n      &#039;VALUE_TOO_SHORT&#039;: &#039;\u589e\u52a0\u5b57\u6bb5\u503c\u7684\u957f\u5ea6&#039;,<br \/>\n      &#039;VALUE_TOO_LONG&#039;: &#039;\u51cf\u5c11\u5b57\u6bb5\u503c\u7684\u957f\u5ea6&#039;<br \/>\n    };<\/p>\n<p>    return suggestions[detail.code] ||<br \/>\n      &#096;\u68c0\u67e5${detail.field}\u5b57\u6bb5\u7684\u503c\u662f\u5426\u7b26\u5408\u8981\u6c42&#096;;<br \/>\n  }<\/p>\n<p>  displayAnalysis(analysis) {<br \/>\n    \/\/ \u5728\u5f00\u53d1\u8005\u5de5\u5177\u4e2d\u663e\u793a\u5206\u6790\u7ed3\u679c<br \/>\n    const panel &#061; document.createElement(&#039;div&#039;);<br \/>\n    panel.className &#061; &#039;request-diagnostic-panel&#039;;<\/p>\n<p>    panel.innerHTML &#061; &#096;<br \/>\n      &lt;h3&gt;&#x1f50d; 400\u9519\u8bef\u8bca\u65ad\u62a5\u544a&lt;\/h3&gt;<br \/>\n      &lt;div class&#061;&#034;request-info&#034;&gt;<br \/>\n        &lt;strong&gt;${analysis.method}&lt;\/strong&gt; ${analysis.url}&lt;br&gt;<br \/>\n        &lt;small&gt;\u8017\u65f6: ${analysis.duration}ms&lt;\/small&gt;<br \/>\n      &lt;\/div&gt;<br \/>\n      &lt;div class&#061;&#034;issues&#034;&gt;<br \/>\n        ${analysis.issues.map(issue &#061;&gt; &#096;<br \/>\n          &lt;div class&#061;&#034;issue ${issue.type.toLowerCase()}&#034;&gt;<br \/>\n            &lt;span class&#061;&#034;issue-type&#034;&gt;${issue.type}&lt;\/span&gt;<br \/>\n            &lt;strong&gt;${issue.field}:&lt;\/strong&gt; ${issue.message}<br \/>\n            &lt;div class&#061;&#034;suggestion&#034;&gt;&#x1f4a1; ${issue.suggestion}&lt;\/div&gt;<br \/>\n          &lt;\/div&gt;<br \/>\n        &#096;).join(&#039;&#039;)}<br \/>\n      &lt;\/div&gt;<br \/>\n    &#096;;<\/p>\n<p>    \/\/ \u6dfb\u52a0\u5230\u9875\u9762&#xff08;\u5b9e\u9645\u5f00\u53d1\u4e2d\u5e94\u6dfb\u52a0\u5230\u5f00\u53d1\u8005\u5de5\u5177\u9762\u677f&#xff09;<br \/>\n    document.body.appendChild(panel);<br \/>\n  }<br \/>\n}<\/p>\n<h4>16.6 \u5b89\u5168\u8003\u8651<\/h4>\n<h5>16.6.1 \u9632\u6b62\u4fe1\u606f\u6cc4\u9732<\/h5>\n<p>python<\/p>\n<p># \u5b89\u5168\u914d\u7f6e&#xff1a;\u9519\u8bef\u4fe1\u606f\u6cc4\u9732\u9632\u62a4<br \/>\nclass SecureErrorHandler:<br \/>\n    def __init__(self, debug_mode&#061;False):<br \/>\n        self.debug_mode &#061; debug_mode<br \/>\n        self.sensitive_patterns &#061; [<br \/>\n            r&#039;password&#039;,<br \/>\n            r&#039;secret&#039;,<br \/>\n            r&#039;key&#039;,<br \/>\n            r&#039;token&#039;,<br \/>\n            r&#039;credit.*card&#039;,<br \/>\n            r&#039;ssn&#039;,<br \/>\n            r&#039;api[_-]?key&#039;<br \/>\n        ]<\/p>\n<p>    def sanitize_error_detail(self, error_detail: Dict) -&gt; Dict:<br \/>\n        &#034;&#034;&#034;\u6e05\u7406\u53ef\u80fd\u5305\u542b\u654f\u611f\u4fe1\u606f\u7684\u9519\u8bef\u8be6\u60c5&#034;&#034;&#034;<br \/>\n        sanitized &#061; error_detail.copy()<\/p>\n<p>        # \u6e05\u7406\u5b57\u6bb5\u503c<br \/>\n        if &#039;field&#039; in sanitized and self.is_sensitive_field(sanitized[&#039;field&#039;]):<br \/>\n            sanitized[&#039;value&#039;] &#061; &#039;[REDACTED]&#039;<br \/>\n            sanitized[&#039;message&#039;] &#061; sanitized[&#039;message&#039;].replace(<br \/>\n                sanitized.get(&#039;actual_value&#039;, &#039;&#039;),<br \/>\n                &#039;[REDACTED]&#039;<br \/>\n            )<\/p>\n<p>        # \u5728\u975e\u8c03\u8bd5\u6a21\u5f0f\u4e0b\u9690\u85cf\u6280\u672f\u7ec6\u8282<br \/>\n        if not self.debug_mode:<br \/>\n            sanitized.pop(&#039;stack_trace&#039;, None)<br \/>\n            sanitized.pop(&#039;internal_code&#039;, None)<br \/>\n            if &#039;message&#039; in sanitized:<br \/>\n                # \u901a\u7528\u5316\u9519\u8bef\u6d88\u606f<br \/>\n                sanitized[&#039;message&#039;] &#061; self.generalize_message(<br \/>\n                    sanitized[&#039;message&#039;]<br \/>\n                )<\/p>\n<p>        return sanitized<\/p>\n<p>    def is_sensitive_field(self, field_name: str) -&gt; bool:<br \/>\n        &#034;&#034;&#034;\u68c0\u67e5\u5b57\u6bb5\u540d\u662f\u5426\u53ef\u80fd\u5305\u542b\u654f\u611f\u4fe1\u606f&#034;&#034;&#034;<br \/>\n        field_lower &#061; field_name.lower()<br \/>\n        return any(<br \/>\n            re.search(pattern, field_lower)<br \/>\n            for pattern in self.sensitive_patterns<br \/>\n        )<\/p>\n<p>    def generalize_message(self, message: str) -&gt; str:<br \/>\n        &#034;&#034;&#034;\u901a\u7528\u5316\u9519\u8bef\u6d88\u606f&#xff0c;\u907f\u514d\u6cc4\u9732\u5b9e\u73b0\u7ec6\u8282&#034;&#034;&#034;<br \/>\n        generalizations &#061; {<br \/>\n            r&#039;column &#034;.*&#034; does not exist&#039;: &#039;\u8bf7\u6c42\u7684\u5b57\u6bb5\u4e0d\u5b58\u5728&#039;,<br \/>\n            r&#039;invalid input syntax&#039;: &#039;\u8f93\u5165\u683c\u5f0f\u4e0d\u6b63\u786e&#039;,<br \/>\n            r&#039;division by zero&#039;: &#039;\u8ba1\u7b97\u9519\u8bef&#039;,<br \/>\n            r&#039;cannot cast.*to.*&#039;: &#039;\u7c7b\u578b\u8f6c\u6362\u9519\u8bef&#039;,<br \/>\n            r&#039;permission denied&#039;: &#039;\u64cd\u4f5c\u88ab\u62d2\u7edd&#039;<br \/>\n        }<\/p>\n<p>        for pattern, replacement in generalizations.items():<br \/>\n            if re.search(pattern, message, re.IGNORECASE):<br \/>\n                return replacement<\/p>\n<p>        return &#039;\u8bf7\u6c42\u5904\u7406\u5931\u8d25&#039;<\/p>\n<h5>16.6.2 \u8bf7\u6c42\u5927\u5c0f\u9650\u5236<\/h5>\n<p>python<\/p>\n<p># \u9632\u6b62DoS\u653b\u51fb&#xff1a;\u8bf7\u6c42\u5927\u5c0f\u9650\u5236<br \/>\nfrom flask import request, abort<br \/>\nfrom functools import wraps<br \/>\nimport sys<\/p>\n<p>class RequestSizeLimiter:<br \/>\n    def __init__(self, max_size&#061;1024 * 1024):  # 1MB\u9ed8\u8ba4<br \/>\n        self.max_size &#061; max_size<\/p>\n<p>    def __call__(self, f):<br \/>\n        &#064;wraps(f)<br \/>\n        def decorated_function(*args, **kwargs):<br \/>\n            # \u68c0\u67e5Content-Length\u5934<br \/>\n            content_length &#061; request.content_length<\/p>\n<p>            if content_length and content_length &gt; self.max_size:<br \/>\n                return {<br \/>\n                    &#039;error&#039;: {<br \/>\n                        &#039;code&#039;: &#039;REQUEST_TOO_LARGE&#039;,<br \/>\n                        &#039;message&#039;: f&#039;\u8bf7\u6c42\u4f53\u5927\u5c0f\u8d85\u8fc7\u9650\u5236({self.max_size}\u5b57\u8282)&#039;,<br \/>\n                        &#039;max_size&#039;: self.max_size,<br \/>\n                        &#039;actual_size&#039;: content_length<br \/>\n                    }<br \/>\n                }, 400<\/p>\n<p>            # \u5bf9\u4e8e\u6d41\u5f0f\u8bf7\u6c42&#xff0c;\u68c0\u67e5\u5df2\u8bfb\u53d6\u7684\u6570\u636e<br \/>\n            if request.is_streamed:<br \/>\n                # \u8fd9\u91cc\u53ef\u4ee5\u5b9e\u73b0\u6d41\u5f0f\u8bfb\u53d6\u65f6\u7684\u68c0\u67e5<br \/>\n                pass<\/p>\n<p>            return f(*args, **kwargs)<br \/>\n        return decorated_function<\/p>\n<p># \u4f7f\u7528\u793a\u4f8b<br \/>\napp.config[&#039;MAX_CONTENT_LENGTH&#039;] &#061; 16 * 1024 * 1024  # 16MB\u5168\u5c40\u9650\u5236<\/p>\n<p>&#064;app.route(&#039;\/upload&#039;, methods&#061;[&#039;POST&#039;])<br \/>\n&#064;RequestSizeLimiter(max_size&#061;10 * 1024 * 1024)  # 10MB\u7aef\u70b9\u9650\u5236<br \/>\ndef upload_file():<br \/>\n    # \u5904\u7406\u4e0a\u4f20<br \/>\n    pass<\/p>\n<h4>16.7 \u6027\u80fd\u4f18\u5316<\/h4>\n<h5>16.7.1 \u65e9\u671f\u9a8c\u8bc1\u4e0e\u5feb\u901f\u5931\u8d25<\/h5>\n<p>python<\/p>\n<p># \u8bf7\u6c42\u5904\u7406\u7ba1\u9053&#xff1a;\u65e9\u671f\u9a8c\u8bc1<br \/>\nclass RequestPipeline:<br \/>\n    def __init__(self):<br \/>\n        self.validators &#061; []<\/p>\n<p>    def add_validator(self, validator):<br \/>\n        self.validators.append(validator)<\/p>\n<p>    async def process_request(self, request):<br \/>\n        &#034;&#034;&#034;\u6309\u987a\u5e8f\u6267\u884c\u9a8c\u8bc1&#xff0c;\u5feb\u901f\u5931\u8d25&#034;&#034;&#034;<br \/>\n        validation_context &#061; {<br \/>\n            &#039;request&#039;: request,<br \/>\n            &#039;errors&#039;: []<br \/>\n        }<\/p>\n<p>        # 1. \u57fa\u7840\u7ed3\u6784\u9a8c\u8bc1<br \/>\n        yield self.validate_structure(request)<\/p>\n<p>        # 2. \u8ba4\u8bc1\u9a8c\u8bc1&#xff08;\u5982\u679c\u9002\u7528&#xff09;<br \/>\n        if self.requires_auth(request):<br \/>\n            yield self.validate_auth(request)<\/p>\n<p>        # 3. \u4e1a\u52a1\u89c4\u5219\u9a8c\u8bc1<br \/>\n        yield self.validate_business_rules(request)<\/p>\n<p>        # \u5982\u679c\u6709\u9519\u8bef&#xff0c;\u7acb\u5373\u8fd4\u56de400<br \/>\n        if validation_context[&#039;errors&#039;]:<br \/>\n            return self.create_error_response(validation_context[&#039;errors&#039;])<\/p>\n<p>        # 4. \u5904\u7406\u8bf7\u6c42<br \/>\n        return await self.handle_request(request)<\/p>\n<p>    def validate_structure(self, request):<br \/>\n        &#034;&#034;&#034;\u9a8c\u8bc1\u8bf7\u6c42\u57fa\u7840\u7ed3\u6784&#034;&#034;&#034;<br \/>\n        errors &#061; []<\/p>\n<p>        # \u68c0\u67e5HTTP\u65b9\u6cd5<br \/>\n        if request.method not in self.allowed_methods:<br \/>\n            errors.append({<br \/>\n                &#039;code&#039;: &#039;METHOD_NOT_ALLOWED&#039;,<br \/>\n                &#039;message&#039;: f&#039;\u4e0d\u652f\u6301\u7684\u65b9\u6cd5: {request.method}&#039;<br \/>\n            })<\/p>\n<p>        # \u68c0\u67e5Content-Type<br \/>\n        content_type &#061; request.headers.get(&#039;Content-Type&#039;, &#039;&#039;)<br \/>\n        if request.method in [&#039;POST&#039;, &#039;PUT&#039;, &#039;PATCH&#039;]:<br \/>\n            if not content_type:<br \/>\n                errors.append({<br \/>\n                    &#039;code&#039;: &#039;MISSING_CONTENT_TYPE&#039;,<br \/>\n                    &#039;message&#039;: &#039;Content-Type\u5934\u5fc5\u987b\u63d0\u4f9b&#039;<br \/>\n                })<br \/>\n            elif &#039;application\/json&#039; not in content_type:<br \/>\n                errors.append({<br \/>\n                    &#039;code&#039;: &#039;UNSUPPORTED_MEDIA_TYPE&#039;,<br \/>\n                    &#039;message&#039;: &#039;\u4ec5\u652f\u6301application\/json\u683c\u5f0f&#039;<br \/>\n                })<\/p>\n<p>        return errors<\/p>\n<h4>16.8 \u7279\u6b8a\u573a\u666f\u5904\u7406<\/h4>\n<h5>16.8.1 \u6279\u91cf\u8bf7\u6c42\u4e2d\u7684\u90e8\u5206\u5931\u8d25<\/h5>\n<p>json<\/p>\n<p>{<br \/>\n  &#034;error&#034;: {<br \/>\n    &#034;code&#034;: &#034;PARTIAL_FAILURE&#034;,<br \/>\n    &#034;message&#034;: &#034;\u6279\u91cf\u8bf7\u6c42\u4e2d\u90e8\u5206\u64cd\u4f5c\u5931\u8d25&#034;,<br \/>\n    &#034;details&#034;: {<br \/>\n      &#034;successful&#034;: [1, 2, 4],<br \/>\n      &#034;failed&#034;: [<br \/>\n        {<br \/>\n          &#034;index&#034;: 3,<br \/>\n          &#034;error&#034;: {<br \/>\n            &#034;code&#034;: &#034;VALIDATION_ERROR&#034;,<br \/>\n            &#034;field&#034;: &#034;email&#034;,<br \/>\n            &#034;message&#034;: &#034;\u90ae\u7bb1\u683c\u5f0f\u65e0\u6548&#034;<br \/>\n          }<br \/>\n        },<br \/>\n        {<br \/>\n          &#034;index&#034;: 5,<br \/>\n          &#034;error&#034;: {<br \/>\n            &#034;code&#034;: &#034;DUPLICATE_ENTRY&#034;,<br \/>\n            &#034;field&#034;: &#034;username&#034;,<br \/>\n            &#034;message&#034;: &#034;\u7528\u6237\u540d\u5df2\u5b58\u5728&#034;<br \/>\n          }<br \/>\n        }<br \/>\n      ]<br \/>\n    }<br \/>\n  }<br \/>\n}<\/p>\n<h5>16.8.2 API\u7248\u672c\u517c\u5bb9\u6027<\/h5>\n<p>python<\/p>\n<p># API\u7248\u672c\u5904\u7406<br \/>\nclass VersionedAPI:<br \/>\n    def __init__(self):<br \/>\n        self.supported_versions &#061; [&#039;v1&#039;, &#039;v2&#039;, &#039;v3&#039;]<br \/>\n        self.default_version &#061; &#039;v2&#039;<\/p>\n<p>    def validate_version(self, request):<br \/>\n        &#034;&#034;&#034;\u9a8c\u8bc1API\u7248\u672c&#034;&#034;&#034;<br \/>\n        version &#061; request.headers.get(&#039;X-API-Version&#039;) or \\\\<br \/>\n                 request.args.get(&#039;api_version&#039;)<\/p>\n<p>        if not version:<br \/>\n            version &#061; self.default_version<\/p>\n<p>        if version not in self.supported_versions:<br \/>\n            return {<br \/>\n                &#039;error&#039;: {<br \/>\n                    &#039;code&#039;: &#039;UNSUPPORTED_VERSION&#039;,<br \/>\n                    &#039;message&#039;: f&#039;\u4e0d\u652f\u6301\u7684API\u7248\u672c: {version}&#039;,<br \/>\n                    &#039;supported_versions&#039;: self.supported_versions,<br \/>\n                    &#039;default_version&#039;: self.default_version<br \/>\n                }<br \/>\n            }, 400<\/p>\n<p>        request.api_version &#061; version<br \/>\n        return None<\/p>\n<hr \/>\n<p>\u7531\u4e8e\u7bc7\u5e45\u9650\u5236&#xff0c;\u4ee5\u4e0a\u8be6\u7ec6\u5c55\u5f00\u4e86\u7b2c16\u7ae0&#034;400 Bad Request&#034;\u7684\u5185\u5bb9\u3002\u6bcf\u4e2a4xx\u72b6\u6001\u7801\u90fd\u9700\u8981\u7c7b\u4f3c\u7684\u6df1\u5ea6\u5206\u6790\u3002\u5982\u679c\u60a8\u9700\u8981\u5176\u4ed6\u7ae0\u8282&#xff08;401\u3001403\u3001404\u7b49&#xff09;\u7684\u8be6\u7ec6\u5185\u5bb9&#xff0c;\u6211\u53ef\u4ee5\u7ee7\u7eed\u4e3a\u60a8\u5c55\u5f00\u3002\u6bcf\u4e2a\u7ae0\u8282\u90fd\u4f1a\u6309\u7167\u7c7b\u4f3c\u7684\u6df1\u5ea6\u548c\u7ed3\u6784\u8fdb\u884c\u5206\u6790&#xff0c;\u5305\u62ec&#xff1a;<\/p>\n<li>\n<p>\u5b9a\u4e49\u4e0e\u8bed\u4e49&#xff1a;\u72b6\u6001\u7801\u7684\u6b63\u5f0f\u5b9a\u4e49\u548c\u4f7f\u7528\u573a\u666f<\/p>\n<\/li>\n<li>\n<p>\u89e6\u53d1\u6761\u4ef6&#xff1a;\u4ec0\u4e48\u60c5\u51b5\u4e0b\u5e94\u8be5\u8fd4\u56de\u8be5\u72b6\u6001\u7801<\/p>\n<\/li>\n<li>\n<p>\u5b9e\u73b0\u7ec6\u8282&#xff1a;\u670d\u52a1\u5668\u7aef\u5982\u4f55\u6b63\u786e\u5b9e\u73b0<\/p>\n<\/li>\n<li>\n<p>\u5ba2\u6237\u7aef\u5904\u7406&#xff1a;\u5ba2\u6237\u7aef\u5982\u4f55\u6b63\u786e\u5904\u7406\u54cd\u5e94<\/p>\n<\/li>\n<li>\n<p>\u5b89\u5168\u8003\u8651&#xff1a;\u76f8\u5173\u7684\u5b89\u5168\u95ee\u9898\u548c\u9632\u62a4\u63aa\u65bd<\/p>\n<\/li>\n<li>\n<p>\u6027\u80fd\u4f18\u5316&#xff1a;\u5982\u4f55\u9ad8\u6548\u5904\u7406\u8fd9\u7c7b\u9519\u8bef<\/p>\n<\/li>\n<li>\n<p>\u76d1\u63a7\u8c03\u8bd5&#xff1a;\u5982\u4f55\u76d1\u63a7\u548c\u8c03\u8bd5\u76f8\u5173\u95ee\u9898<\/p>\n<\/li>\n<li>\n<p>\u6700\u4f73\u5b9e\u8df5&#xff1a;\u884c\u4e1a\u5185\u7684\u6700\u4f73\u5b9e\u8df5\u548c\u6a21\u5f0f<\/p>\n<\/li>\n<p>\u60a8\u5e0c\u671b\u6211\u7ee7\u7eed\u5c55\u5f00\u54ea\u4e2a\u7ae0\u8282\u7684\u5185\u5bb9&#xff1f;<\/p>\n<p>\u7ee7\u7eed<\/p>\n<p>\u6211\u4eec\u7ee7\u7eed\u7b2c17\u7ae0&#xff1a;401 Unauthorized &#8211; \u8ba4\u8bc1\u5931\u8d25\u5904\u7406\u3002<\/p>\n<h3>\u7b2c17\u7ae0&#xff1a;401 Unauthorized &#8211; \u8ba4\u8bc1\u5931\u8d25\u5904\u7406<\/h3>\n<h4>17.1 \u5b9a\u4e49\u4e0e\u8bed\u4e49<\/h4>\n<p>401 Unauthorized\u00a0\u72b6\u6001\u7801\u8868\u793a\u8bf7\u6c42\u7f3a\u5c11\u6709\u6548\u7684\u8eab\u4efd\u9a8c\u8bc1\u51ed\u8bc1&#xff0c;\u6216\u8005\u63d0\u4f9b\u7684\u51ed\u8bc1\u65e0\u6548\u3002\u8fd9\u4e2a\u72b6\u6001\u7801\u660e\u786e\u8868\u793a\u5ba2\u6237\u7aef\u9700\u8981\u63d0\u4f9b\u6709\u6548\u7684\u8eab\u4efd\u9a8c\u8bc1\u4fe1\u606f\u624d\u80fd\u8bbf\u95ee\u8d44\u6e90\u3002<\/p>\n<p>\u5173\u952e\u7279\u6027&#xff1a;<\/p>\n<ul>\n<li>\n<p>\u4e0e\u8eab\u4efd\u9a8c\u8bc1&#xff08;Authentication&#xff09;\u76f8\u5173&#xff0c;\u5373\u201c\u4f60\u662f\u8c01\u201d\u7684\u95ee\u9898<\/p>\n<\/li>\n<li>\n<p>\u901a\u5e38\u4e0eWWW-Authenticate\u54cd\u5e94\u5934\u4e00\u8d77\u4f7f\u7528&#xff0c;\u6307\u793a\u5982\u4f55\u63d0\u4f9b\u51ed\u8bc1<\/p>\n<\/li>\n<li>\n<p>\u5ba2\u6237\u7aef\u53ef\u4ee5\u901a\u8fc7\u63d0\u4f9b\u6b63\u786e\u7684\u51ed\u8bc1\u91cd\u8bd5\u8bf7\u6c42<\/p>\n<\/li>\n<\/ul>\n<p>\u6ce8\u610f&#xff1a;401\u72b6\u6001\u7801\u4e0e403 Forbidden&#xff08;\u7b2c18\u7ae0&#xff09;\u7684\u533a\u522b\u5728\u4e8e&#xff0c;401\u8868\u793a\u672a\u8ba4\u8bc1\u6216\u8ba4\u8bc1\u5931\u8d25&#xff0c;\u800c403\u8868\u793a\u5df2\u8ba4\u8bc1\u4f46\u65e0\u6743\u8bbf\u95ee\u3002<\/p>\n<h4>17.2 \u5e38\u89c1\u89e6\u53d1\u573a\u666f<\/h4>\n<h5>17.2.1 \u7f3a\u5c11\u8eab\u4efd\u9a8c\u8bc1\u51ed\u8bc1<\/h5>\n<p>http<\/p>\n<p>GET \/api\/protected-resource HTTP\/1.1<br \/>\nHost: example.com<br \/>\n# \u672a\u63d0\u4f9bAuthorization\u5934<\/p>\n<h5>17.2.2 \u65e0\u6548\u6216\u8fc7\u671f\u7684\u4ee4\u724c<\/h5>\n<p>http<\/p>\n<p>GET \/api\/protected-resource HTTP\/1.1<br \/>\nHost: example.com<br \/>\nAuthorization: Bearer invalid_or_expired_token<\/p>\n<h5>17.2.3 \u51ed\u8bc1\u683c\u5f0f\u9519\u8bef<\/h5>\n<p>http<\/p>\n<p>GET \/api\/protected-resource HTTP\/1.1<br \/>\nHost: example.com<br \/>\nAuthorization: Bearer token_with_incorrect_format<\/p>\n<h5>17.2.4 \u8ba4\u8bc1\u65b9\u6848\u4e0d\u5339\u914d<\/h5>\n<p>http<\/p>\n<p>GET \/api\/protected-resource HTTP\/1.1<br \/>\nHost: example.com<br \/>\nAuthorization: Basic dXNlcjpwYXNz  # \u53ef\u80fd\u7aef\u70b9\u671f\u671bBearer\u4ee4\u724c<\/p>\n<h4>17.3 \u8be6\u7ec6\u5b9e\u73b0\u4e0e\u6700\u4f73\u5b9e\u8df5<\/h4>\n<h5>17.3.1 \u54cd\u5e94\u5934\u4e0e\u8d28\u8be2\u673a\u5236<\/h5>\n<p>\u6839\u636eHTTP\u6807\u51c6&#xff0c;\u5f53\u8fd4\u56de401\u72b6\u6001\u7801\u65f6&#xff0c;\u670d\u52a1\u5668\u5e94\u8be5\u5305\u542bWWW-Authenticate\u5934&#xff0c;\u6307\u793a\u5ba2\u6237\u7aef\u5982\u4f55\u63d0\u4f9b\u51ed\u8bc1\u3002<\/p>\n<p>http<\/p>\n<p>HTTP\/1.1 401 Unauthorized<br \/>\nWWW-Authenticate: Bearer realm&#061;&#034;example&#034;, error&#061;&#034;invalid_token&#034;, error_description&#061;&#034;The access token expired&#034;<br \/>\nContent-Type: application\/json<\/p>\n<p>{<br \/>\n  &#034;error&#034;: &#034;invalid_token&#034;,<br \/>\n  &#034;error_description&#034;: &#034;The access token expired&#034;<br \/>\n}<\/p>\n<p>\u5e38\u89c1\u7684\u8ba4\u8bc1\u65b9\u6848&#xff08;Authentication Schemes&#xff09;&#xff1a;<\/p>\n<ul>\n<li>\n<p>Basic: \u4f7f\u7528Base64\u7f16\u7801\u7684\u7528\u6237\u540d\u548c\u5bc6\u7801<\/p>\n<\/li>\n<li>\n<p>Bearer: \u4f7f\u7528Bearer\u4ee4\u724c&#xff08;\u5982OAuth 2.0&#xff09;<\/p>\n<\/li>\n<li>\n<p>Digest: \u4f7f\u7528\u6458\u8981\u8ba4\u8bc1<\/p>\n<\/li>\n<li>\n<p>Negotiate: \u4f7f\u7528SPNEGO&#xff08;\u4f8b\u5982Kerberos&#xff09;<\/p>\n<\/li>\n<\/ul>\n<h5>17.3.2 \u5b9e\u73b0\u793a\u4f8b&#xff1a;JWT\u8ba4\u8bc1\u4e2d\u95f4\u4ef6<\/h5>\n<p>python<\/p>\n<p># Python\u793a\u4f8b&#xff1a;JWT\u8ba4\u8bc1\u4e2d\u95f4\u4ef6<br \/>\nimport jwt<br \/>\nfrom functools import wraps<br \/>\nfrom flask import request, jsonify, current_app<\/p>\n<p>def token_required(f):<br \/>\n    &#064;wraps(f)<br \/>\n    def decorated(*args, **kwargs):<br \/>\n        auth_header &#061; request.headers.get(&#039;Authorization&#039;)<\/p>\n<p>        if not auth_header:<br \/>\n            # \u8fd4\u56de401&#xff0c;\u6307\u793a\u9700\u8981\u63d0\u4f9bBearer\u4ee4\u724c<br \/>\n            response &#061; jsonify({<br \/>\n                &#039;error&#039;: &#039;authentication_required&#039;,<br \/>\n                &#039;error_description&#039;: &#039;Authorization header is missing&#039;<br \/>\n            })<br \/>\n            response.status_code &#061; 401<br \/>\n            response.headers[&#039;WWW-Authenticate&#039;] &#061; &#039;Bearer realm&#061;&#034;Protected Resource&#034;&#039;<br \/>\n            return response<\/p>\n<p>        # \u68c0\u67e5Authorization\u5934\u7684\u683c\u5f0f<br \/>\n        parts &#061; auth_header.split()<\/p>\n<p>        if parts[0].lower() !&#061; &#039;bearer&#039;:<br \/>\n            response &#061; jsonify({<br \/>\n                &#039;error&#039;: &#039;invalid_header&#039;,<br \/>\n                &#039;error_description&#039;: &#039;Authorization header must start with Bearer&#039;<br \/>\n            })<br \/>\n            response.status_code &#061; 401<br \/>\n            response.headers[&#039;WWW-Authenticate&#039;] &#061; &#039;Bearer realm&#061;&#034;Protected Resource&#034;, error&#061;&#034;invalid_header&#034;&#039;<br \/>\n            return response<\/p>\n<p>        if len(parts) &#061;&#061; 1:<br \/>\n            response &#061; jsonify({<br \/>\n                &#039;error&#039;: &#039;invalid_header&#039;,<br \/>\n                &#039;error_description&#039;: &#039;Token not found&#039;<br \/>\n            })<br \/>\n            response.status_code &#061; 401<br \/>\n            response.headers[&#039;WWW-Authenticate&#039;] &#061; &#039;Bearer realm&#061;&#034;Protected Resource&#034;, error&#061;&#034;invalid_header&#034;&#039;<br \/>\n            return response<\/p>\n<p>        if len(parts) &gt; 2:<br \/>\n            response &#061; jsonify({<br \/>\n                &#039;error&#039;: &#039;invalid_header&#039;,<br \/>\n                &#039;error_description&#039;: &#039;Authorization header must be Bearer token&#039;<br \/>\n            })<br \/>\n            response.status_code &#061; 401<br \/>\n            response.headers[&#039;WWW-Authenticate&#039;] &#061; &#039;Bearer realm&#061;&#034;Protected Resource&#034;, error&#061;&#034;invalid_header&#034;&#039;<br \/>\n            return response<\/p>\n<p>        token &#061; parts[1]<\/p>\n<p>        try:<br \/>\n            # \u89e3\u7801\u4ee4\u724c<br \/>\n            payload &#061; jwt.decode(<br \/>\n                token,<br \/>\n                current_app.config[&#039;SECRET_KEY&#039;],<br \/>\n                algorithms&#061;[&#039;HS256&#039;]<br \/>\n            )<br \/>\n            request.user_id &#061; payload[&#039;sub&#039;]<br \/>\n        except jwt.ExpiredSignatureError:<br \/>\n            response &#061; jsonify({<br \/>\n                &#039;error&#039;: &#039;token_expired&#039;,<br \/>\n                &#039;error_description&#039;: &#039;The access token has expired&#039;<br \/>\n            })<br \/>\n            response.status_code &#061; 401<br \/>\n            response.headers[&#039;WWW-Authenticate&#039;] &#061; &#039;Bearer realm&#061;&#034;Protected Resource&#034;, error&#061;&#034;invalid_token&#034;, error_description&#061;&#034;The access token expired&#034;&#039;<br \/>\n            return response<br \/>\n        except jwt.InvalidTokenError as e:<br \/>\n            response &#061; jsonify({<br \/>\n                &#039;error&#039;: &#039;invalid_token&#039;,<br \/>\n                &#039;error_description&#039;: str(e)<br \/>\n            })<br \/>\n            response.status_code &#061; 401<br \/>\n            response.headers[&#039;WWW-Authenticate&#039;] &#061; &#039;Bearer realm&#061;&#034;Protected Resource&#034;, error&#061;&#034;invalid_token&#034;&#039;<br \/>\n            return response<\/p>\n<p>        return f(*args, **kwargs)<\/p>\n<p>    return decorated<\/p>\n<p># \u4f7f\u7528\u793a\u4f8b<br \/>\n&#064;app.route(&#039;\/api\/protected&#039;)<br \/>\n&#064;token_required<br \/>\ndef protected_resource():<br \/>\n    return jsonify({&#039;message&#039;: &#039;This is a protected resource&#039;})<\/p>\n<h5>17.3.3 \u591a\u56e0\u7d20\u8ba4\u8bc1&#xff08;MFA&#xff09;\u5904\u7406<\/h5>\n<p>\u5f53\u7aef\u70b9\u9700\u8981\u591a\u56e0\u7d20\u8ba4\u8bc1\u65f6&#xff0c;\u53ef\u4ee5\u4f7f\u7528\u81ea\u5b9a\u4e49\u9519\u8bef\u4ee3\u7801\u6765\u6307\u793a\u9700\u8981\u989d\u5916\u7684\u9a8c\u8bc1\u6b65\u9aa4\u3002<\/p>\n<p>http<\/p>\n<p>HTTP\/1.1 401 Unauthorized<br \/>\nContent-Type: application\/json<\/p>\n<p>{<br \/>\n  &#034;error&#034;: &#034;mfa_required&#034;,<br \/>\n  &#034;error_description&#034;: &#034;Multi-factor authentication is required&#034;,<br \/>\n  &#034;mfa_methods&#034;: [&#034;totp&#034;, &#034;sms&#034;],<br \/>\n  &#034;mfa_token&#034;: &#034;temp_token_for_mfa&#034;<br \/>\n}<\/p>\n<p>\u5ba2\u6237\u7aef\u968f\u540e\u53ef\u4ee5\u4f7f\u7528mfa_token\u548c\u63d0\u4f9b\u7684\u9a8c\u8bc1\u7801\u8c03\u7528MFA\u9a8c\u8bc1\u7aef\u70b9\u3002<\/p>\n<h4>17.4 \u5ba2\u6237\u7aef\u5904\u7406\u7b56\u7565<\/h4>\n<h5>17.4.1 \u81ea\u52a8\u5237\u65b0\u4ee4\u724c\u673a\u5236<\/h5>\n<p>javascript<\/p>\n<p>\/\/ \u5ba2\u6237\u7aef&#xff1a;\u81ea\u52a8\u5237\u65b0\u8bbf\u95ee\u4ee4\u724c<br \/>\nclass AuthClient {<br \/>\n  constructor() {<br \/>\n    this.accessToken &#061; localStorage.getItem(&#039;access_token&#039;);<br \/>\n    this.refreshToken &#061; localStorage.getItem(&#039;refresh_token&#039;);<br \/>\n    this.isRefreshing &#061; false;<br \/>\n    this.refreshSubscribers &#061; [];<br \/>\n  }<\/p>\n<p>  async request(url, options &#061; {}) {<br \/>\n    \/\/ \u521d\u59cb\u8bf7\u6c42<br \/>\n    let response &#061; await this.makeRequest(url, options);<\/p>\n<p>    \/\/ \u5982\u679c\u8fd4\u56de401&#xff0c;\u5c1d\u8bd5\u5237\u65b0\u4ee4\u724c\u5e76\u91cd\u8bd5<br \/>\n    if (response.status &#061;&#061;&#061; 401) {<br \/>\n      const errorData &#061; await response.json();<\/p>\n<p>      \/\/ \u68c0\u67e5\u9519\u8bef\u7c7b\u578b&#xff0c;\u53ea\u6709\u7279\u5b9a\u7684\u4ee4\u724c\u9519\u8bef\u624d\u5c1d\u8bd5\u5237\u65b0<br \/>\n      if (errorData.error &#061;&#061;&#061; &#039;token_expired&#039; || errorData.error &#061;&#061;&#061; &#039;invalid_token&#039;) {<br \/>\n        \/\/ \u5237\u65b0\u4ee4\u724c<br \/>\n        const newToken &#061; await this.refreshAccessToken();<\/p>\n<p>        if (newToken) {<br \/>\n          \/\/ \u4f7f\u7528\u65b0\u4ee4\u724c\u91cd\u8bd5\u8bf7\u6c42<br \/>\n          options.headers.Authorization &#061; &#096;Bearer ${newToken}&#096;;<br \/>\n          response &#061; await this.makeRequest(url, options);<br \/>\n        } else {<br \/>\n          \/\/ \u5237\u65b0\u5931\u8d25&#xff0c;\u8df3\u8f6c\u5230\u767b\u5f55\u9875<br \/>\n          this.redirectToLogin();<br \/>\n        }<br \/>\n      } else if (errorData.error &#061;&#061;&#061; &#039;authentication_required&#039;) {<br \/>\n        \/\/ \u9700\u8981\u91cd\u65b0\u767b\u5f55<br \/>\n        this.redirectToLogin();<br \/>\n      }<br \/>\n    }<\/p>\n<p>    return response;<br \/>\n  }<\/p>\n<p>  async makeRequest(url, options) {<br \/>\n    const defaultHeaders &#061; {<br \/>\n      &#039;Authorization&#039;: &#096;Bearer ${this.accessToken}&#096;,<br \/>\n      &#039;Content-Type&#039;: &#039;application\/json&#039;<br \/>\n    };<\/p>\n<p>    const mergedOptions &#061; {<br \/>\n      &#8230;options,<br \/>\n      headers: {<br \/>\n        &#8230;defaultHeaders,<br \/>\n        &#8230;options.headers<br \/>\n      }<br \/>\n    };<\/p>\n<p>    return fetch(url, mergedOptions);<br \/>\n  }<\/p>\n<p>  async refreshAccessToken() {<br \/>\n    \/\/ \u9632\u6b62\u5e76\u53d1\u5237\u65b0<br \/>\n    if (this.isRefreshing) {<br \/>\n      \/\/ \u5982\u679c\u5df2\u7ecf\u5728\u5237\u65b0&#xff0c;\u5219\u7b49\u5f85\u5237\u65b0\u5b8c\u6210<br \/>\n      return new Promise((resolve) &#061;&gt; {<br \/>\n        this.refreshSubscribers.push(resolve);<br \/>\n      });<br \/>\n    }<\/p>\n<p>    this.isRefreshing &#061; true;<\/p>\n<p>    try {<br \/>\n      const response &#061; await fetch(&#039;\/auth\/refresh&#039;, {<br \/>\n        method: &#039;POST&#039;,<br \/>\n        headers: {<br \/>\n          &#039;Content-Type&#039;: &#039;application\/json&#039;<br \/>\n        },<br \/>\n        body: JSON.stringify({<br \/>\n          refresh_token: this.refreshToken<br \/>\n        })<br \/>\n      });<\/p>\n<p>      if (response.ok) {<br \/>\n        const data &#061; await response.json();<br \/>\n        this.accessToken &#061; data.access_token;<\/p>\n<p>        \/\/ \u5b58\u50a8\u65b0\u4ee4\u724c<br \/>\n        localStorage.setItem(&#039;access_token&#039;, data.access_token);<\/p>\n<p>        \/\/ \u901a\u77e5\u6240\u6709\u7b49\u5f85\u7684\u8bf7\u6c42<br \/>\n        this.refreshSubscribers.forEach(callback &#061;&gt; callback(data.access_token));<br \/>\n        this.refreshSubscribers &#061; [];<\/p>\n<p>        return data.access_token;<br \/>\n      } else {<br \/>\n        \/\/ \u5237\u65b0\u5931\u8d25&#xff0c;\u6e05\u9664\u672c\u5730\u5b58\u50a8<br \/>\n        this.clearTokens();<br \/>\n        return null;<br \/>\n      }<br \/>\n    } catch (error) {<br \/>\n      console.error(&#039;Failed to refresh token:&#039;, error);<br \/>\n      return null;<br \/>\n    } finally {<br \/>\n      this.isRefreshing &#061; false;<br \/>\n    }<br \/>\n  }<\/p>\n<p>  clearTokens() {<br \/>\n    localStorage.removeItem(&#039;access_token&#039;);<br \/>\n    localStorage.removeItem(&#039;refresh_token&#039;);<br \/>\n    this.accessToken &#061; null;<br \/>\n    this.refreshToken &#061; null;<br \/>\n  }<\/p>\n<p>  redirectToLogin() {<br \/>\n    window.location.href &#061; &#039;\/login?return&#061;&#039; &#043; encodeURIComponent(window.location.pathname);<br \/>\n  }<br \/>\n}<\/p>\n<h5>17.4.2 \u5904\u7406\u591a\u79cd\u8ba4\u8bc1\u65b9\u6848<\/h5>\n<p>javascript<\/p>\n<p>\/\/ \u5904\u7406\u591a\u4e2aWWW-Authenticate\u8d28\u8be2<br \/>\nfunction parseWwwAuthenticate(header) {<br \/>\n  const challenges &#061; [];<\/p>\n<p>  \/\/ \u53ef\u80fd\u6709\u591a\u4e2a\u8d28\u8be2&#xff0c;\u7528\u9017\u53f7\u5206\u9694&#xff08;\u6ce8\u610f&#xff1a;\u4e00\u4e2a\u5934\u5185\u53ef\u80fd\u6709\u591a\u4e2a\u65b9\u6848&#xff0c;\u4f46\u901a\u5e38\u6bcf\u4e2a\u65b9\u6848\u5355\u72ec\u4e00\u4e2a\u5934&#xff09;<br \/>\n  \/\/ \u5b9e\u9645\u4e2d&#xff0c;\u670d\u52a1\u5668\u53ef\u80fd\u8fd4\u56de\u591a\u4e2aWWW-Authenticate\u5934&#xff0c;\u6bcf\u4e2a\u5bf9\u5e94\u4e00\u4e2a\u65b9\u6848<br \/>\n  const schemes &#061; header.split(&#039;,&#039;).map(s &#061;&gt; s.trim());<\/p>\n<p>  schemes.forEach(scheme &#061;&gt; {<br \/>\n    const [schemeName, &#8230;params] &#061; scheme.split(&#039; &#039;);<br \/>\n    const challenge &#061; {<br \/>\n      scheme: schemeName.toLowerCase(),<br \/>\n      parameters: {}<br \/>\n    };<\/p>\n<p>    \/\/ \u89e3\u6790\u53c2\u6570&#xff08;\u5982realm, error, error_description\u7b49&#xff09;<br \/>\n    params.join(&#039; &#039;).split(&#039;,&#039;).forEach(param &#061;&gt; {<br \/>\n      const [key, value] &#061; param.trim().split(&#039;&#061;&#039;);<br \/>\n      if (key &amp;&amp; value) {<br \/>\n        \/\/ \u53bb\u9664\u503c\u7684\u5f15\u53f7<br \/>\n        challenge.parameters[key] &#061; value.replace(\/^&#034;(.*)&#034;$\/, &#039;$1&#039;);<br \/>\n      }<br \/>\n    });<\/p>\n<p>    challenges.push(challenge);<br \/>\n  });<\/p>\n<p>  return challenges;<br \/>\n}<\/p>\n<p>\/\/ \u6839\u636e\u8d28\u8be2\u9009\u62e9\u5408\u9002\u7684\u8ba4\u8bc1\u65b9\u6cd5<br \/>\nasync function handleAuthenticationChallenge(challenges) {<br \/>\n  \/\/ \u4f18\u5148\u9009\u62e9\u652f\u6301\u7684\u65b9\u6848<br \/>\n  const supportedSchemes &#061; [&#039;bearer&#039;, &#039;basic&#039;];<\/p>\n<p>  for (const scheme of supportedSchemes) {<br \/>\n    const challenge &#061; challenges.find(c &#061;&gt; c.scheme &#061;&#061;&#061; scheme);<br \/>\n    if (challenge) {<br \/>\n      switch (scheme) {<br \/>\n        case &#039;bearer&#039;:<br \/>\n          \/\/ \u5bf9\u4e8eBearer&#xff0c;\u6211\u4eec\u901a\u5e38\u5df2\u7ecf\u6709\u4ee4\u724c&#xff0c;\u6240\u4ee5\u53ef\u80fd\u662f\u4ee4\u724c\u8fc7\u671f&#xff0c;\u9700\u8981\u5237\u65b0<br \/>\n          \/\/ \u6216\u8005\u9700\u8981\u83b7\u53d6\u65b0\u7684\u4ee4\u724c<br \/>\n          return await refreshBearerToken();<br \/>\n        case &#039;basic&#039;:<br \/>\n          \/\/ \u57fa\u672c\u8ba4\u8bc1&#xff0c;\u9700\u8981\u7528\u6237\u540d\u548c\u5bc6\u7801<br \/>\n          return await promptForCredentials();<br \/>\n        default:<br \/>\n          continue;<br \/>\n      }<br \/>\n    }<br \/>\n  }<\/p>\n<p>  \/\/ \u6ca1\u6709\u652f\u6301\u7684\u65b9\u6848&#xff0c;\u629b\u51fa\u9519\u8bef<br \/>\n  throw new Error(&#039;No supported authentication scheme found&#039;);<br \/>\n}<\/p>\n<h4>17.5 \u5b89\u5168\u8003\u8651<\/h4>\n<h5>17.5.1 \u9632\u6b62\u66b4\u529b\u7834\u89e3<\/h5>\n<p>python<\/p>\n<p># \u9650\u5236\u8ba4\u8bc1\u5c1d\u8bd5\u6b21\u6570<br \/>\nimport time<br \/>\nfrom collections import defaultdict<\/p>\n<p>class AuthenticationLimiter:<br \/>\n    def __init__(self, max_attempts&#061;5, lockout_time&#061;300):<br \/>\n        self.max_attempts &#061; max_attempts<br \/>\n        self.lockout_time &#061; lockout_time<br \/>\n        self.attempts &#061; defaultdict(list)<\/p>\n<p>    def is_locked_out(self, identifier):<br \/>\n        &#034;&#034;&#034;\u68c0\u67e5\u662f\u5426\u56e0\u591a\u6b21\u5931\u8d25\u88ab\u9501\u5b9a&#034;&#034;&#034;<br \/>\n        now &#061; time.time()<\/p>\n<p>        # \u6e05\u7406\u8fc7\u671f\u7684\u5c1d\u8bd5\u8bb0\u5f55<br \/>\n        self.attempts[identifier] &#061; [<br \/>\n            attempt_time for attempt_time in self.attempts[identifier]<br \/>\n            if now &#8211; attempt_time &lt; self.lockout_time<br \/>\n        ]<\/p>\n<p>        # \u68c0\u67e5\u5c1d\u8bd5\u6b21\u6570<br \/>\n        return len(self.attempts[identifier]) &gt;&#061; self.max_attempts<\/p>\n<p>    def record_failure(self, identifier):<br \/>\n        &#034;&#034;&#034;\u8bb0\u5f55\u4e00\u6b21\u5931\u8d25\u5c1d\u8bd5&#034;&#034;&#034;<br \/>\n        self.attempts[identifier].append(time.time())<\/p>\n<p>    def record_success(self, identifier):<br \/>\n        &#034;&#034;&#034;\u6210\u529f\u8ba4\u8bc1\u540e\u6e05\u9664\u5931\u8d25\u8bb0\u5f55&#034;&#034;&#034;<br \/>\n        if identifier in self.attempts:<br \/>\n            del self.attempts[identifier]<\/p>\n<p># \u5728\u8ba4\u8bc1\u7aef\u70b9\u4e2d\u4f7f\u7528<br \/>\nlimiter &#061; AuthenticationLimiter()<\/p>\n<p>&#064;app.route(&#039;\/auth\/login&#039;, methods&#061;[&#039;POST&#039;])<br \/>\ndef login():<br \/>\n    data &#061; request.get_json()<br \/>\n    username &#061; data.get(&#039;username&#039;)<\/p>\n<p>    # \u68c0\u67e5\u662f\u5426\u88ab\u9501\u5b9a<br \/>\n    if limiter.is_locked_out(username):<br \/>\n        return jsonify({<br \/>\n            &#039;error&#039;: &#039;account_locked&#039;,<br \/>\n            &#039;error_description&#039;: &#039;Too many failed attempts. Please try again later.&#039;<br \/>\n        }), 401<\/p>\n<p>    # \u9a8c\u8bc1\u51ed\u8bc1<br \/>\n    if validate_credentials(username, data.get(&#039;password&#039;)):<br \/>\n        limiter.record_success(username)<br \/>\n        return jsonify({&#039;access_token&#039;: create_token(username)})<br \/>\n    else:<br \/>\n        limiter.record_failure(username)<\/p>\n<p>        # \u8fd4\u56de\u901a\u7528\u9519\u8bef\u6d88\u606f&#xff0c;\u907f\u514d\u4fe1\u606f\u6cc4\u9732<br \/>\n        return jsonify({<br \/>\n            &#039;error&#039;: &#039;authentication_failed&#039;,<br \/>\n            &#039;error_description&#039;: &#039;Invalid username or password&#039;<br \/>\n        }), 401<\/p>\n<h5>17.5.2 \u5b89\u5168\u7684\u4ee4\u724c\u5b58\u50a8\u4e0e\u4f20\u8f93<\/h5>\n<p>javascript<\/p>\n<p>\/\/ \u5ba2\u6237\u7aef\u5b89\u5168\u5b58\u50a8\u4ee4\u724c<br \/>\nclass SecureTokenStorage {<br \/>\n  constructor() {<br \/>\n    this.useLocalStorage &#061; this.testLocalStorage();<br \/>\n    this.memoryStorage &#061; new Map();<br \/>\n  }<\/p>\n<p>  testLocalStorage() {<br \/>\n    try {<br \/>\n      localStorage.setItem(&#039;test&#039;, &#039;test&#039;);<br \/>\n      localStorage.removeItem(&#039;test&#039;);<br \/>\n      return true;<br \/>\n    } catch (e) {<br \/>\n      return false;<br \/>\n    }<br \/>\n  }<\/p>\n<p>  setItem(key, value) {<br \/>\n    if (this.useLocalStorage) {<br \/>\n      localStorage.setItem(key, value);<br \/>\n    } else {<br \/>\n      this.memoryStorage.set(key, value);<br \/>\n    }<br \/>\n  }<\/p>\n<p>  getItem(key) {<br \/>\n    if (this.useLocalStorage) {<br \/>\n      return localStorage.getItem(key);<br \/>\n    } else {<br \/>\n      return this.memoryStorage.get(key);<br \/>\n    }<br \/>\n  }<\/p>\n<p>  removeItem(key) {<br \/>\n    if (this.useLocalStorage) {<br \/>\n      localStorage.removeItem(key);<br \/>\n    } else {<br \/>\n      this.memoryStorage.delete(key);<br \/>\n    }<br \/>\n  }<\/p>\n<p>  \/\/ \u5bf9\u4e8e\u654f\u611f\u4ee4\u724c&#xff0c;\u8003\u8651\u4f7f\u7528sessionStorage\u6216\u52a0\u5bc6\u5b58\u50a8<br \/>\n  storeAccessToken(token) {<br \/>\n    \/\/ \u4f7f\u7528sessionStorage&#xff0c;\u5173\u95ed\u6d4f\u89c8\u5668\u540e\u6e05\u9664<br \/>\n    sessionStorage.setItem(&#039;access_token&#039;, token);<br \/>\n  }<\/p>\n<p>  storeRefreshToken(token) {<br \/>\n    \/\/ \u5237\u65b0\u4ee4\u724c\u53ef\u4ee5\u5b58\u50a8\u66f4\u4e45&#xff0c;\u4f46\u4e5f\u8981\u5b89\u5168<br \/>\n    \/\/ \u8003\u8651\u4f7f\u7528HttpOnly cookie&#xff0c;\u4f46\u8fd9\u91cc\u6f14\u793a\u52a0\u5bc6\u5b58\u50a8<br \/>\n    const encrypted &#061; this.encrypt(token);<br \/>\n    this.setItem(&#039;refresh_token&#039;, encrypted);<br \/>\n  }<\/p>\n<p>  encrypt(text) {<br \/>\n    \/\/ \u7b80\u5355\u7684\u52a0\u5bc6\u793a\u4f8b&#xff0c;\u5b9e\u9645\u4e2d\u5e94\u4f7f\u7528\u66f4\u5b89\u5168\u7684\u52a0\u5bc6\u65b9\u6cd5<br \/>\n    return btoa(text);<br \/>\n  }<\/p>\n<p>  decrypt(encrypted) {<br \/>\n    return atob(encrypted);<br \/>\n  }<br \/>\n}<\/p>\n<h4>17.6 \u76d1\u63a7\u4e0e\u5ba1\u8ba1<\/h4>\n<h5>17.6.1 \u8ba4\u8bc1\u5ba1\u8ba1\u65e5\u5fd7<\/h5>\n<p>python<\/p>\n<p>import logging<br \/>\nfrom datetime import datetime<\/p>\n<p>class AuthAuditLogger:<br \/>\n    def __init__(self):<br \/>\n        self.logger &#061; logging.getLogger(&#039;auth_audit&#039;)<\/p>\n<p>        # \u914d\u7f6e\u6587\u4ef6\u5904\u7406\u5668<br \/>\n        handler &#061; logging.FileHandler(&#039;auth_audit.log&#039;)<br \/>\n        handler.setFormatter(logging.Formatter(<br \/>\n            &#039;%(asctime)s &#8211; %(levelname)s &#8211; %(message)s&#039;<br \/>\n        ))<br \/>\n        self.logger.addHandler(handler)<br \/>\n        self.logger.setLevel(logging.INFO)<\/p>\n<p>    def log_authentication_attempt(self, username, success, ip_address, user_agent, reason&#061;None):<br \/>\n        event &#061; {<br \/>\n            &#039;timestamp&#039;: datetime.utcnow().isoformat(),<br \/>\n            &#039;event_type&#039;: &#039;authentication_attempt&#039;,<br \/>\n            &#039;username&#039;: username,<br \/>\n            &#039;success&#039;: success,<br \/>\n            &#039;ip_address&#039;: ip_address,<br \/>\n            &#039;user_agent&#039;: user_agent,<br \/>\n            &#039;reason&#039;: reason<br \/>\n        }<\/p>\n<p>        self.logger.info(&#039;Authentication attempt: %s&#039;, event)<\/p>\n<p>    def log_token_refresh(self, user_id, success, ip_address):<br \/>\n        event &#061; {<br \/>\n            &#039;timestamp&#039;: datetime.utcnow().isoformat(),<br \/>\n            &#039;event_type&#039;: &#039;token_refresh&#039;,<br \/>\n            &#039;user_id&#039;: user_id,<br \/>\n            &#039;success&#039;: success,<br \/>\n            &#039;ip_address&#039;: ip_address<br \/>\n        }<\/p>\n<p>        self.logger.info(&#039;Token refresh: %s&#039;, event)<\/p>\n<p>    def log_unauthorized_access(self, request_path, method, ip_address, user_agent):<br \/>\n        event &#061; {<br \/>\n            &#039;timestamp&#039;: datetime.utcnow().isoformat(),<br \/>\n            &#039;event_type&#039;: &#039;unauthorized_access&#039;,<br \/>\n            &#039;request_path&#039;: request_path,<br \/>\n            &#039;method&#039;: method,<br \/>\n            &#039;ip_address&#039;: ip_address,<br \/>\n            &#039;user_agent&#039;: user_agent<br \/>\n        }<\/p>\n<p>        self.logger.warning(&#039;Unauthorized access attempt: %s&#039;, event)<\/p>\n<p># \u5728\u8ba4\u8bc1\u8fc7\u7a0b\u4e2d\u4f7f\u7528<br \/>\nauth_logger &#061; AuthAuditLogger()<\/p>\n<p>&#064;app.route(&#039;\/api\/protected&#039;)<br \/>\n&#064;token_required<br \/>\ndef protected_resource():<br \/>\n    # \u8bb0\u5f55\u6210\u529f\u8bbf\u95ee<br \/>\n    auth_logger.log_authentication_attempt(<br \/>\n        username&#061;current_user.username,<br \/>\n        success&#061;True,<br \/>\n        ip_address&#061;request.remote_addr,<br \/>\n        user_agent&#061;request.headers.get(&#039;User-Agent&#039;)<br \/>\n    )<br \/>\n    return jsonify({&#039;message&#039;: &#039;Protected resource&#039;})<\/p>\n<h4>17.7 \u6027\u80fd\u4f18\u5316<\/h4>\n<h5>17.7.1 \u4ee4\u724c\u9a8c\u8bc1\u7f13\u5b58<\/h5>\n<p>python<\/p>\n<p>import hashlib<br \/>\nfrom functools import lru_cache<\/p>\n<p>class TokenValidator:<br \/>\n    def __init__(self):<br \/>\n        self.cache_enabled &#061; True<br \/>\n        self.cache &#061; {}<\/p>\n<p>    def get_cache_key(self, token):<br \/>\n        &#034;&#034;&#034;\u751f\u6210\u4ee4\u724c\u7684\u7f13\u5b58\u952e&#xff08;\u4f7f\u7528\u54c8\u5e0c\u907f\u514d\u5b58\u50a8\u539f\u59cb\u4ee4\u724c&#xff09;&#034;&#034;&#034;<br \/>\n        return hashlib.sha256(token.encode()).hexdigest()<\/p>\n<p>    &#064;lru_cache(maxsize&#061;1000)<br \/>\n    def validate_token_cached(self, token_hash, current_time):<br \/>\n        &#034;&#034;&#034;\u7f13\u5b58\u9a8c\u8bc1\u7ed3\u679c&#xff0c;\u6ce8\u610f&#xff1a;current_time\u53c2\u6570\u7528\u4e8e\u4f7f\u7f13\u5b58\u8fc7\u671f&#034;&#034;&#034;<br \/>\n        # \u6ce8\u610f&#xff1a;\u8fd9\u91cc\u4e0d\u80fd\u76f4\u63a5\u7f13\u5b58\u4ee4\u724c&#xff0c;\u56e0\u4e3a\u4ee4\u724c\u53ef\u80fd\u88ab\u64a4\u9500<br \/>\n        # \u6240\u4ee5\u5b9e\u9645\u4e2d&#xff0c;\u7f13\u5b58\u65f6\u95f4\u5e94\u8be5\u5f88\u77ed&#xff0c;\u6216\u8005\u4f7f\u7528\u4ee4\u724c\u7684\u8fc7\u671f\u65f6\u95f4<br \/>\n        pass<\/p>\n<p>    def validate_token(self, token):<br \/>\n        if not self.cache_enabled:<br \/>\n            return self._validate_token(token)<\/p>\n<p>        cache_key &#061; self.get_cache_key(token)<\/p>\n<p>        # \u68c0\u67e5\u7f13\u5b58<br \/>\n        if cache_key in self.cache:<br \/>\n            cached_result &#061; self.cache[cache_key]<br \/>\n            # \u68c0\u67e5\u7f13\u5b58\u662f\u5426\u8fc7\u671f&#xff08;\u4f8b\u5982&#xff0c;\u7f13\u5b581\u5206\u949f&#xff09;<br \/>\n            if time.time() &#8211; cached_result[&#039;timestamp&#039;] &lt; 60:<br \/>\n                return cached_result[&#039;result&#039;]<\/p>\n<p>        # \u9a8c\u8bc1\u4ee4\u724c<br \/>\n        result &#061; self._validate_token(token)<\/p>\n<p>        # \u7f13\u5b58\u7ed3\u679c<br \/>\n        self.cache[cache_key] &#061; {<br \/>\n            &#039;result&#039;: result,<br \/>\n            &#039;timestamp&#039;: time.time()<br \/>\n        }<\/p>\n<p>        return result<\/p>\n<h4>17.8 \u7279\u6b8a\u573a\u666f\u5904\u7406<\/h4>\n<h5>17.8.1 \u4f1a\u8bdd\u8d85\u65f6\u4e0e\u6ed1\u52a8\u8fc7\u671f<\/h5>\n<p>python<\/p>\n<p># \u6ed1\u52a8\u8fc7\u671f&#xff1a;\u6bcf\u6b21\u6709\u6548\u8bf7\u6c42\u540e\u66f4\u65b0\u4ee4\u724c\u8fc7\u671f\u65f6\u95f4<br \/>\nclass SlidingExpirationToken:<br \/>\n    def __init__(self, initial_ttl&#061;3600, max_ttl&#061;86400):<br \/>\n        self.initial_ttl &#061; initial_ttl<br \/>\n        self.max_ttl &#061; max_ttl<\/p>\n<p>    def create_token(self, user_id):<br \/>\n        &#034;&#034;&#034;\u521b\u5efa\u521d\u59cb\u4ee4\u724c&#034;&#034;&#034;<br \/>\n        now &#061; time.time()<br \/>\n        payload &#061; {<br \/>\n            &#039;sub&#039;: user_id,<br \/>\n            &#039;iat&#039;: now,<br \/>\n            &#039;exp&#039;: now &#043; self.initial_ttl,<br \/>\n            &#039;max_exp&#039;: now &#043; self.max_ttl  # \u7edd\u5bf9\u8fc7\u671f\u65f6\u95f4<br \/>\n        }<br \/>\n        return jwt.encode(payload, SECRET_KEY, algorithm&#061;&#039;HS256&#039;)<\/p>\n<p>    def refresh_token_if_needed(self, token, threshold&#061;300):<br \/>\n        &#034;&#034;&#034;<br \/>\n        \u68c0\u67e5\u4ee4\u724c\u662f\u5426\u9700\u8981\u5237\u65b0&#xff08;\u5728\u8fc7\u671f\u524dthreshold\u79d2&#xff09;<br \/>\n        \u5982\u679c\u9700\u8981&#xff0c;\u521b\u5efa\u65b0\u4ee4\u724c<br \/>\n        &#034;&#034;&#034;<br \/>\n        try:<br \/>\n            payload &#061; jwt.decode(token, SECRET_KEY, algorithms&#061;[&#039;HS256&#039;])<br \/>\n            current_time &#061; time.time()<\/p>\n<p>            # \u68c0\u67e5\u662f\u5426\u8d85\u8fc7\u6700\u5927\u8fc7\u671f\u65f6\u95f4<br \/>\n            if current_time &gt; payload[&#039;max_exp&#039;]:<br \/>\n                return None, &#039;Token has reached maximum lifetime&#039;<\/p>\n<p>            # \u68c0\u67e5\u662f\u5426\u9700\u8981\u5237\u65b0<br \/>\n            if payload[&#039;exp&#039;] &#8211; current_time &lt; threshold:<br \/>\n                # \u521b\u5efa\u65b0\u4ee4\u724c&#xff0c;\u4fdd\u6301\u76f8\u540c\u7684max_exp<br \/>\n                new_payload &#061; {<br \/>\n                    &#039;sub&#039;: payload[&#039;sub&#039;],<br \/>\n                    &#039;iat&#039;: current_time,<br \/>\n                    &#039;exp&#039;: current_time &#043; self.initial_ttl,<br \/>\n                    &#039;max_exp&#039;: payload[&#039;max_exp&#039;]<br \/>\n                }<br \/>\n                new_token &#061; jwt.encode(new_payload, SECRET_KEY, algorithm&#061;&#039;HS256&#039;)<br \/>\n                return new_token, &#039;Token refreshed&#039;<\/p>\n<p>            return token, &#039;Token still valid&#039;<br \/>\n        except jwt.ExpiredSignatureError:<br \/>\n            return None, &#039;Token expired&#039;<br \/>\n        except jwt.InvalidTokenError as e:<br \/>\n            return None, f&#039;Invalid token: {str(e)}&#039;<\/p>\n<p># \u5728\u4e2d\u95f4\u4ef6\u4e2d\u4f7f\u7528<br \/>\n&#064;app.route(&#039;\/api\/protected&#039;)<br \/>\n&#064;token_required<br \/>\ndef protected_resource():<br \/>\n    # \u83b7\u53d6\u5f53\u524d\u4ee4\u724c<br \/>\n    auth_header &#061; request.headers.get(&#039;Authorization&#039;)<br \/>\n    token &#061; auth_header.split()[1]<\/p>\n<p>    # \u68c0\u67e5\u5e76\u5237\u65b0\u4ee4\u724c<br \/>\n    new_token, message &#061; token_manager.refresh_token_if_needed(token)<\/p>\n<p>    if new_token and new_token !&#061; token:<br \/>\n        # \u5728\u54cd\u5e94\u5934\u4e2d\u8fd4\u56de\u65b0\u4ee4\u724c<br \/>\n        response &#061; jsonify({&#039;message&#039;: &#039;Protected resource&#039;})<br \/>\n        response.headers[&#039;X-New-Access-Token&#039;] &#061; new_token<br \/>\n        return response<\/p>\n<p>    return jsonify({&#039;message&#039;: &#039;Protected resource&#039;})<\/p>\n<h3>\u7b2c18\u7ae0&#xff1a;403 Forbidden &#8211; \u6743\u9650\u62d2\u7edd\u673a\u5236<\/h3>\n<h4>18.1 \u5b9a\u4e49\u4e0e\u8bed\u4e49<\/h4>\n<p>403 Forbidden\u00a0\u72b6\u6001\u7801\u8868\u793a\u670d\u52a1\u5668\u7406\u89e3\u8bf7\u6c42&#xff0c;\u4f46\u62d2\u7edd\u6267\u884c\u3002\u4e0e401 Unauthorized\u4e0d\u540c&#xff0c;403\u72b6\u6001\u7801\u901a\u5e38\u7528\u4e8e\u5df2\u7ecf\u901a\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u7684\u7528\u6237&#xff0c;\u4f46\u5176\u6743\u9650\u4e0d\u8db3\u4ee5\u8bbf\u95ee\u7279\u5b9a\u8d44\u6e90\u3002<\/p>\n<p>\u5173\u952e\u7279\u6027&#xff1a;<\/p>\n<ul>\n<li>\n<p>\u8bf7\u6c42\u5df2\u901a\u8fc7\u8eab\u4efd\u9a8c\u8bc1&#xff08;\u6216\u4e0d\u9700\u8981\u8eab\u4efd\u9a8c\u8bc1&#xff09;<\/p>\n<\/li>\n<li>\n<p>\u670d\u52a1\u5668\u660e\u786e\u62d2\u7edd\u6267\u884c\u8bf7\u6c42<\/p>\n<\/li>\n<li>\n<p>\u901a\u5e38\u4e0e\u8bbf\u95ee\u63a7\u5236&#xff08;\u6388\u6743&#xff09;\u76f8\u5173<\/p>\n<\/li>\n<\/ul>\n<p>\u5e38\u89c1\u573a\u666f&#xff1a;<\/p>\n<ul>\n<li>\n<p>\u7528\u6237\u5c1d\u8bd5\u8bbf\u95ee\u672a\u6388\u6743\u8d44\u6e90<\/p>\n<\/li>\n<li>\n<p>\u5c1d\u8bd5\u6267\u884c\u672a\u6388\u6743\u7684\u64cd\u4f5c<\/p>\n<\/li>\n<li>\n<p>IP\u5730\u5740\u88ab\u7981\u6b62<\/p>\n<\/li>\n<li>\n<p>\u8bf7\u6c42\u88ab\u5b89\u5168\u7b56\u7565\u963b\u6b62<\/p>\n<\/li>\n<\/ul>\n<h4>18.2 \u4e0e401\u72b6\u6001\u7801\u7684\u533a\u522b<\/h4>\n<table>\n<tr>\u7279\u6027401 Unauthorized403 Forbidden<\/tr>\n<tbody>\n<tr>\n<td>\u8eab\u4efd\u9a8c\u8bc1\u72b6\u6001<\/td>\n<td>\u672a\u901a\u8fc7\u8eab\u4efd\u9a8c\u8bc1<\/td>\n<td>\u5df2\u901a\u8fc7\u8eab\u4efd\u9a8c\u8bc1&#xff08;\u6216\u4e0d\u9700\u8981&#xff09;<\/td>\n<\/tr>\n<tr>\n<td>\u95ee\u9898\u6839\u6e90<\/td>\n<td>\u8eab\u4efd\u9a8c\u8bc1\u5931\u8d25\u6216\u7f3a\u5931<\/td>\n<td>\u6388\u6743\u5931\u8d25&#xff0c;\u6743\u9650\u4e0d\u8db3<\/td>\n<\/tr>\n<tr>\n<td>\u89e3\u51b3\u65b9\u6848<\/td>\n<td>\u63d0\u4f9b\u6709\u6548\u7684\u8eab\u4efd\u9a8c\u8bc1\u51ed\u8bc1<\/td>\n<td>\u63d0\u5347\u6743\u9650\u6216\u8bf7\u6c42\u5176\u4ed6\u8d44\u6e90<\/td>\n<\/tr>\n<tr>\n<td>\u54cd\u5e94\u5934<\/td>\n<td>\u901a\u5e38\u5305\u542bWWW-Authenticate<\/td>\n<td>\u901a\u5e38\u4e0d\u5305\u542bWWW-Authenticate<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h4>18.3 \u5e38\u89c1\u89e6\u53d1\u573a\u666f<\/h4>\n<h5>18.3.1 \u8d44\u6e90\u6743\u9650\u4e0d\u8db3<\/h5>\n<p>\u7528\u6237\u5c1d\u8bd5\u8bbf\u95ee\u8d85\u51fa\u5176\u6743\u9650\u7ea7\u522b\u7684\u8d44\u6e90&#xff0c;\u4f8b\u5982&#xff1a;<\/p>\n<ul>\n<li>\n<p>\u666e\u901a\u7528\u6237\u5c1d\u8bd5\u8bbf\u95ee\u7ba1\u7406\u5458\u9762\u677f<\/p>\n<\/li>\n<li>\n<p>\u7528\u6237\u5c1d\u8bd5\u8bbf\u95ee\u5176\u4ed6\u7528\u6237\u7684\u79c1\u6709\u6570\u636e<\/p>\n<\/li>\n<\/ul>\n<h5>18.3.2 \u64cd\u4f5c\u6743\u9650\u4e0d\u8db3<\/h5>\n<p>\u7528\u6237\u5c1d\u8bd5\u6267\u884c\u672a\u6388\u6743\u7684\u64cd\u4f5c&#xff0c;\u4f8b\u5982&#xff1a;<\/p>\n<ul>\n<li>\n<p>\u53ea\u8bfb\u7528\u6237\u5c1d\u8bd5\u5199\u5165\u64cd\u4f5c<\/p>\n<\/li>\n<li>\n<p>\u975e\u6240\u6709\u8005\u5c1d\u8bd5\u5220\u9664\u8d44\u6e90<\/p>\n<\/li>\n<\/ul>\n<h5>18.3.3 \u5b89\u5168\u7b56\u7565\u9650\u5236<\/h5>\n<ul>\n<li>\n<p>IP\u5730\u5740\u88ab\u5217\u5165\u9ed1\u540d\u5355<\/p>\n<\/li>\n<li>\n<p>\u7528\u6237\u4ee3\u7406\u88ab\u963b\u6b62<\/p>\n<\/li>\n<li>\n<p>\u8bf7\u6c42\u65f6\u95f4\u9650\u5236&#xff08;\u5982\u529e\u516c\u65f6\u95f4\u5916\u7981\u6b62\u8bbf\u95ee&#xff09;<\/p>\n<\/li>\n<\/ul>\n<h5>18.3.4 \u5185\u5bb9\u8bbf\u95ee\u63a7\u5236<\/h5>\n<ul>\n<li>\n<p>\u5730\u7406\u9650\u5236\u5185\u5bb9&#xff08;\u533a\u57df\u5c01\u9501&#xff09;<\/p>\n<\/li>\n<li>\n<p>\u5e74\u9f84\u9650\u5236\u5185\u5bb9<\/p>\n<\/li>\n<li>\n<p>\u4ed8\u8d39\u5899\u540e\u7684\u5185\u5bb9<\/p>\n<\/li>\n<\/ul>\n<h4>18.4 \u8be6\u7ec6\u5b9e\u73b0\u4e0e\u6700\u4f73\u5b9e\u8df5<\/h4>\n<h5>18.4.1 \u57fa\u4e8e\u89d2\u8272\u7684\u8bbf\u95ee\u63a7\u5236&#xff08;RBAC&#xff09;<\/h5>\n<p>python<\/p>\n<p># Python\u793a\u4f8b&#xff1a;RBAC\u6743\u9650\u68c0\u67e5<br \/>\nfrom enum import Enum<br \/>\nfrom functools import wraps<br \/>\nfrom flask import request, jsonify, g<\/p>\n<p>class Role(Enum):<br \/>\n    ADMIN &#061; &#034;admin&#034;<br \/>\n    EDITOR &#061; &#034;editor&#034;<br \/>\n    VIEWER &#061; &#034;viewer&#034;<br \/>\n    GUEST &#061; &#034;guest&#034;<\/p>\n<p>class Permission(Enum):<br \/>\n    CREATE &#061; &#034;create&#034;<br \/>\n    READ &#061; &#034;read&#034;<br \/>\n    UPDATE &#061; &#034;update&#034;<br \/>\n    DELETE &#061; &#034;delete&#034;<br \/>\n    MANAGE_USERS &#061; &#034;manage_users&#034;<\/p>\n<p># \u5b9a\u4e49\u89d2\u8272\u6743\u9650\u6620\u5c04<br \/>\nROLE_PERMISSIONS &#061; {<br \/>\n    Role.ADMIN: {<br \/>\n        Permission.CREATE,<br \/>\n        Permission.READ,<br \/>\n        Permission.UPDATE,<br \/>\n        Permission.DELETE,<br \/>\n        Permission.MANAGE_USERS<br \/>\n    },<br \/>\n    Role.EDITOR: {<br \/>\n        Permission.CREATE,<br \/>\n        Permission.READ,<br \/>\n        Permission.UPDATE<br \/>\n    },<br \/>\n    Role.VIEWER: {<br \/>\n        Permission.READ<br \/>\n    },<br \/>\n    Role.GUEST: set()<br \/>\n}<\/p>\n<p>def check_permission(required_permission: Permission):<br \/>\n    &#034;&#034;&#034;\u68c0\u67e5\u7528\u6237\u662f\u5426\u62e5\u6709\u6240\u9700\u6743\u9650\u7684\u88c5\u9970\u5668&#034;&#034;&#034;<br \/>\n    def decorator(f):<br \/>\n        &#064;wraps(f)<br \/>\n        def decorated_function(*args, **kwargs):<br \/>\n            # \u4ece\u8bf7\u6c42\u4e0a\u4e0b\u6587\u4e2d\u83b7\u53d6\u7528\u6237\u89d2\u8272<br \/>\n            user_role &#061; getattr(g, &#039;user_role&#039;, None)<\/p>\n<p>            if not user_role:<br \/>\n                return jsonify({<br \/>\n                    &#034;error&#034;: {<br \/>\n                        &#034;code&#034;: &#034;AUTHENTICATION_REQUIRED&#034;,<br \/>\n                        &#034;message&#034;: &#034;\u9700\u8981\u8eab\u4efd\u9a8c\u8bc1&#034;<br \/>\n                    }<br \/>\n                }), 401<\/p>\n<p>            # \u83b7\u53d6\u7528\u6237\u89d2\u8272\u5bf9\u5e94\u7684\u6743\u9650<br \/>\n            user_permissions &#061; ROLE_PERMISSIONS.get(user_role, set())<\/p>\n<p>            # \u68c0\u67e5\u6743\u9650<br \/>\n            if required_permission not in user_permissions:<br \/>\n                return jsonify({<br \/>\n                    &#034;error&#034;: {<br \/>\n                        &#034;code&#034;: &#034;INSUFFICIENT_PERMISSIONS&#034;,<br \/>\n                        &#034;message&#034;: f&#034;\u6267\u884c\u6b64\u64cd\u4f5c\u9700\u8981 {required_permission.value} \u6743\u9650&#034;,<br \/>\n                        &#034;required_permission&#034;: required_permission.value,<br \/>\n                        &#034;user_role&#034;: user_role.value,<br \/>\n                        &#034;user_permissions&#034;: [p.value for p in user_permissions]<br \/>\n                    }<br \/>\n                }), 403<\/p>\n<p>            return f(*args, **kwargs)<br \/>\n        return decorated_function<br \/>\n    return decorator<\/p>\n<p># \u4f7f\u7528\u793a\u4f8b<br \/>\n&#064;app.route(&#039;\/api\/users&#039;, methods&#061;[&#039;POST&#039;])<br \/>\n&#064;check_permission(Permission.CREATE)<br \/>\ndef create_user():<br \/>\n    # \u521b\u5efa\u7528\u6237\u903b\u8f91<br \/>\n    pass<\/p>\n<p>&#064;app.route(&#039;\/api\/users\/&lt;user_id&gt;&#039;, methods&#061;[&#039;DELETE&#039;])<br \/>\n&#064;check_permission(Permission.DELETE)<br \/>\ndef delete_user(user_id):<br \/>\n    # \u5220\u9664\u7528\u6237\u903b\u8f91<br \/>\n    pass<\/p>\n<h5>18.4.2 \u57fa\u4e8e\u5c5e\u6027\u7684\u8bbf\u95ee\u63a7\u5236&#xff08;ABAC&#xff09;<\/h5>\n<p>python<\/p>\n<p># Python\u793a\u4f8b&#xff1a;ABAC\u6743\u9650\u68c0\u67e5<br \/>\nfrom typing import Dict, Any<br \/>\nfrom dataclasses import dataclass<br \/>\nfrom enum import Enum<\/p>\n<p>&#064;dataclass<br \/>\nclass User:<br \/>\n    id: str<br \/>\n    role: str<br \/>\n    department: str<br \/>\n    clearance_level: int<\/p>\n<p>&#064;dataclass<br \/>\nclass Resource:<br \/>\n    id: str<br \/>\n    owner_id: str<br \/>\n    department: str<br \/>\n    required_clearance: int<\/p>\n<p>class Action(Enum):<br \/>\n    READ &#061; &#034;read&#034;<br \/>\n    WRITE &#061; &#034;write&#034;<br \/>\n    DELETE &#061; &#034;delete&#034;<\/p>\n<p>class ABACPolicyEngine:<br \/>\n    def __init__(self):<br \/>\n        self.policies &#061; self.load_policies()<\/p>\n<p>    def load_policies(self):<br \/>\n        &#034;&#034;&#034;\u52a0\u8f7dABAC\u7b56\u7565&#034;&#034;&#034;<br \/>\n        return [<br \/>\n            # \u653f\u7b561&#xff1a;\u7528\u6237\u53ea\u80fd\u8bfb\u53d6\u81ea\u5df1\u90e8\u95e8\u7684\u8d44\u6e90<br \/>\n            {<br \/>\n                &#034;id&#034;: &#034;department_read&#034;,<br \/>\n                &#034;description&#034;: &#034;\u7528\u6237\u53ea\u80fd\u8bfb\u53d6\u81ea\u5df1\u90e8\u95e8\u7684\u8d44\u6e90&#034;,<br \/>\n                &#034;effect&#034;: &#034;allow&#034;,<br \/>\n                &#034;conditions&#034;: {<br \/>\n                    &#034;action&#034;: Action.READ,<br \/>\n                    &#034;user.department&#034;: &#034;resource.department&#034;<br \/>\n                }<br \/>\n            },<br \/>\n            # \u653f\u7b562&#xff1a;\u7528\u6237\u9700\u8981\u8db3\u591f\u7684\u5bc6\u7ea7<br \/>\n            {<br \/>\n                &#034;id&#034;: &#034;clearance_level&#034;,<br \/>\n                &#034;description&#034;: &#034;\u7528\u6237\u5bc6\u7ea7\u5fc5\u987b\u5927\u4e8e\u7b49\u4e8e\u8d44\u6e90\u6240\u9700\u5bc6\u7ea7&#034;,<br \/>\n                &#034;effect&#034;: &#034;allow&#034;,<br \/>\n                &#034;conditions&#034;: {<br \/>\n                    &#034;user.clearance_level&#034;: &#034;&gt;&#061; resource.required_clearance&#034;<br \/>\n                }<br \/>\n            },<br \/>\n            # \u653f\u7b563&#xff1a;\u8d44\u6e90\u6240\u6709\u8005\u6709\u5b8c\u5168\u8bbf\u95ee\u6743\u9650<br \/>\n            {<br \/>\n                &#034;id&#034;: &#034;resource_owner&#034;,<br \/>\n                &#034;description&#034;: &#034;\u8d44\u6e90\u6240\u6709\u8005\u53ef\u4ee5\u6267\u884c\u4efb\u4f55\u64cd\u4f5c&#034;,<br \/>\n                &#034;effect&#034;: &#034;allow&#034;,<br \/>\n                &#034;conditions&#034;: {<br \/>\n                    &#034;user.id&#034;: &#034;resource.owner_id&#034;<br \/>\n                }<br \/>\n            },<br \/>\n            # \u653f\u7b564&#xff1a;\u7981\u6b62\u5220\u9664\u9ad8\u5bc6\u7ea7\u8d44\u6e90<br \/>\n            {<br \/>\n                &#034;id&#034;: &#034;no_delete_high_clearance&#034;,<br \/>\n                &#034;description&#034;: &#034;\u7981\u6b62\u5220\u9664\u9ad8\u5bc6\u7ea7\u8d44\u6e90&#034;,<br \/>\n                &#034;effect&#034;: &#034;deny&#034;,<br \/>\n                &#034;conditions&#034;: {<br \/>\n                    &#034;action&#034;: Action.DELETE,<br \/>\n                    &#034;resource.required_clearance&#034;: &#034;&gt; 3&#034;<br \/>\n                }<br \/>\n            }<br \/>\n        ]<\/p>\n<p>    def evaluate(self, user: User, action: Action, resource: Resource) -&gt; bool:<br \/>\n        &#034;&#034;&#034;\u8bc4\u4f30\u7528\u6237\u662f\u5426\u6709\u6743\u9650\u6267\u884c\u64cd\u4f5c&#034;&#034;&#034;<\/p>\n<p>        # \u9996\u5148\u68c0\u67e5\u62d2\u7edd\u7b56\u7565<br \/>\n        for policy in self.policies:<br \/>\n            if policy[&#034;effect&#034;] &#061;&#061; &#034;deny&#034; and self.matches_policy(user, action, resource, policy):<br \/>\n                return False<\/p>\n<p>        # \u7136\u540e\u68c0\u67e5\u5141\u8bb8\u7b56\u7565<br \/>\n        for policy in self.policies:<br \/>\n            if policy[&#034;effect&#034;] &#061;&#061; &#034;allow&#034; and self.matches_policy(user, action, resource, policy):<br \/>\n                return True<\/p>\n<p>        # \u9ed8\u8ba4\u62d2\u7edd<br \/>\n        return False<\/p>\n<p>    def matches_policy(self, user: User, action: Action, resource: Resource, policy: Dict) -&gt; bool:<br \/>\n        &#034;&#034;&#034;\u68c0\u67e5\u662f\u5426\u5339\u914d\u7b56\u7565\u6761\u4ef6&#034;&#034;&#034;<br \/>\n        conditions &#061; policy.get(&#034;conditions&#034;, {})<\/p>\n<p>        for key, expected in conditions.items():<br \/>\n            # \u89e3\u6790\u952e\u8def\u5f84<br \/>\n            if key &#061;&#061; &#034;action&#034;:<br \/>\n                actual &#061; action<br \/>\n            elif key.startswith(&#034;user.&#034;):<br \/>\n                attr &#061; key.split(&#034;.&#034;)[1]<br \/>\n                actual &#061; getattr(user, attr, None)<br \/>\n            elif key.startswith(&#034;resource.&#034;):<br \/>\n                attr &#061; key.split(&#034;.&#034;)[1]<br \/>\n                actual &#061; getattr(resource, attr, None)<br \/>\n            else:<br \/>\n                continue<\/p>\n<p>            # \u7279\u6b8a\u5904\u7406\u6bd4\u8f83\u64cd\u4f5c\u7b26<br \/>\n            if isinstance(expected, str) and expected.startswith(&#034;&gt;&#061;&#034;):<br \/>\n                try:<br \/>\n                    threshold &#061; int(expected[2:])<br \/>\n                    return int(actual) &gt;&#061; threshold<br \/>\n                except:<br \/>\n                    return False<br \/>\n            elif isinstance(expected, str) and expected.startswith(&#034;&gt;&#034;):<br \/>\n                try:<br \/>\n                    threshold &#061; int(expected[1:])<br \/>\n                    return int(actual) &gt; threshold<br \/>\n                except:<br \/>\n                    return False<br \/>\n            elif isinstance(expected, str) and expected.startswith(&#034;&lt;&#061;&#034;):<br \/>\n                try:<br \/>\n                    threshold &#061; int(expected[2:])<br \/>\n                    return int(actual) &lt;&#061; threshold<br \/>\n                except:<br \/>\n                    return False<br \/>\n            elif isinstance(expected, str) and expected.startswith(&#034;&lt;&#034;):<br \/>\n                try:<br \/>\n                    threshold &#061; int(expected[1:])<br \/>\n                    return int(actual) &lt; threshold<br \/>\n                except:<br \/>\n                    return False<br \/>\n            else:<br \/>\n                # \u7b80\u5355\u76f8\u7b49\u6bd4\u8f83<br \/>\n                if isinstance(expected, str) and expected.startswith(&#034;resource.&#034;):<br \/>\n                    # \u9700\u8981\u6bd4\u8f83\u8d44\u6e90\u5c5e\u6027<br \/>\n                    res_attr &#061; expected.split(&#034;.&#034;)[1]<br \/>\n                    res_value &#061; getattr(resource, res_attr, None)<br \/>\n                    return actual &#061;&#061; res_value<\/p>\n<p>                return actual &#061;&#061; expected<\/p>\n<p>        return True<\/p>\n<p># \u4f7f\u7528ABAC\u5f15\u64ce<br \/>\nabac_engine &#061; ABACPolicyEngine()<\/p>\n<p>def check_abac_permission(user: User, action: Action, resource: Resource):<br \/>\n    if not abac_engine.evaluate(user, action, resource):<br \/>\n        return jsonify({<br \/>\n            &#034;error&#034;: {<br \/>\n                &#034;code&#034;: &#034;ACCESS_DENIED&#034;,<br \/>\n                &#034;message&#034;: &#034;\u8bbf\u95ee\u88ab\u62d2\u7edd&#034;,<br \/>\n                &#034;details&#034;: {<br \/>\n                    &#034;user_id&#034;: user.id,<br \/>\n                    &#034;action&#034;: action.value,<br \/>\n                    &#034;resource_id&#034;: resource.id,<br \/>\n                    &#034;reason&#034;: &#034;\u4e0d\u7b26\u5408\u8bbf\u95ee\u63a7\u5236\u7b56\u7565&#034;<br \/>\n                }<br \/>\n            }<br \/>\n        }), 403<br \/>\n    return None<\/p>\n<h5>18.4.3 \u8d44\u6e90\u7ea7\u6743\u9650\u63a7\u5236<\/h5>\n<p>python<\/p>\n<p># \u8d44\u6e90\u7ea7\u6743\u9650\u68c0\u67e5\u793a\u4f8b<br \/>\nclass ResourcePermissionChecker:<br \/>\n    def __init__(self, db_session):<br \/>\n        self.db &#061; db_session<\/p>\n<p>    def check_resource_access(self, user_id: str, resource_id: str, required_access: str) -&gt; bool:<br \/>\n        &#034;&#034;&#034;\u68c0\u67e5\u7528\u6237\u5bf9\u7279\u5b9a\u8d44\u6e90\u7684\u8bbf\u95ee\u6743\u9650&#034;&#034;&#034;<\/p>\n<p>        # 1. \u68c0\u67e5\u7528\u6237\u662f\u5426\u662f\u8d44\u6e90\u6240\u6709\u8005<br \/>\n        resource &#061; self.db.query(Resource).get(resource_id)<br \/>\n        if not resource:<br \/>\n            return False<\/p>\n<p>        if resource.owner_id &#061;&#061; user_id:<br \/>\n            return True<\/p>\n<p>        # 2. \u68c0\u67e5\u76f4\u63a5\u6743\u9650\u5206\u914d<br \/>\n        direct_permission &#061; self.db.query(ResourcePermission).filter_by(<br \/>\n            user_id&#061;user_id,<br \/>\n            resource_id&#061;resource_id,<br \/>\n            access_level&#061;required_access<br \/>\n        ).first()<\/p>\n<p>        if direct_permission:<br \/>\n            return True<\/p>\n<p>        # 3. \u68c0\u67e5\u7ec4\u6743\u9650<br \/>\n        user_groups &#061; self.get_user_groups(user_id)<br \/>\n        group_permission &#061; self.db.query(ResourcePermission).filter(<br \/>\n            ResourcePermission.group_id.in_(user_groups),<br \/>\n            ResourcePermission.resource_id &#061;&#061; resource_id,<br \/>\n            ResourcePermission.access_level &#061;&#061; required_access<br \/>\n        ).first()<\/p>\n<p>        if group_permission:<br \/>\n            return True<\/p>\n<p>        # 4. \u68c0\u67e5\u57fa\u4e8e\u89d2\u8272\u7684\u6743\u9650<br \/>\n        user_role &#061; self.get_user_role(user_id)<br \/>\n        role_permissions &#061; ROLE_RESOURCE_PERMISSIONS.get(user_role, {})<\/p>\n<p>        if resource.type in role_permissions:<br \/>\n            allowed_access_levels &#061; role_permissions[resource.type]<br \/>\n            if required_access in allowed_access_levels:<br \/>\n                return True<\/p>\n<p>        return False<\/p>\n<p>    def enforce_resource_access(self, user_id: str, resource_id: str, required_access: str):<br \/>\n        &#034;&#034;&#034;\u5f3a\u5236\u8d44\u6e90\u8bbf\u95ee\u63a7\u5236&#xff0c;\u5931\u8d25\u65f6\u629b\u51fa403&#034;&#034;&#034;<br \/>\n        if not self.check_resource_access(user_id, resource_id, required_access):<br \/>\n            raise ForbiddenError(<br \/>\n                code&#061;&#034;RESOURCE_ACCESS_DENIED&#034;,<br \/>\n                message&#061;&#034;\u60a8\u6ca1\u6709\u8bbf\u95ee\u6b64\u8d44\u6e90\u7684\u6743\u9650&#034;,<br \/>\n                details&#061;{<br \/>\n                    &#034;resource_id&#034;: resource_id,<br \/>\n                    &#034;required_access&#034;: required_access<br \/>\n                }<br \/>\n            )<\/p>\n<p># \u81ea\u5b9a\u4e49403\u9519\u8bef<br \/>\nclass ForbiddenError(Exception):<br \/>\n    def __init__(self, code: str, message: str, details: dict &#061; None):<br \/>\n        self.code &#061; code<br \/>\n        self.message &#061; message<br \/>\n        self.details &#061; details or {}<br \/>\n        super().__init__(message)<\/p>\n<p># \u5168\u5c40\u9519\u8bef\u5904\u7406\u5668<br \/>\n&#064;app.errorhandler(ForbiddenError)<br \/>\ndef handle_forbidden_error(error):<br \/>\n    response &#061; jsonify({<br \/>\n        &#034;error&#034;: {<br \/>\n            &#034;code&#034;: error.code,<br \/>\n            &#034;message&#034;: error.message,<br \/>\n            &#034;details&#034;: error.details<br \/>\n        }<br \/>\n    })<br \/>\n    response.status_code &#061; 403<br \/>\n    return response<\/p>\n<h4>18.5 \u5ba2\u6237\u7aef\u5904\u7406\u7b56\u7565<\/h4>\n<h5>18.5.1 \u53cb\u597d\u7684\u6743\u9650\u62d2\u7edd\u754c\u9762<\/h5>\n<p>jsx<\/p>\n<p>\/\/ React\u7ec4\u4ef6&#xff1a;\u6743\u9650\u62d2\u7edd\u754c\u9762<br \/>\nfunction ForbiddenPage({ error, resource, requiredPermission }) {<br \/>\n  const [showDetails, setShowDetails] &#061; useState(false);<\/p>\n<p>  \/\/ \u6839\u636e\u9519\u8bef\u4ee3\u7801\u63d0\u4f9b\u4e0d\u540c\u7684\u5efa\u8bae<br \/>\n  const getSuggestions &#061; (errorCode) &#061;&gt; {<br \/>\n    const suggestions &#061; {<br \/>\n      &#039;INSUFFICIENT_PERMISSIONS&#039;: [<br \/>\n        &#039;\u8054\u7cfb\u7ba1\u7406\u5458\u7533\u8bf7\u76f8\u5e94\u6743\u9650&#039;,<br \/>\n        &#039;\u68c0\u67e5\u60a8\u5f53\u524d\u7684\u89d2\u8272\u548c\u6743\u9650\u8bbe\u7f6e&#039;,<br \/>\n        &#039;\u5982\u679c\u60a8\u5e94\u8be5\u6709\u6b64\u6743\u9650&#xff0c;\u8bf7\u91cd\u65b0\u767b\u5f55&#039;<br \/>\n      ],<br \/>\n      &#039;RESOURCE_ACCESS_DENIED&#039;: [<br \/>\n        &#039;\u786e\u8ba4\u60a8\u662f\u5426\u6709\u6743\u8bbf\u95ee\u6b64\u8d44\u6e90&#039;,<br \/>\n        &#039;\u8d44\u6e90\u53ef\u80fd\u5df2\u88ab\u79fb\u52a8\u6216\u5220\u9664&#039;,<br \/>\n        &#039;\u8054\u7cfb\u8d44\u6e90\u6240\u6709\u8005\u8bf7\u6c42\u8bbf\u95ee\u6743\u9650&#039;<br \/>\n      ],<br \/>\n      &#039;IP_BLOCKED&#039;: [<br \/>\n        &#039;\u60a8\u7684IP\u5730\u5740\u53ef\u80fd\u88ab\u5b89\u5168\u7b56\u7565\u963b\u6b62&#039;,<br \/>\n        &#039;\u5c1d\u8bd5\u4f7f\u7528\u5176\u4ed6\u7f51\u7edc\u8fde\u63a5&#039;,<br \/>\n        &#039;\u8054\u7cfb\u7cfb\u7edf\u7ba1\u7406\u5458\u89e3\u51b3\u6b64\u95ee\u9898&#039;<br \/>\n      ],<br \/>\n      &#039;GEO_RESTRICTED&#039;: [<br \/>\n        &#039;\u6b64\u5185\u5bb9\u5728\u60a8\u6240\u5728\u533a\u57df\u4e0d\u53ef\u7528&#039;,<br \/>\n        &#039;\u8bf7\u68c0\u67e5\u60a8\u7684\u4f4d\u7f6e\u8bbe\u7f6e&#039;,<br \/>\n        &#039;\u4f7f\u7528VPN\u53ef\u80fd\u5bfc\u81f4\u6b64\u95ee\u9898&#039;<br \/>\n      ]<br \/>\n    };<\/p>\n<p>    return suggestions[errorCode] || [<br \/>\n      &#039;\u60a8\u6ca1\u6709\u6267\u884c\u6b64\u64cd\u4f5c\u7684\u6743\u9650&#039;,<br \/>\n      &#039;\u8bf7\u68c0\u67e5\u60a8\u7684\u8d26\u6237\u8bbe\u7f6e&#039;,<br \/>\n      &#039;\u5982\u9700\u5e2e\u52a9&#xff0c;\u8bf7\u8054\u7cfb\u652f\u6301\u56e2\u961f&#039;<br \/>\n    ];<br \/>\n  };<\/p>\n<p>  const suggestions &#061; getSuggestions(error?.code);<\/p>\n<p>  return (<br \/>\n    &lt;div className&#061;&#034;forbidden-container&#034;&gt;<br \/>\n      &lt;div className&#061;&#034;forbidden-header&#034;&gt;<br \/>\n        &lt;Lock size&#061;{48} \/&gt;<br \/>\n        &lt;h1&gt;\u8bbf\u95ee\u88ab\u62d2\u7edd&lt;\/h1&gt;<br \/>\n        &lt;p className&#061;&#034;error-message&#034;&gt;<br \/>\n          {error?.message || &#039;\u60a8\u6ca1\u6709\u6743\u9650\u6267\u884c\u6b64\u64cd\u4f5c&#039;}<br \/>\n        &lt;\/p&gt;<br \/>\n      &lt;\/div&gt;<\/p>\n<p>      &lt;div className&#061;&#034;forbidden-content&#034;&gt;<br \/>\n        {resource &amp;&amp; (<br \/>\n          &lt;div className&#061;&#034;resource-info&#034;&gt;<br \/>\n            &lt;h3&gt;\u8d44\u6e90\u4fe1\u606f&lt;\/h3&gt;<br \/>\n            &lt;p&gt;&lt;strong&gt;\u8d44\u6e90:&lt;\/strong&gt; {resource.name || resource.id}&lt;\/p&gt;<br \/>\n            {requiredPermission &amp;&amp; (<br \/>\n              &lt;p&gt;&lt;strong&gt;\u6240\u9700\u6743\u9650:&lt;\/strong&gt; {requiredPermission}&lt;\/p&gt;<br \/>\n            )}<br \/>\n          &lt;\/div&gt;<br \/>\n        )}<\/p>\n<p>        &lt;div className&#061;&#034;suggestions&#034;&gt;<br \/>\n          &lt;h3&gt;\u60a8\u53ef\u4ee5\u5c1d\u8bd5\u4ee5\u4e0b\u64cd\u4f5c&#xff1a;&lt;\/h3&gt;<br \/>\n          &lt;ul&gt;<br \/>\n            {suggestions.map((suggestion, index) &#061;&gt; (<br \/>\n              &lt;li key&#061;{index}&gt;{suggestion}&lt;\/li&gt;<br \/>\n            ))}<br \/>\n          &lt;\/ul&gt;<br \/>\n        &lt;\/div&gt;<\/p>\n<p>        &lt;div className&#061;&#034;action-buttons&#034;&gt;<br \/>\n          &lt;button onClick&#061;{() &#061;&gt; window.history.back()}&gt;<br \/>\n            \u2190 \u8fd4\u56de\u4e0a\u4e00\u9875<br \/>\n          &lt;\/button&gt;<br \/>\n          &lt;button onClick&#061;{() &#061;&gt; window.location.href &#061; &#039;\/dashboard&#039;}&gt;<br \/>\n            \u8fd4\u56de\u4e3b\u9875<br \/>\n          &lt;\/button&gt;<br \/>\n          {error?.code &#061;&#061;&#061; &#039;INSUFFICIENT_PERMISSIONS&#039; &amp;&amp; (<br \/>\n            &lt;button onClick&#061;{() &#061;&gt; window.location.href &#061; &#039;\/request-permission&#039;}&gt;<br \/>\n              \u7533\u8bf7\u6743\u9650<br \/>\n            &lt;\/button&gt;<br \/>\n          )}<br \/>\n          &lt;button onClick&#061;{() &#061;&gt; setShowDetails(!showDetails)}&gt;<br \/>\n            {showDetails ? &#039;\u9690\u85cf\u6280\u672f\u8be6\u60c5&#039; : &#039;\u663e\u793a\u6280\u672f\u8be6\u60c5&#039;}<br \/>\n          &lt;\/button&gt;<br \/>\n        &lt;\/div&gt;<\/p>\n<p>        {showDetails &amp;&amp; error &amp;&amp; (<br \/>\n          &lt;div className&#061;&#034;technical-details&#034;&gt;<br \/>\n            &lt;h4&gt;\u6280\u672f\u8be6\u60c5&lt;\/h4&gt;<br \/>\n            &lt;pre&gt;{JSON.stringify(error, null, 2)}&lt;\/pre&gt;<br \/>\n            {error.details &amp;&amp; (<br \/>\n              &lt;&gt;<br \/>\n                &lt;h5&gt;\u8be6\u7ec6\u4fe1\u606f&lt;\/h5&gt;<br \/>\n                &lt;pre&gt;{JSON.stringify(error.details, null, 2)}&lt;\/pre&gt;<br \/>\n              &lt;\/&gt;<br \/>\n            )}<br \/>\n          &lt;\/div&gt;<br \/>\n        )}<br \/>\n      &lt;\/div&gt;<br \/>\n    &lt;\/div&gt;<br \/>\n  );<br \/>\n}<\/p>\n<h5>18.5.2 \u6743\u9650\u9884\u68c0\u4e0e\u6761\u4ef6\u6e32\u67d3<\/h5>\n<p>javascript<\/p>\n<p>\/\/ \u524d\u7aef\u6743\u9650\u68c0\u67e5\u5de5\u5177<br \/>\nclass PermissionManager {<br \/>\n  constructor() {<br \/>\n    this.userPermissions &#061; null;<br \/>\n    this.resourcePermissions &#061; new Map();<br \/>\n  }<\/p>\n<p>  async loadUserPermissions() {<br \/>\n    \/\/ \u4eceAPI\u52a0\u8f7d\u7528\u6237\u6743\u9650<br \/>\n    const response &#061; await fetch(&#039;\/api\/user\/permissions&#039;);<br \/>\n    if (response.ok) {<br \/>\n      this.userPermissions &#061; await response.json();<br \/>\n      return this.userPermissions;<br \/>\n    }<br \/>\n    return null;<br \/>\n  }<\/p>\n<p>  async checkPermission(resourceType, action, resourceId &#061; null) {<br \/>\n    \/\/ \u68c0\u67e5\u7279\u5b9a\u6743\u9650<br \/>\n    if (!this.userPermissions) {<br \/>\n      await this.loadUserPermissions();<br \/>\n    }<\/p>\n<p>    \/\/ \u901a\u7528\u6743\u9650\u68c0\u67e5<br \/>\n    const hasGlobalPermission &#061; this.userPermissions?.global?.[resourceType]?.includes(action);<br \/>\n    if (hasGlobalPermission) {<br \/>\n      return true;<br \/>\n    }<\/p>\n<p>    \/\/ \u8d44\u6e90\u7279\u5b9a\u6743\u9650\u68c0\u67e5<br \/>\n    if (resourceId) {<br \/>\n      \/\/ \u68c0\u67e5\u662f\u5426\u5df2\u7f13\u5b58\u6b64\u8d44\u6e90\u7684\u6743\u9650<br \/>\n      if (this.resourcePermissions.has(resourceId)) {<br \/>\n        const resourcePerms &#061; this.resourcePermissions.get(resourceId);<br \/>\n        return resourcePerms[action] || false;<br \/>\n      }<\/p>\n<p>      \/\/ \u4eceAPI\u83b7\u53d6\u8d44\u6e90\u7279\u5b9a\u6743\u9650<br \/>\n      const response &#061; await fetch(&#096;\/api\/resources\/${resourceId}\/permissions&#096;);<br \/>\n      if (response.ok) {<br \/>\n        const resourcePerms &#061; await response.json();<br \/>\n        this.resourcePermissions.set(resourceId, resourcePerms);<br \/>\n        return resourcePerms[action] || false;<br \/>\n      }<br \/>\n    }<\/p>\n<p>    return false;<br \/>\n  }<\/p>\n<p>  \/\/ \u9ad8\u9636\u7ec4\u4ef6&#xff1a;\u6761\u4ef6\u6e32\u67d3<br \/>\n  withPermission(RequiredComponent, FallbackComponent, resourceType, action) {<br \/>\n    return class extends React.Component {<br \/>\n      state &#061; {<br \/>\n        hasPermission: false,<br \/>\n        isLoading: true<br \/>\n      };<\/p>\n<p>      async componentDidMount() {<br \/>\n        const { resourceId } &#061; this.props;<br \/>\n        const hasPermission &#061; await this.props.permissionManager.checkPermission(<br \/>\n          resourceType, action, resourceId<br \/>\n        );<\/p>\n<p>        this.setState({<br \/>\n          hasPermission,<br \/>\n          isLoading: false<br \/>\n        });<br \/>\n      }<\/p>\n<p>      render() {<br \/>\n        const { hasPermission, isLoading } &#061; this.state;<\/p>\n<p>        if (isLoading) {<br \/>\n          return &lt;div&gt;\u68c0\u67e5\u6743\u9650\u4e2d&#8230;&lt;\/div&gt;;<br \/>\n        }<\/p>\n<p>        if (hasPermission) {<br \/>\n          return &lt;RequiredComponent {&#8230;this.props} \/&gt;;<br \/>\n        }<\/p>\n<p>        if (FallbackComponent) {<br \/>\n          return &lt;FallbackComponent {&#8230;this.props} \/&gt;;<br \/>\n        }<\/p>\n<p>        return null;<br \/>\n      }<br \/>\n    };<br \/>\n  }<\/p>\n<p>  \/\/ \u5de5\u5177\u51fd\u6570&#xff1a;\u9690\u85cf\u65e0\u6743\u9650\u7684\u5143\u7d20<br \/>\n  hideUnauthorizedElements() {<br \/>\n    \/\/ \u67e5\u627e\u6240\u6709\u9700\u8981\u6743\u9650\u7684\u5143\u7d20<br \/>\n    const permissionElements &#061; document.querySelectorAll(&#039;[data-require-permission]&#039;);<\/p>\n<p>    permissionElements.forEach(async (element) &#061;&gt; {<br \/>\n      const permissionString &#061; element.dataset.requirePermission;<br \/>\n      const [resourceType, action, resourceId] &#061; permissionString.split(&#039;:&#039;);<\/p>\n<p>      const hasPermission &#061; await this.checkPermission(resourceType, action, resourceId || null);<\/p>\n<p>      if (!hasPermission) {<br \/>\n        element.style.display &#061; &#039;none&#039;;<br \/>\n      }<br \/>\n    });<br \/>\n  }<br \/>\n}<\/p>\n<p>\/\/ \u4f7f\u7528\u793a\u4f8b<br \/>\nconst permissionManager &#061; new PermissionManager();<\/p>\n<p>\/\/ \u5728React\u7ec4\u4ef6\u4e2d\u4f7f\u7528<br \/>\nconst EditButton &#061; ({ resourceId }) &#061;&gt; (<br \/>\n  &lt;button&gt;\u7f16\u8f91&lt;\/button&gt;<br \/>\n);<\/p>\n<p>const NoPermissionButton &#061; () &#061;&gt; (<br \/>\n  &lt;button disabled title&#061;&#034;\u60a8\u6ca1\u6709\u7f16\u8f91\u6743\u9650&#034;&gt;\u7f16\u8f91&lt;\/button&gt;<br \/>\n);<\/p>\n<p>\/\/ \u521b\u5efa\u5e26\u6743\u9650\u68c0\u67e5\u7684\u6309\u94ae<br \/>\nconst ProtectedEditButton &#061; permissionManager.withPermission(<br \/>\n  EditButton,<br \/>\n  NoPermissionButton,<br \/>\n  &#039;document&#039;,<br \/>\n  &#039;edit&#039;<br \/>\n);<\/p>\n<p>\/\/ \u5728\u5e94\u7528\u4e2d\u4f7f\u7528<br \/>\nfunction DocumentPage({ documentId }) {<br \/>\n  return (<br \/>\n    &lt;div&gt;<br \/>\n      &lt;h1&gt;\u6587\u6863\u8be6\u60c5&lt;\/h1&gt;<br \/>\n      {\/* \u53ea\u6709\u6709\u6743\u9650\u7684\u7528\u6237\u624d\u80fd\u770b\u5230\u7f16\u8f91\u6309\u94ae *\/}<br \/>\n      &lt;ProtectedEditButton resourceId&#061;{documentId} \/&gt;<br \/>\n    &lt;\/div&gt;<br \/>\n  );<br \/>\n}<\/p>\n<h4>18.6 \u5b89\u5168\u8003\u8651<\/h4>\n<h5>18.6.1 \u9632\u6b62\u6743\u9650\u63d0\u5347\u653b\u51fb<\/h5>\n<p>python<\/p>\n<p># \u6743\u9650\u63d0\u5347\u653b\u51fb\u9632\u62a4<br \/>\nclass PermissionEscalationProtection:<br \/>\n    def __init__(self):<br \/>\n        self.sensitive_operations &#061; [<br \/>\n            &#039;change_role&#039;,<br \/>\n            &#039;grant_permission&#039;,<br \/>\n            &#039;elevate_privileges&#039;,<br \/>\n            &#039;impersonate_user&#039;<br \/>\n        ]<\/p>\n<p>    def validate_permission_consistency(self, user_id: str, requested_permission: str, target_resource&#061;None):<br \/>\n        &#034;&#034;&#034;\u9a8c\u8bc1\u6743\u9650\u4e00\u81f4\u6027&#xff0c;\u9632\u6b62\u6743\u9650\u63d0\u5347&#034;&#034;&#034;<\/p>\n<p>        # \u83b7\u53d6\u7528\u6237\u5f53\u524d\u6743\u9650<br \/>\n        user_permissions &#061; self.get_user_permissions(user_id)<\/p>\n<p>        # \u68c0\u67e5\u662f\u5426\u5c1d\u8bd5\u83b7\u53d6\u9ad8\u4e8e\u5f53\u524d\u89d2\u8272\u7684\u6743\u9650<br \/>\n        user_role &#061; self.get_user_role(user_id)<br \/>\n        requested_role_level &#061; self.get_permission_level(requested_permission)<br \/>\n        user_role_level &#061; self.get_role_level(user_role)<\/p>\n<p>        if requested_role_level &gt; user_role_level:<br \/>\n            self.log_suspicious_activity(<br \/>\n                user_id,<br \/>\n                f&#034;\u5c1d\u8bd5\u83b7\u53d6\u9ad8\u4e8e\u89d2\u8272\u7b49\u7ea7\u7684\u6743\u9650: {requested_permission}&#034;,<br \/>\n                severity&#061;&#034;high&#034;<br \/>\n            )<br \/>\n            return False<\/p>\n<p>        # \u5bf9\u4e8e\u654f\u611f\u64cd\u4f5c&#xff0c;\u9700\u8981\u989d\u5916\u9a8c\u8bc1<br \/>\n        if requested_permission in self.sensitive_operations:<br \/>\n            if not self.verify_sensitive_operation(user_id, requested_permission):<br \/>\n                return False<\/p>\n<p>        # \u68c0\u67e5\u8d44\u6e90\u6240\u6709\u6743&#xff08;\u5982\u679c\u9002\u7528&#xff09;<br \/>\n        if target_resource:<br \/>\n            resource_owner &#061; self.get_resource_owner(target_resource)<br \/>\n            if resource_owner !&#061; user_id:<br \/>\n                # \u975e\u6240\u6709\u8005\u5c1d\u8bd5\u654f\u611f\u64cd\u4f5c<br \/>\n                if requested_permission in [&#039;delete&#039;, &#039;modify_permissions&#039;]:<br \/>\n                    self.log_suspicious_activity(<br \/>\n                        user_id,<br \/>\n                        f&#034;\u975e\u6240\u6709\u8005\u5c1d\u8bd5{requested_permission}\u64cd\u4f5c&#034;,<br \/>\n                        severity&#061;&#034;medium&#034;<br \/>\n                    )<\/p>\n<p>        return True<\/p>\n<p>    def verify_sensitive_operation(self, user_id: str, operation: str) -&gt; bool:<br \/>\n        &#034;&#034;&#034;\u9a8c\u8bc1\u654f\u611f\u64cd\u4f5c&#034;&#034;&#034;<br \/>\n        # 1. \u68c0\u67e5\u662f\u5426\u6709\u591a\u56e0\u7d20\u8ba4\u8bc1<br \/>\n        if not self.has_mfa(user_id):<br \/>\n            self.log_suspicious_activity(<br \/>\n                user_id,<br \/>\n                f&#034;\u5c1d\u8bd5\u654f\u611f\u64cd\u4f5c{operation}\u4f46\u672a\u542f\u7528MFA&#034;,<br \/>\n                severity&#061;&#034;high&#034;<br \/>\n            )<br \/>\n            return False<\/p>\n<p>        # 2. \u68c0\u67e5\u64cd\u4f5c\u9891\u7387\u9650\u5236<br \/>\n        if self.is_rate_limited(user_id, operation):<br \/>\n            self.log_suspicious_activity(<br \/>\n                user_id,<br \/>\n                f&#034;\u654f\u611f\u64cd\u4f5c{operation}\u9891\u7387\u8fc7\u9ad8&#034;,<br \/>\n                severity&#061;&#034;medium&#034;<br \/>\n            )<br \/>\n            return False<\/p>\n<p>        # 3. \u68c0\u67e5\u4f1a\u8bdd\u65b0\u9c9c\u5ea6<br \/>\n        if not self.is_fresh_session(user_id):<br \/>\n            # \u8981\u6c42\u91cd\u65b0\u8ba4\u8bc1<br \/>\n            raise ReauthenticationRequired()<\/p>\n<p>        return True<\/p>\n<p>    def enforce_least_privilege(self, user_id: str, requested_permissions: list) -&gt; list:<br \/>\n        &#034;&#034;&#034;\u5b9e\u65bd\u6700\u5c0f\u6743\u9650\u539f\u5219&#xff0c;\u8fc7\u6ee4\u4e0d\u5fc5\u8981\u7684\u6743\u9650&#034;&#034;&#034;<br \/>\n        user_role &#061; self.get_user_role(user_id)<br \/>\n        role_based_permissions &#061; self.get_role_permissions(user_role)<\/p>\n<p>        # \u53ea\u8fd4\u56de\u89d2\u8272\u5141\u8bb8\u7684\u6743\u9650<br \/>\n        allowed_permissions &#061; [<br \/>\n            perm for perm in requested_permissions<br \/>\n            if perm in role_based_permissions<br \/>\n        ]<\/p>\n<p>        # \u8bb0\u5f55\u88ab\u8fc7\u6ee4\u7684\u6743\u9650<br \/>\n        denied_permissions &#061; set(requested_permissions) &#8211; set(allowed_permissions)<br \/>\n        if denied_permissions:<br \/>\n            self.log_suspicious_activity(<br \/>\n                user_id,<br \/>\n                f&#034;\u8bf7\u6c42\u4e86\u8d85\u51fa\u89d2\u8272\u7684\u6743\u9650: {denied_permissions}&#034;,<br \/>\n                severity&#061;&#034;low&#034;<br \/>\n            )<\/p>\n<p>        return allowed_permissions<\/p>\n<h5>18.6.2 \u5b89\u5168\u7684\u9519\u8bef\u4fe1\u606f<\/h5>\n<p>python<\/p>\n<p># \u5b89\u5168\u7684403\u9519\u8bef\u54cd\u5e94<br \/>\nclass SecureForbiddenResponse:<br \/>\n    def __init__(self, debug_mode&#061;False):<br \/>\n        self.debug_mode &#061; debug_mode<\/p>\n<p>    def create_response(self, error_code, user, resource&#061;None, action&#061;None):<br \/>\n        &#034;&#034;&#034;\u521b\u5efa\u5b89\u5168\u7684403\u54cd\u5e94&#034;&#034;&#034;<\/p>\n<p>        # \u57fa\u7840\u9519\u8bef\u4fe1\u606f<br \/>\n        base_errors &#061; {<br \/>\n            &#039;ACCESS_DENIED&#039;: &#039;\u8bbf\u95ee\u88ab\u62d2\u7edd&#039;,<br \/>\n            &#039;INSUFFICIENT_PERMISSIONS&#039;: &#039;\u6743\u9650\u4e0d\u8db3&#039;,<br \/>\n            &#039;RESOURCE_RESTRICTED&#039;: &#039;\u8d44\u6e90\u8bbf\u95ee\u53d7\u9650&#039;,<br \/>\n            &#039;OPERATION_NOT_ALLOWED&#039;: &#039;\u64cd\u4f5c\u4e0d\u88ab\u5141\u8bb8&#039;<br \/>\n        }<\/p>\n<p>        message &#061; base_errors.get(error_code, &#039;\u8bbf\u95ee\u88ab\u62d2\u7edd&#039;)<\/p>\n<p>        # \u6784\u5efa\u54cd\u5e94<br \/>\n        response_data &#061; {<br \/>\n            &#039;error&#039;: {<br \/>\n                &#039;code&#039;: error_code,<br \/>\n                &#039;message&#039;: message,<br \/>\n                &#039;timestamp&#039;: datetime.utcnow().isoformat()<br \/>\n            }<br \/>\n        }<\/p>\n<p>        # \u5728\u8c03\u8bd5\u6a21\u5f0f\u4e0b\u6dfb\u52a0\u66f4\u591a\u4fe1\u606f<br \/>\n        if self.debug_mode:<br \/>\n            response_data[&#039;error&#039;][&#039;details&#039;] &#061; {<br \/>\n                &#039;user_id&#039;: user.id if user else None,<br \/>\n                &#039;resource&#039;: resource,<br \/>\n                &#039;action&#039;: action,<br \/>\n                &#039;user_role&#039;: user.role if user else None<br \/>\n            }<br \/>\n        else:<br \/>\n            # \u751f\u4ea7\u73af\u5883\u4e0b&#xff0c;\u8bb0\u5f55\u8be6\u7ec6\u4fe1\u606f\u5230\u65e5\u5fd7\u800c\u975e\u8fd4\u56de\u7ed9\u5ba2\u6237\u7aef<br \/>\n            self.log_forbidden_access(<br \/>\n                user_id&#061;user.id if user else None,<br \/>\n                error_code&#061;error_code,<br \/>\n                resource&#061;resource,<br \/>\n                action&#061;action,<br \/>\n                ip_address&#061;request.remote_addr if request else None<br \/>\n            )<\/p>\n<p>        return response_data<\/p>\n<p>    def log_forbidden_access(self, **kwargs):<br \/>\n        &#034;&#034;&#034;\u8bb0\u5f55\u88ab\u62d2\u7edd\u7684\u8bbf\u95ee\u5c1d\u8bd5&#034;&#034;&#034;<br \/>\n        log_entry &#061; {<br \/>\n            &#039;event&#039;: &#039;forbidden_access&#039;,<br \/>\n            &#039;timestamp&#039;: datetime.utcnow().isoformat(),<br \/>\n            **kwargs<br \/>\n        }<\/p>\n<p>        # \u8bb0\u5f55\u5230\u5b89\u5168\u65e5\u5fd7<br \/>\n        security_logger.warning(log_entry)<\/p>\n<p>        # \u68c0\u67e5\u662f\u5426\u9700\u8981\u8b66\u62a5<br \/>\n        if self.should_alert(**kwargs):<br \/>\n            self.send_security_alert(log_entry)<\/p>\n<p>    def should_alert(self, user_id, error_code, **kwargs):<br \/>\n        &#034;&#034;&#034;\u5224\u65ad\u662f\u5426\u9700\u8981\u53d1\u9001\u5b89\u5168\u8b66\u62a5&#034;&#034;&#034;<br \/>\n        # \u9ad8\u6743\u9650\u7528\u6237\u88ab\u62d2\u7edd\u8bbf\u95ee<br \/>\n        if user_id and self.is_privileged_user(user_id):<br \/>\n            return True<\/p>\n<p>        # \u9891\u7e41\u7684\u62d2\u7edd\u8bbf\u95ee<br \/>\n        key &#061; f&#034;forbidden:{user_id or kwargs.get(&#039;ip_address&#039;)}&#034;<br \/>\n        count &#061; self.redis.incr(key, 1)<br \/>\n        self.redis.expire(key, 300)  # 5\u5206\u949f\u7a97\u53e3<\/p>\n<p>        if count &gt; 10:  # 5\u5206\u949f\u5185\u8d85\u8fc710\u6b21\u62d2\u7edd<br \/>\n            return True<\/p>\n<p>        return False<\/p>\n<h4>18.7 \u76d1\u63a7\u4e0e\u5ba1\u8ba1<\/h4>\n<h5>18.7.1 \u6743\u9650\u8bbf\u95ee\u5ba1\u8ba1<\/h5>\n<p>python<\/p>\n<p># \u6743\u9650\u8bbf\u95ee\u5ba1\u8ba1\u7cfb\u7edf<br \/>\nfrom dataclasses import dataclass<br \/>\nfrom datetime import datetime<br \/>\nfrom typing import Optional, Dict, Any<br \/>\nimport json<\/p>\n<p>&#064;dataclass<br \/>\nclass PermissionAuditEvent:<br \/>\n    event_id: str<br \/>\n    timestamp: datetime<br \/>\n    user_id: str<br \/>\n    action: str<br \/>\n    resource_type: str<br \/>\n    resource_id: Optional[str]<br \/>\n    success: bool<br \/>\n    reason: Optional[str]<br \/>\n    user_ip: str<br \/>\n    user_agent: str<br \/>\n    request_id: str<br \/>\n    evaluated_policies: list<br \/>\n    decision_process: Dict[str, Any]<\/p>\n<p>    def to_dict(self):<br \/>\n        data &#061; {<br \/>\n            &#039;event_id&#039;: self.event_id,<br \/>\n            &#039;timestamp&#039;: self.timestamp.isoformat(),<br \/>\n            &#039;user_id&#039;: self.user_id,<br \/>\n            &#039;action&#039;: self.action,<br \/>\n            &#039;resource_type&#039;: self.resource_type,<br \/>\n            &#039;resource_id&#039;: self.resource_id,<br \/>\n            &#039;success&#039;: self.success,<br \/>\n            &#039;reason&#039;: self.reason,<br \/>\n            &#039;user_ip&#039;: self.user_ip,<br \/>\n            &#039;user_agent&#039;: self.user_agent,<br \/>\n            &#039;request_id&#039;: self.request_id,<br \/>\n            &#039;evaluated_policies&#039;: self.evaluated_policies,<br \/>\n            &#039;decision_process&#039;: self.decision_process<br \/>\n        }<br \/>\n        return data<\/p>\n<p>class PermissionAuditLogger:<br \/>\n    def __init__(self):<br \/>\n        self.logger &#061; logging.getLogger(&#039;permission_audit&#039;)<br \/>\n        self.setup_logging()<\/p>\n<p>    def setup_logging(self):<br \/>\n        # \u6587\u4ef6\u5904\u7406\u5668<br \/>\n        file_handler &#061; logging.FileHandler(&#039;permission_audit.log&#039;)<br \/>\n        file_handler.setFormatter(logging.Formatter(<br \/>\n            &#039;%(message)s&#039;<br \/>\n        ))<br \/>\n        self.logger.addHandler(file_handler)<\/p>\n<p>        # \u5982\u679c\u9700\u8981&#xff0c;\u6dfb\u52a0Syslog\u5904\u7406\u5668<br \/>\n        if config.ENABLE_SYSLOG:<br \/>\n            syslog_handler &#061; logging.handlers.SysLogHandler()<br \/>\n            self.logger.addHandler(syslog_handler)<\/p>\n<p>    def log_permission_check(self, event: PermissionAuditEvent):<br \/>\n        &#034;&#034;&#034;\u8bb0\u5f55\u6743\u9650\u68c0\u67e5\u4e8b\u4ef6&#034;&#034;&#034;<\/p>\n<p>        # \u8bb0\u5f55\u5230\u6587\u4ef6<br \/>\n        self.logger.info(json.dumps(event.to_dict()))<\/p>\n<p>        # \u5982\u679c\u8bbf\u95ee\u88ab\u62d2\u7edd\u4e14\u662f\u9ad8\u6743\u9650\u7528\u6237&#xff0c;\u53d1\u9001\u8b66\u62a5<br \/>\n        if not event.success and self.is_privileged_user(event.user_id):<br \/>\n            self.send_privileged_denial_alert(event)<\/p>\n<p>        # \u5b9e\u65f6\u5206\u6790<br \/>\n        self.realtime_analysis(event)<\/p>\n<p>    def realtime_analysis(self, event: PermissionAuditEvent):<br \/>\n        &#034;&#034;&#034;\u5b9e\u65f6\u5206\u6790\u6743\u9650\u4e8b\u4ef6&#034;&#034;&#034;<\/p>\n<p>        # \u8ddf\u8e2a\u5931\u8d25\u7684\u6a21\u5f0f<br \/>\n        if not event.success:<br \/>\n            key &#061; f&#034;perm_denial:{event.user_id}:{event.resource_type}:{event.action}&#034;<br \/>\n            count &#061; self.redis.incr(key, 1)<br \/>\n            self.redis.expire(key, 3600)  # 1\u5c0f\u65f6\u7a97\u53e3<\/p>\n<p>            # \u5982\u679c\u540c\u4e00\u7528\u6237\u5728\u77ed\u65f6\u95f4\u5185\u591a\u6b21\u88ab\u62d2\u7edd&#xff0c;\u53ef\u80fd\u662f\u914d\u7f6e\u95ee\u9898\u6216\u653b\u51fb<br \/>\n            if count &gt; 5:<br \/>\n                self.alert_repeated_denials(event, count)<\/p>\n<p>    def generate_permission_report(self, start_date: datetime, end_date: datetime):<br \/>\n        &#034;&#034;&#034;\u751f\u6210\u6743\u9650\u4f7f\u7528\u62a5\u544a&#034;&#034;&#034;<\/p>\n<p>        # \u4ece\u65e5\u5fd7\u6216\u6570\u636e\u5e93\u83b7\u53d6\u6570\u636e<br \/>\n        events &#061; self.get_events_in_range(start_date, end_date)<\/p>\n<p>        report &#061; {<br \/>\n            &#039;period&#039;: {<br \/>\n                &#039;start&#039;: start_date.isoformat(),<br \/>\n                &#039;end&#039;: end_date.isoformat()<br \/>\n            },<br \/>\n            &#039;summary&#039;: {<br \/>\n                &#039;total_checks&#039;: len(events),<br \/>\n                &#039;allowed&#039;: sum(1 for e in events if e.success),<br \/>\n                &#039;denied&#039;: sum(1 for e in events if not e.success),<br \/>\n                &#039;unique_users&#039;: len(set(e.user_id for e in events)),<br \/>\n                &#039;unique_resources&#039;: len(set(<br \/>\n                    (e.resource_type, e.resource_id)<br \/>\n                    for e in events<br \/>\n                    if e.resource_id<br \/>\n                ))<br \/>\n            },<br \/>\n            &#039;denial_analysis&#039;: {<br \/>\n                &#039;by_reason&#039;: self.group_denials_by_reason(events),<br \/>\n                &#039;by_user_role&#039;: self.group_denials_by_user_role(events),<br \/>\n                &#039;by_resource_type&#039;: self.group_denials_by_resource_type(events),<br \/>\n                &#039;top_denied_users&#039;: self.get_top_denied_users(events, limit&#061;10)<br \/>\n            },<br \/>\n            &#039;access_patterns&#039;: {<br \/>\n                &#039;most_accessed_resources&#039;: self.get_most_accessed_resources(events, limit&#061;10),<br \/>\n                &#039;most_active_users&#039;: self.get_most_active_users(events, limit&#061;10),<br \/>\n                &#039;permission_usage_distribution&#039;: self.get_permission_usage_distribution(events)<br \/>\n            },<br \/>\n            &#039;security_insights&#039;: {<br \/>\n                &#039;suspicious_patterns&#039;: self.identify_suspicious_patterns(events),<br \/>\n                &#039;policy_violations&#039;: self.identify_policy_violations(events),<br \/>\n                &#039;recommendations&#039;: self.generate_recommendations(events)<br \/>\n            }<br \/>\n        }<\/p>\n<p>        return report<\/p>\n<h4>18.8 \u7279\u6b8a\u573a\u666f\u5904\u7406<\/h4>\n<h5>18.8.1 \u6682\u65f6\u6743\u9650\u63d0\u5347<\/h5>\n<p>python<\/p>\n<p># \u6682\u65f6\u6743\u9650\u63d0\u5347\u7cfb\u7edf&#xff08;\u5982sudo\u6a21\u5f0f&#xff09;<br \/>\nclass TemporaryPermissionElevation:<br \/>\n    def __init__(self):<br \/>\n        self.active_elevations &#061; {}  # user_id -&gt; expiration_time<\/p>\n<p>    def request_elevation(self, user_id: str, reason: str, requested_permissions: list):<br \/>\n        &#034;&#034;&#034;\u8bf7\u6c42\u4e34\u65f6\u6743\u9650\u63d0\u5347&#034;&#034;&#034;<\/p>\n<p>        # \u9a8c\u8bc1\u8bf7\u6c42\u5408\u7406\u6027<br \/>\n        if not self.validate_elevation_request(user_id, reason, requested_permissions):<br \/>\n            return False, &#034;\u8bf7\u6c42\u65e0\u6548\u6216\u4e0d\u7b26\u5408\u7b56\u7565&#034;<\/p>\n<p>        # \u68c0\u67e5\u662f\u5426\u5df2\u7ecf\u6709\u6d3b\u8dc3\u7684\u63d0\u5347<br \/>\n        if user_id in self.active_elevations:<br \/>\n            expiration &#061; self.active_elevations[user_id]<br \/>\n            if datetime.utcnow() &lt; expiration:<br \/>\n                return True, &#034;\u5df2\u6709\u6d3b\u8dc3\u7684\u6743\u9650\u63d0\u5347&#034;<\/p>\n<p>        # \u9700\u8981\u5ba1\u6279\u7684\u6743\u9650<br \/>\n        requires_approval &#061; self.requires_approval(user_id, requested_permissions)<\/p>\n<p>        if requires_approval:<br \/>\n            # \u521b\u5efa\u5ba1\u6279\u8bf7\u6c42<br \/>\n            approval_id &#061; self.create_approval_request(user_id, reason, requested_permissions)<br \/>\n            return False, f&#034;\u9700\u8981\u5ba1\u6279&#xff0c;\u8bf7\u6c42ID: {approval_id}&#034;<\/p>\n<p>        # \u81ea\u52a8\u6279\u51c6<br \/>\n        return self.grant_elevation(user_id, requested_permissions, reason)<\/p>\n<p>    def grant_elevation(self, user_id: str, permissions: list, reason: str):<br \/>\n        &#034;&#034;&#034;\u6388\u4e88\u4e34\u65f6\u6743\u9650\u63d0\u5347&#034;&#034;&#034;<\/p>\n<p>        # \u786e\u5b9a\u63d0\u5347\u6301\u7eed\u65f6\u95f4<br \/>\n        duration &#061; self.calculate_elevation_duration(user_id, permissions)<\/p>\n<p>        # \u8bb0\u5f55\u63d0\u5347<br \/>\n        elevation_id &#061; str(uuid.uuid4())<br \/>\n        elevation_record &#061; {<br \/>\n            &#039;id&#039;: elevation_id,<br \/>\n            &#039;user_id&#039;: user_id,<br \/>\n            &#039;permissions&#039;: permissions,<br \/>\n            &#039;granted_at&#039;: datetime.utcnow(),<br \/>\n            &#039;expires_at&#039;: datetime.utcnow() &#043; timedelta(minutes&#061;duration),<br \/>\n            &#039;reason&#039;: reason,<br \/>\n            &#039;granted_by&#039;: &#039;system&#039;  # \u6216\u5ba1\u6279\u8005ID<br \/>\n        }<\/p>\n<p>        # \u5b58\u50a8\u8bb0\u5f55<br \/>\n        self.save_elevation_record(elevation_record)<\/p>\n<p>        # \u7f13\u5b58\u6d3b\u8dc3\u63d0\u5347<br \/>\n        self.active_elevations[user_id] &#061; elevation_record[&#039;expires_at&#039;]<\/p>\n<p>        # \u8bb0\u5f55\u5ba1\u8ba1\u65e5\u5fd7<br \/>\n        self.log_elevation_grant(elevation_record)<\/p>\n<p>        return True, f&#034;\u6743\u9650\u63d0\u5347\u5df2\u6388\u4e88&#xff0c;\u6709\u6548\u671f{duration}\u5206\u949f&#034;<\/p>\n<p>    def check_elevated_permission(self, user_id: str, permission: str) -&gt; bool:<br \/>\n        &#034;&#034;&#034;\u68c0\u67e5\u7528\u6237\u662f\u5426\u6709\u63d0\u5347\u7684\u6743\u9650&#034;&#034;&#034;<\/p>\n<p>        if user_id not in self.active_elevations:<br \/>\n            return False<\/p>\n<p>        expiration &#061; self.active_elevations[user_id]<br \/>\n        if datetime.utcnow() &gt; expiration:<br \/>\n            # \u63d0\u5347\u5df2\u8fc7\u671f<br \/>\n            del self.active_elevations[user_id]<br \/>\n            return False<\/p>\n<p>        # \u68c0\u67e5\u7528\u6237\u5f53\u524d\u6d3b\u8dc3\u7684\u63d0\u5347\u8bb0\u5f55<br \/>\n        active_elevation &#061; self.get_active_elevation(user_id)<br \/>\n        if not active_elevation:<br \/>\n            return False<\/p>\n<p>        return permission in active_elevation[&#039;permissions&#039;]<\/p>\n<p>    def enforce_elevated_permission(self, user_id: str, permission: str):<br \/>\n        &#034;&#034;&#034;\u5f3a\u5236\u6267\u884c\u63d0\u5347\u7684\u6743\u9650&#xff0c;\u5931\u8d25\u65f6\u629b\u51fa403&#034;&#034;&#034;<\/p>\n<p>        if not self.check_elevated_permission(user_id, permission):<br \/>\n            raise ForbiddenError(<br \/>\n                code&#061;&#034;ELEVATED_PERMISSION_REQUIRED&#034;,<br \/>\n                message&#061;&#034;\u6b64\u64cd\u4f5c\u9700\u8981\u4e34\u65f6\u63d0\u5347\u7684\u6743\u9650&#034;,<br \/>\n                details&#061;{<br \/>\n                    &#034;required_permission&#034;: permission,<br \/>\n                    &#034;suggestion&#034;: &#034;\u8bf7\u6c42\u4e34\u65f6\u6743\u9650\u63d0\u5347\u6216\u8054\u7cfb\u7ba1\u7406\u5458&#034;<br \/>\n                }<br \/>\n            )<\/p>\n<p># \u4f7f\u7528\u4e34\u65f6\u6743\u9650\u63d0\u5347<br \/>\n&#064;app.route(&#039;\/api\/admin\/action&#039;, methods&#061;[&#039;POST&#039;])<br \/>\n&#064;require_auth<br \/>\ndef admin_action():<br \/>\n    user_id &#061; g.user_id<br \/>\n    action &#061; request.json.get(&#039;action&#039;)<\/p>\n<p>    # \u68c0\u67e5\u662f\u5426\u9700\u8981\u63d0\u5347\u7684\u6743\u9650<br \/>\n    if action in ELEVATED_ACTIONS:<br \/>\n        # \u9a8c\u8bc1\u4e34\u65f6\u6743\u9650\u63d0\u5347<br \/>\n        temp_permissions &#061; TemporaryPermissionElevation()<\/p>\n<p>        try:<br \/>\n            temp_permissions.enforce_elevated_permission(user_id, action)<br \/>\n        except ForbiddenError as e:<br \/>\n            return jsonify(e.to_dict()), 403<\/p>\n<p>    # \u6267\u884c\u7ba1\u7406\u64cd\u4f5c<br \/>\n    # &#8230;<\/p>\n<h5>18.8.2 \u5206\u7ea7\u6743\u9650\u63a7\u5236<\/h5>\n<p>python<\/p>\n<p># \u5206\u7ea7\u6743\u9650\u63a7\u5236\u7cfb\u7edf<br \/>\nclass HierarchicalPermissionSystem:<br \/>\n    def __init__(self):<br \/>\n        self.hierarchy &#061; self.load_hierarchy()<\/p>\n<p>    def load_hierarchy(self):<br \/>\n        &#034;&#034;&#034;\u52a0\u8f7d\u7ec4\u7ec7\u5c42\u7ea7\u7ed3\u6784&#034;&#034;&#034;<br \/>\n        return {<br \/>\n            &#039;organization&#039;: {<br \/>\n                &#039;children&#039;: [&#039;division&#039;],<br \/>\n                &#039;inheritance&#039;: &#039;full&#039;  # \u5b8c\u5168\u7ee7\u627f<br \/>\n            },<br \/>\n            &#039;division&#039;: {<br \/>\n                &#039;children&#039;: [&#039;department&#039;],<br \/>\n                &#039;inheritance&#039;: &#039;scoped&#039;  # \u6709\u8303\u56f4\u7684\u7ee7\u627f<br \/>\n            },<br \/>\n            &#039;department&#039;: {<br \/>\n                &#039;children&#039;: [&#039;team&#039;],<br \/>\n                &#039;inheritance&#039;: &#039;limited&#039;  # \u6709\u9650\u7ee7\u627f<br \/>\n            },<br \/>\n            &#039;team&#039;: {<br \/>\n                &#039;children&#039;: [],<br \/>\n                &#039;inheritance&#039;: &#039;none&#039;  # \u4e0d\u7ee7\u627f<br \/>\n            }<br \/>\n        }<\/p>\n<p>    def get_inherited_permissions(self, user_id: str, node_type: str, node_id: str):<br \/>\n        &#034;&#034;&#034;\u83b7\u53d6\u4ece\u7236\u8282\u70b9\u7ee7\u627f\u7684\u6743\u9650&#034;&#034;&#034;<\/p>\n<p>        # \u83b7\u53d6\u7528\u6237\u5728\u5f53\u524d\u8282\u70b9\u7684\u76f4\u63a5\u6743\u9650<br \/>\n        direct_permissions &#061; self.get_direct_permissions(user_id, node_type, node_id)<\/p>\n<p>        # \u83b7\u53d6\u7236\u8282\u70b9<br \/>\n        parent_node &#061; self.get_parent_node(node_type, node_id)<br \/>\n        if not parent_node:<br \/>\n            return direct_permissions<\/p>\n<p>        # \u6839\u636e\u7ee7\u627f\u89c4\u5219\u83b7\u53d6\u7236\u8282\u70b9\u6743\u9650<br \/>\n        inheritance_type &#061; self.hierarchy[node_type][&#039;inheritance&#039;]<\/p>\n<p>        if inheritance_type &#061;&#061; &#039;full&#039;:<br \/>\n            # \u5b8c\u5168\u7ee7\u627f&#xff1a;\u83b7\u53d6\u7236\u8282\u70b9\u7684\u6240\u6709\u6743\u9650<br \/>\n            parent_permissions &#061; self.get_inherited_permissions(<br \/>\n                user_id, parent_node[&#039;type&#039;], parent_node[&#039;id&#039;]<br \/>\n            )<br \/>\n            return direct_permissions.union(parent_permissions)<\/p>\n<p>        elif inheritance_type &#061;&#061; &#039;scoped&#039;:<br \/>\n            # \u6709\u8303\u56f4\u7ee7\u627f&#xff1a;\u53ea\u7ee7\u627f\u7279\u5b9a\u8303\u56f4\u7684\u6743\u9650<br \/>\n            parent_permissions &#061; self.get_inherited_permissions(<br \/>\n                user_id, parent_node[&#039;type&#039;], parent_node[&#039;id&#039;]<br \/>\n            )<\/p>\n<p>            # \u8fc7\u6ee4\u53ea\u5728\u5f53\u524d\u8282\u70b9\u7c7b\u578b\u6709\u6548\u7684\u6743\u9650<br \/>\n            scoped_permissions &#061; {<br \/>\n                perm for perm in parent_permissions<br \/>\n                if self.is_permission_scoped(perm, node_type)<br \/>\n            }<\/p>\n<p>            return direct_permissions.union(scoped_permissions)<\/p>\n<p>        elif inheritance_type &#061;&#061; &#039;limited&#039;:<br \/>\n            # \u6709\u9650\u7ee7\u627f&#xff1a;\u53ea\u7ee7\u627f\u7279\u5b9a\u6743\u9650<br \/>\n            parent_permissions &#061; self.get_inherited_permissions(<br \/>\n                user_id, parent_node[&#039;type&#039;], parent_node[&#039;id&#039;]<br \/>\n            )<\/p>\n<p>            limited_permissions &#061; {<br \/>\n                perm for perm in parent_permissions<br \/>\n                if perm in LIMITED_INHERITANCE_PERMISSIONS<br \/>\n            }<\/p>\n<p>            return direct_permissions.union(limited_permissions)<\/p>\n<p>        else:  # &#039;none&#039;<br \/>\n            # \u4e0d\u7ee7\u627f<br \/>\n            return direct_permissions<\/p>\n<p>    def check_hierarchical_permission(self, user_id: str, permission: str, node_type: str, node_id: str):<br \/>\n        &#034;&#034;&#034;\u68c0\u67e5\u5c42\u7ea7\u6743\u9650&#034;&#034;&#034;<\/p>\n<p>        # \u83b7\u53d6\u7528\u6237\u5728\u5f53\u524d\u8282\u70b9\u53ca\u5176\u7956\u5148\u7684\u6240\u6709\u6743\u9650<br \/>\n        all_permissions &#061; self.get_inherited_permissions(user_id, node_type, node_id)<\/p>\n<p>        # \u68c0\u67e5\u6743\u9650<br \/>\n        if permission in all_permissions:<br \/>\n            return True<\/p>\n<p>        # \u68c0\u67e5\u662f\u5426\u5728\u5b50\u8282\u70b9\u6709\u6743\u9650&#xff08;\u5982\u679c\u6743\u9650\u53ef\u4ee5\u5411\u4e0b\u5e94\u7528&#xff09;<br \/>\n        if self.can_apply_downwards(permission):<br \/>\n            child_nodes &#061; self.get_child_nodes(node_type, node_id)<br \/>\n            for child in child_nodes:<br \/>\n                if self.check_hierarchical_permission(user_id, permission, child[&#039;type&#039;], child[&#039;id&#039;]):<br \/>\n                    return True<\/p>\n<p>        return False<\/p>\n<h2>\u7b2c19\u7ae0&#xff1a;404 Not Found &#8211; \u8d44\u6e90\u672a\u627e\u5230\u7b56\u7565<\/h2>\n<h3>19.1 \u5b9a\u4e49\u4e0e\u8bed\u4e49<\/h3>\n<p>404 Not Found\u00a0\u72b6\u6001\u7801\u8868\u793a\u670d\u52a1\u5668\u65e0\u6cd5\u627e\u5230\u8bf7\u6c42\u7684\u8d44\u6e90\u3002\u8fd9\u662fHTTP\u534f\u8bae\u4e2d\u6700\u5e38\u89c1\u548c\u6700\u5bb9\u6613\u8bc6\u522b\u7684\u72b6\u6001\u7801\u4e4b\u4e00\u3002\u5176\u6838\u5fc3\u610f\u4e49\u662f&#xff1a;<\/p>\n<ul>\n<li>\n<p>\u8bf7\u6c42\u7684\u8d44\u6e90\u4e0d\u5b58\u5728<\/p>\n<\/li>\n<li>\n<p>\u670d\u52a1\u5668\u4e0d\u77e5\u9053\u5982\u4f55\u6ee1\u8db3\u8bf7\u6c42<\/p>\n<\/li>\n<li>\n<p>\u8d44\u6e90\u53ef\u80fd\u5df2\u88ab\u5220\u9664\u3001\u79fb\u52a8\u6216\u4ece\u672a\u5b58\u5728<\/p>\n<\/li>\n<\/ul>\n<p>\u5173\u952e\u7279\u6027&#xff1a;<\/p>\n<ul>\n<li>\n<p>\u901a\u7528\u578b&#034;\u8d44\u6e90\u4e0d\u5b58\u5728&#034;\u72b6\u6001\u7801<\/p>\n<\/li>\n<li>\n<p>\u4e0d\u900f\u9732\u8d44\u6e90\u662f\u5426\u66fe\u7ecf\u5b58\u5728&#xff08;\u5b89\u5168\u8003\u8651&#xff09;<\/p>\n<\/li>\n<li>\n<p>\u4e0d\u5e94\u8be5\u7528\u4e8e\u8868\u793a\u670d\u52a1\u5668\u5185\u90e8\u9519\u8bef<\/p>\n<\/li>\n<\/ul>\n<p>\u5e38\u89c1\u8bef\u89e3&#xff1a;<\/p>\n<ul>\n<li>\n<p>404 \u2260 500&#xff1a;404\u662f\u5ba2\u6237\u7aef\u9519\u8bef&#xff0c;500\u662f\u670d\u52a1\u5668\u9519\u8bef<\/p>\n<\/li>\n<li>\n<p>404 \u2260 403&#xff1a;404\u662f\u8d44\u6e90\u4e0d\u5b58\u5728&#xff0c;403\u662f\u5b58\u5728\u4f46\u65e0\u6743\u9650\u8bbf\u95ee<\/p>\n<\/li>\n<li>\n<p>404 \u2260 410&#xff1a;404\u662f\u4e0d\u77e5\u9053\u662f\u5426\u5b58\u5728&#xff0c;410\u662f\u660e\u786e\u5df2\u5220\u9664<\/p>\n<\/li>\n<\/ul>\n<h3>19.2 \u89e6\u53d1\u573a\u666f\u5206\u7c7b<\/h3>\n<h4>19.2.1 \u5ba2\u6237\u7aef\u9519\u8bef\u5bfc\u81f4\u7684404<\/h4>\n<p>javascript<\/p>\n<p>\/\/ \u5e38\u89c1\u5ba2\u6237\u7aef\u9519\u8bef<br \/>\nconst clientErrors &#061; {<br \/>\n  \/\/ 1. \u8f93\u5165\u9519\u8bef<br \/>\n  &#034;typo&#034;: &#034;\/api\/userss&#034;,  \/\/ \u62fc\u5199\u9519\u8bef<br \/>\n  &#034;case_sensitive&#034;: &#034;\/API\/users&#034;,  \/\/ \u5927\u5c0f\u5199\u9519\u8bef<br \/>\n  &#034;wrong_extension&#034;: &#034;\/image.jpg.png&#034;,  \/\/ \u6269\u5c55\u540d\u9519\u8bef<\/p>\n<p>  \/\/ 2. \u53c2\u6570\u9519\u8bef<br \/>\n  &#034;invalid_id&#034;: &#034;\/api\/users\/999999&#034;,  \/\/ ID\u4e0d\u5b58\u5728<br \/>\n  &#034;malformed_uuid&#034;: &#034;\/api\/users\/123-not-uuid&#034;,<\/p>\n<p>  \/\/ 3. \u8fc7\u65f6\u94fe\u63a5<br \/>\n  &#034;old_api_version&#034;: &#034;\/v1\/users&#034;,  \/\/ API\u5df2\u5347\u7ea7\u5230v2<br \/>\n  &#034;removed_endpoint&#034;: &#034;\/api\/legacy-function&#034;,<\/p>\n<p>  \/\/ 4. \u5206\u9875\u8d8a\u754c<br \/>\n  &#034;page_out_of_range&#034;: &#034;\/api\/posts?page&#061;999&#034;,<br \/>\n};<\/p>\n<h4>19.2.2 \u670d\u52a1\u5668\u7aef\u72b6\u6001\u53d8\u5316<\/h4>\n<p>python<\/p>\n<p># \u8d44\u6e90\u72b6\u6001\u53d8\u5316<br \/>\nclass ResourceState:<br \/>\n    def __init__(self):<br \/>\n        self.resources &#061; {}<\/p>\n<p>    def check_resource(self, resource_id):<br \/>\n        &#034;&#034;&#034;\u68c0\u67e5\u8d44\u6e90\u72b6\u6001&#034;&#034;&#034;<br \/>\n        if resource_id not in self.resources:<br \/>\n            # \u8d44\u6e90\u4ece\u672a\u5b58\u5728<br \/>\n            return {&#034;status&#034;: &#034;never_existed&#034;, &#034;code&#034;: 404}<\/p>\n<p>        resource &#061; self.resources[resource_id]<\/p>\n<p>        if resource[&#034;status&#034;] &#061;&#061; &#034;deleted&#034;:<br \/>\n            # \u5df2\u5220\u9664 &#8211; \u5e94\u8fd4\u56de410 Gone<br \/>\n            return {&#034;status&#034;: &#034;deleted&#034;, &#034;code&#034;: 410}<\/p>\n<p>        if resource[&#034;status&#034;] &#061;&#061; &#034;moved&#034;:<br \/>\n            # \u5df2\u79fb\u52a8 &#8211; \u5e94\u8fd4\u56de301\/308\u91cd\u5b9a\u5411<br \/>\n            return {<br \/>\n                &#034;status&#034;: &#034;moved&#034;,<br \/>\n                &#034;code&#034;: 301,<br \/>\n                &#034;new_location&#034;: resource[&#034;new_location&#034;]<br \/>\n            }<\/p>\n<p>        if resource[&#034;status&#034;] &#061;&#061; &#034;hidden&#034;:<br \/>\n            # \u9690\u85cf &#8211; \u5e94\u8fd4\u56de404&#xff08;\u4e0d\u900f\u9732\u5b58\u5728\u6027&#xff09;<br \/>\n            return {&#034;status&#034;: &#034;hidden&#034;, &#034;code&#034;: 404}<\/p>\n<p>        return {&#034;status&#034;: &#034;available&#034;, &#034;code&#034;: 200}<\/p>\n<h3>19.3 \u8be6\u7ec6\u5b9e\u73b0\u4e0e\u6700\u4f73\u5b9e\u8df5<\/h3>\n<h4>19.3.1 \u667a\u80fd\u8def\u7531\u5339\u914d<\/h4>\n<p>python<\/p>\n<p># \u667a\u80fd\u8def\u7531\u5904\u7406 &#8211; Flask\u793a\u4f8b<br \/>\nfrom flask import Flask, request, jsonify, abort<br \/>\nimport re<br \/>\nfrom typing import Optional, Tuple<br \/>\nfrom difflib import SequenceMatcher<\/p>\n<p>class IntelligentRouter:<br \/>\n    def __init__(self, app):<br \/>\n        self.app &#061; app<br \/>\n        self.registered_routes &#061; []<br \/>\n        self.route_suggestions &#061; {}<\/p>\n<p>    def register_route(self, route_pattern, handler):<br \/>\n        &#034;&#034;&#034;\u6ce8\u518c\u8def\u7531\u5e76\u5efa\u7acb\u667a\u80fd\u7d22\u5f15&#034;&#034;&#034;<br \/>\n        self.registered_routes.append({<br \/>\n            &#039;pattern&#039;: route_pattern,<br \/>\n            &#039;handler&#039;: handler,<br \/>\n            &#039;tokens&#039;: self.tokenize_route(route_pattern),<br \/>\n            &#039;popularity&#039;: 0  # \u7528\u4e8e\u667a\u80fd\u63a8\u8350<br \/>\n        })<\/p>\n<p>    def tokenize_route(self, route):<br \/>\n        &#034;&#034;&#034;\u5c06\u8def\u7531\u5206\u89e3\u4e3a\u6807\u8bb0&#034;&#034;&#034;<br \/>\n        # \u79fb\u9664\u53c2\u6570\u90e8\u5206&#xff0c;\u5982&lt;int:id&gt;<br \/>\n        clean_route &#061; re.sub(r&#039;&lt;[^&gt;]&#043;&gt;&#039;, &#039;&#039;, route)<br \/>\n        # \u5206\u5272\u4e3a\u5355\u8bcd\u548c\u8def\u5f84\u6bb5<br \/>\n        tokens &#061; re.findall(r&#039;[a-zA-Z]&#043;|\\\\d&#043;&#039;, clean_route)<br \/>\n        return set(tokens)<\/p>\n<p>    def find_best_match(self, requested_path):<br \/>\n        &#034;&#034;&#034;\u67e5\u627e\u6700\u4f73\u5339\u914d\u8def\u7531&#034;&#034;&#034;<br \/>\n        requested_tokens &#061; self.tokenize_route(requested_path)<\/p>\n<p>        best_match &#061; None<br \/>\n        best_score &#061; 0<\/p>\n<p>        for route in self.registered_routes:<br \/>\n            # \u8ba1\u7b97\u76f8\u4f3c\u5ea6<br \/>\n            similarity &#061; self.calculate_similarity(<br \/>\n                requested_tokens,<br \/>\n                route[&#039;tokens&#039;]<br \/>\n            )<\/p>\n<p>            # \u8003\u8651\u8def\u5f84\u7ed3\u6784\u7684\u76f8\u4f3c\u6027<br \/>\n            path_similarity &#061; self.path_structure_similarity(<br \/>\n                requested_path,<br \/>\n                route[&#039;pattern&#039;]<br \/>\n            )<\/p>\n<p>            total_score &#061; (similarity * 0.6 &#043; path_similarity * 0.3 &#043;<br \/>\n                          route[&#039;popularity&#039;] * 0.1)<\/p>\n<p>            if total_score &gt; best_score:<br \/>\n                best_score &#061; total_score<br \/>\n                best_match &#061; route<\/p>\n<p>        return best_match, best_score<\/p>\n<p>    def calculate_similarity(self, tokens1, tokens2):<br \/>\n        &#034;&#034;&#034;\u8ba1\u7b97\u4e24\u4e2a\u6807\u8bb0\u96c6\u7684\u76f8\u4f3c\u5ea6&#034;&#034;&#034;<br \/>\n        if not tokens1 or not tokens2:<br \/>\n            return 0<\/p>\n<p>        intersection &#061; tokens1.intersection(tokens2)<br \/>\n        union &#061; tokens1.union(tokens2)<\/p>\n<p>        return len(intersection) \/ len(union)<\/p>\n<p>    def path_structure_similarity(self, path1, path2):<br \/>\n        &#034;&#034;&#034;\u8ba1\u7b97\u8def\u5f84\u7ed3\u6784\u76f8\u4f3c\u5ea6&#034;&#034;&#034;<br \/>\n        # \u6807\u51c6\u5316\u8def\u5f84<br \/>\n        normalized1 &#061; self.normalize_path(path1)<br \/>\n        normalized2 &#061; self.normalize_path(path2)<\/p>\n<p>        # \u4f7f\u7528\u7f16\u8f91\u8ddd\u79bb\u8ba1\u7b97\u76f8\u4f3c\u5ea6<br \/>\n        matcher &#061; SequenceMatcher(None, normalized1, normalized2)<br \/>\n        return matcher.ratio()<\/p>\n<p>    def normalize_path(self, path):<br \/>\n        &#034;&#034;&#034;\u6807\u51c6\u5316\u8def\u5f84\u4ee5\u8fdb\u884c\u6bd4\u8f83&#034;&#034;&#034;<br \/>\n        # \u79fb\u9664\u659c\u6760\u548c\u53c2\u6570<br \/>\n        clean &#061; re.sub(r&#039;&lt;[^&gt;]&#043;&gt;&#039;, &#039;*&#039;, path)<br \/>\n        clean &#061; clean.strip(&#039;\/&#039;).replace(&#039;\/&#039;, &#039;-&#039;)<br \/>\n        return clean<\/p>\n<p>    def handle_404(self, requested_path):<br \/>\n        &#034;&#034;&#034;\u667a\u80fd404\u5904\u7406&#034;&#034;&#034;<br \/>\n        best_match, score &#061; self.find_best_match(requested_path)<\/p>\n<p>        if best_match and score &gt; 0.4:  # \u9608\u503c\u53ef\u8c03\u6574<br \/>\n            # \u66f4\u65b0\u8def\u7531\u6d41\u884c\u5ea6<br \/>\n            best_match[&#039;popularity&#039;] &#043;&#061; 1<\/p>\n<p>            return jsonify({<br \/>\n                &#034;error&#034;: {<br \/>\n                    &#034;code&#034;: &#034;RESOURCE_NOT_FOUND&#034;,<br \/>\n                    &#034;message&#034;: f&#034;\u627e\u4e0d\u5230\u8bf7\u6c42\u7684\u8d44\u6e90: {requested_path}&#034;,<br \/>\n                    &#034;suggestions&#034;: {<br \/>\n                        &#034;similar_endpoint&#034;: best_match[&#039;pattern&#039;],<br \/>\n                        &#034;confidence_score&#034;: round(score, 2),<br \/>\n                        &#034;message&#034;: f&#034;\u60a8\u662f\u4e0d\u662f\u8981\u627e: {best_match[&#039;pattern&#039;]}?&#034;<br \/>\n                    }<br \/>\n                }<br \/>\n            }), 404<\/p>\n<p>        # \u6ca1\u6709\u8db3\u591f\u76f8\u4f3c\u7684\u8def\u7531<br \/>\n        return self.default_404_response(requested_path)<\/p>\n<p>    def default_404_response(self, requested_path):<br \/>\n        &#034;&#034;&#034;\u9ed8\u8ba4404\u54cd\u5e94&#034;&#034;&#034;<br \/>\n        return jsonify({<br \/>\n            &#034;error&#034;: {<br \/>\n                &#034;code&#034;: &#034;RESOURCE_NOT_FOUND&#034;,<br \/>\n                &#034;message&#034;: f&#034;\u627e\u4e0d\u5230\u8bf7\u6c42\u7684\u8d44\u6e90: {requested_path}&#034;,<br \/>\n                &#034;documentation&#034;: &#034;https:\/\/api.example.com\/docs&#034;,<br \/>\n                &#034;supported_endpoints&#034;: [<br \/>\n                    route[&#039;pattern&#039;]<br \/>\n                    for route in sorted(<br \/>\n                        self.registered_routes,<br \/>\n                        key&#061;lambda x: x[&#039;popularity&#039;],<br \/>\n                        reverse&#061;True<br \/>\n                    )[:5]  # \u8fd4\u56de\u6700\u6d41\u884c\u76845\u4e2a\u7aef\u70b9<br \/>\n                ]<br \/>\n            }<br \/>\n        }), 404<\/p>\n<p># Flask\u5e94\u7528\u96c6\u6210<br \/>\napp &#061; Flask(__name__)<br \/>\nrouter &#061; IntelligentRouter(app)<\/p>\n<p>&#064;app.route(&#039;\/api\/users\/&lt;int:user_id&gt;&#039;)<br \/>\ndef get_user(user_id):<br \/>\n    # \u68c0\u67e5\u7528\u6237\u662f\u5426\u5b58\u5728<br \/>\n    user &#061; database.get_user(user_id)<br \/>\n    if not user:<br \/>\n        return router.handle_404(f&#039;\/api\/users\/{user_id}&#039;)<br \/>\n    return jsonify(user)<\/p>\n<p>&#064;app.route(&#039;\/api\/products\/&lt;string:product_slug&gt;&#039;)<br \/>\ndef get_product(product_slug):<br \/>\n    product &#061; database.get_product_by_slug(product_slug)<br \/>\n    if not product:<br \/>\n        return router.handle_404(f&#039;\/api\/products\/{product_slug}&#039;)<br \/>\n    return jsonify(product)<\/p>\n<p># \u5168\u5c40404\u5904\u7406<br \/>\n&#064;app.errorhandler(404)<br \/>\ndef handle_global_404(e):<br \/>\n    return router.handle_404(request.path)<\/p>\n<h4>19.3.2 RESTful API\u7684404\u54cd\u5e94\u8bbe\u8ba1<\/h4>\n<p>python<\/p>\n<p># RESTful API\u8d44\u6e90\u67e5\u627e\u5668<br \/>\nclass ResourceFinder:<br \/>\n    def __init__(self, db_session):<br \/>\n        self.db &#061; db_session<br \/>\n        self.resource_models &#061; {<br \/>\n            &#039;users&#039;: User,<br \/>\n            &#039;products&#039;: Product,<br \/>\n            &#039;orders&#039;: Order,<br \/>\n            &#039;categories&#039;: Category<br \/>\n        }<\/p>\n<p>    def find_resource(self, resource_type, identifier):<br \/>\n        &#034;&#034;&#034;\u67e5\u627e\u8d44\u6e90\u5e76\u5904\u7406\u5404\u79cd\u60c5\u51b5&#034;&#034;&#034;<\/p>\n<p>        # \u9a8c\u8bc1\u8d44\u6e90\u7c7b\u578b<br \/>\n        if resource_type not in self.resource_models:<br \/>\n            raise ResourceTypeNotFound(resource_type)<\/p>\n<p>        model &#061; self.resource_models[resource_type]<\/p>\n<p>        # \u786e\u5b9a\u67e5\u627e\u5b57\u6bb5<br \/>\n        lookup_field &#061; self.determine_lookup_field(identifier)<\/p>\n<p>        # \u6267\u884c\u67e5\u627e<br \/>\n        query_filter &#061; {lookup_field: identifier}<br \/>\n        resource &#061; self.db.query(model).filter_by(**query_filter).first()<\/p>\n<p>        if not resource:<br \/>\n            # \u63d0\u4f9b\u6709\u610f\u4e49\u7684\u9519\u8bef\u6d88\u606f<br \/>\n            suggestions &#061; self.get_suggestions(resource_type, identifier)<\/p>\n<p>            raise ResourceNotFound(<br \/>\n                resource_type&#061;resource_type,<br \/>\n                identifier&#061;identifier,<br \/>\n                lookup_field&#061;lookup_field,<br \/>\n                suggestions&#061;suggestions<br \/>\n            )<\/p>\n<p>        # \u68c0\u67e5\u8d44\u6e90\u72b6\u6001<br \/>\n        if hasattr(resource, &#039;status&#039;):<br \/>\n            if resource.status &#061;&#061; &#039;deleted&#039;:<br \/>\n                raise ResourceDeleted(resource_type, identifier)<br \/>\n            elif resource.status &#061;&#061; &#039;archived&#039;:<br \/>\n                raise ResourceArchived(resource_type, identifier)<br \/>\n            elif resource.status &#061;&#061; &#039;draft&#039;:<br \/>\n                raise ResourceNotPublished(resource_type, identifier)<\/p>\n<p>        return resource<\/p>\n<p>    def determine_lookup_field(self, identifier):<br \/>\n        &#034;&#034;&#034;\u6839\u636e\u6807\u8bc6\u7b26\u786e\u5b9a\u67e5\u627e\u5b57\u6bb5&#034;&#034;&#034;<br \/>\n        # UUID\u683c\u5f0f<br \/>\n        if re.match(r&#039;^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$&#039;, identifier, re.I):<br \/>\n            return &#039;uuid&#039;<\/p>\n<p>        # \u6570\u5b57ID<br \/>\n        if identifier.isdigit():<br \/>\n            return &#039;id&#039;<\/p>\n<p>        # \u7528\u6237\u540d\u683c\u5f0f<br \/>\n        if re.match(r&#039;^[a-zA-Z0-9_]{3,20}$&#039;, identifier):<br \/>\n            return &#039;username&#039;<\/p>\n<p>        # \u7535\u5b50\u90ae\u4ef6\u683c\u5f0f<br \/>\n        if re.match(r&#039;^[^&#064;]&#043;&#064;[^&#064;]&#043;\\\\.[^&#064;]&#043;$&#039;, identifier):<br \/>\n            return &#039;email&#039;<\/p>\n<p>        # \u9ed8\u8ba4\u4f7f\u7528slug<br \/>\n        return &#039;slug&#039;<\/p>\n<p>    def get_suggestions(self, resource_type, identifier):<br \/>\n        &#034;&#034;&#034;\u83b7\u53d6\u76f8\u4f3c\u8d44\u6e90\u7684\u5efa\u8bae&#034;&#034;&#034;<br \/>\n        suggestions &#061; []<\/p>\n<p>        if resource_type &#061;&#061; &#039;users&#039;:<br \/>\n            # \u67e5\u627e\u76f8\u4f3c\u7528\u6237\u540d<br \/>\n            similar_users &#061; self.db.query(User).filter(<br \/>\n                User.username.ilike(f&#039;%{identifier}%&#039;)<br \/>\n            ).limit(5).all()<\/p>\n<p>            suggestions &#061; [user.username for user in similar_users]<\/p>\n<p>        return suggestions<\/p>\n<p># \u81ea\u5b9a\u4e49\u5f02\u5e38<br \/>\nclass ResourceNotFound(Exception):<br \/>\n    def __init__(self, resource_type, identifier, lookup_field, suggestions&#061;None):<br \/>\n        self.resource_type &#061; resource_type<br \/>\n        self.identifier &#061; identifier<br \/>\n        self.lookup_field &#061; lookup_field<br \/>\n        self.suggestions &#061; suggestions or []<br \/>\n        super().__init__(f&#034;{resource_type} not found: {identifier}&#034;)<\/p>\n<p>class ResourceDeleted(Exception):<br \/>\n    def __init__(self, resource_type, identifier):<br \/>\n        self.resource_type &#061; resource_type<br \/>\n        self.identifier &#061; identifier<br \/>\n        super().__init__(f&#034;{resource_type} deleted: {identifier}&#034;)<\/p>\n<p># \u5f02\u5e38\u5904\u7406\u5668<br \/>\n&#064;app.errorhandler(ResourceNotFound)<br \/>\ndef handle_resource_not_found(e):<br \/>\n    response &#061; {<br \/>\n        &#034;error&#034;: {<br \/>\n            &#034;code&#034;: &#034;RESOURCE_NOT_FOUND&#034;,<br \/>\n            &#034;message&#034;: f&#034;\u627e\u4e0d\u5230{e.resource_type}: {e.identifier}&#034;,<br \/>\n            &#034;details&#034;: {<br \/>\n                &#034;resource_type&#034;: e.resource_type,<br \/>\n                &#034;identifier&#034;: e.identifier,<br \/>\n                &#034;lookup_field&#034;: e.lookup_field<br \/>\n            }<br \/>\n        }<br \/>\n    }<\/p>\n<p>    if e.suggestions:<br \/>\n        response[&#034;error&#034;][&#034;suggestions&#034;] &#061; e.suggestions<\/p>\n<p>    return jsonify(response), 404<\/p>\n<p>&#064;app.errorhandler(ResourceDeleted)<br \/>\ndef handle_resource_deleted(e):<br \/>\n    return jsonify({<br \/>\n        &#034;error&#034;: {<br \/>\n            &#034;code&#034;: &#034;RESOURCE_DELETED&#034;,<br \/>\n            &#034;message&#034;: f&#034;{e.resource_type}\u5df2\u5220\u9664: {e.identifier}&#034;,<br \/>\n            &#034;details&#034;: {<br \/>\n                &#034;resource_type&#034;: e.resource_type,<br \/>\n                &#034;identifier&#034;: e.identifier<br \/>\n            }<br \/>\n        }<br \/>\n    }), 410  # \u4f7f\u7528410 Gone\u8868\u793a\u8d44\u6e90\u5df2\u5220\u9664<\/p>\n<h4>19.3.3 \u9759\u6001\u8d44\u6e90404\u5904\u7406<\/h4>\n<p>python<\/p>\n<p># \u9759\u6001\u6587\u4ef6\u670d\u52a1\u5668404\u5904\u7406<br \/>\nfrom flask import send_from_directory, request<br \/>\nimport os<br \/>\nfrom pathlib import Path<\/p>\n<p>class StaticFileServer:<br \/>\n    def __init__(self, static_folder):<br \/>\n        self.static_folder &#061; Path(static_folder)<br \/>\n        self.file_index &#061; self.build_file_index()<br \/>\n        self.access_log &#061; []<\/p>\n<p>    def build_file_index(self):<br \/>\n        &#034;&#034;&#034;\u6784\u5efa\u6587\u4ef6\u7d22\u5f15\u4ee5\u52a0\u901f\u67e5\u627e&#034;&#034;&#034;<br \/>\n        file_index &#061; {}<\/p>\n<p>        for root, dirs, files in os.walk(self.static_folder):<br \/>\n            for file in files:<br \/>\n                file_path &#061; Path(root) \/ file<br \/>\n                relative_path &#061; file_path.relative_to(self.static_folder)<\/p>\n<p>                # \u591a\u79cd\u67e5\u627e\u952e<br \/>\n                file_index[str(relative_path)] &#061; file_path<br \/>\n                file_index[str(relative_path).lower()] &#061; file_path  # \u4e0d\u533a\u5206\u5927\u5c0f\u5199<\/p>\n<p>                # \u6dfb\u52a0\u65e0\u6269\u5c55\u540d\u7248\u672c<br \/>\n                stem &#061; relative_path.stem<br \/>\n                file_index[stem] &#061; file_path<\/p>\n<p>        return file_index<\/p>\n<p>    def serve_file(self, filename):<br \/>\n        &#034;&#034;&#034;\u63d0\u4f9b\u6587\u4ef6\u670d\u52a1&#xff0c;\u5305\u542b\u667a\u80fd404&#034;&#034;&#034;<\/p>\n<p>        # \u8bb0\u5f55\u8bbf\u95ee<br \/>\n        self.log_access(filename)<\/p>\n<p>        # \u5c1d\u8bd5\u76f4\u63a5\u67e5\u627e<br \/>\n        if filename in self.file_index:<br \/>\n            return send_from_directory(<br \/>\n                self.static_folder,<br \/>\n                self.file_index[filename].name,<br \/>\n                as_attachment&#061;False<br \/>\n            )<\/p>\n<p>        # \u667a\u80fd\u67e5\u627e<br \/>\n        suggestions &#061; self.find_similar_files(filename)<\/p>\n<p>        # \u68c0\u67e5\u5e38\u89c1\u9519\u8bef<br \/>\n        corrected_path &#061; self.correct_common_errors(filename)<br \/>\n        if corrected_path and corrected_path in self.file_index:<br \/>\n            return jsonify({<br \/>\n                &#034;error&#034;: {<br \/>\n                    &#034;code&#034;: &#034;FILE_NOT_FOUND&#034;,<br \/>\n                    &#034;message&#034;: f&#034;\u6587\u4ef6\u4e0d\u5b58\u5728: {filename}&#034;,<br \/>\n                    &#034;suggestions&#034;: {<br \/>\n                        &#034;corrected_path&#034;: str(corrected_path),<br \/>\n                        &#034;message&#034;: f&#034;\u60a8\u662f\u4e0d\u662f\u8981\u627e: {corrected_path}?&#034;<br \/>\n                    }<br \/>\n                }<br \/>\n            }), 404<\/p>\n<p>        # \u751f\u6210404\u54cd\u5e94<br \/>\n        response &#061; {<br \/>\n            &#034;error&#034;: {<br \/>\n                &#034;code&#034;: &#034;FILE_NOT_FOUND&#034;,<br \/>\n                &#034;message&#034;: f&#034;\u6587\u4ef6\u4e0d\u5b58\u5728: {filename}&#034;,<br \/>\n                &#034;requested_path&#034;: request.path<br \/>\n            }<br \/>\n        }<\/p>\n<p>        if suggestions:<br \/>\n            response[&#034;error&#034;][&#034;similar_files&#034;] &#061; suggestions[:5]<\/p>\n<p>        # \u6dfb\u52a0\u76ee\u5f55\u5217\u8868&#xff08;\u5982\u679c\u662f\u76ee\u5f55&#xff09;<br \/>\n        if &#039;\/&#039; in filename:<br \/>\n            dir_path &#061; self.static_folder \/ Path(filename).parent<br \/>\n            if dir_path.exists():<br \/>\n                response[&#034;error&#034;][&#034;directory_contents&#034;] &#061; [<br \/>\n                    f.name for f in dir_path.iterdir()<br \/>\n                    if not f.name.startswith(&#039;.&#039;)<br \/>\n                ][:10]<\/p>\n<p>        return jsonify(response), 404<\/p>\n<p>    def find_similar_files(self, filename):<br \/>\n        &#034;&#034;&#034;\u67e5\u627e\u76f8\u4f3c\u6587\u4ef6&#034;&#034;&#034;<br \/>\n        from difflib import get_close_matches<\/p>\n<p>        # \u83b7\u53d6\u6240\u6709\u6587\u4ef6\u8def\u5f84<br \/>\n        all_files &#061; list(self.file_index.keys())<\/p>\n<p>        # \u67e5\u627e\u76f8\u4f3c\u8def\u5f84<br \/>\n        similar &#061; get_close_matches(filename, all_files, n&#061;5, cutoff&#061;0.6)<\/p>\n<p>        return similar<\/p>\n<p>    def correct_common_errors(self, filename):<br \/>\n        &#034;&#034;&#034;\u7ea0\u6b63\u5e38\u89c1\u6587\u4ef6\u8def\u5f84\u9519\u8bef&#034;&#034;&#034;<br \/>\n        path &#061; Path(filename)<\/p>\n<p>        # 1. \u7ea0\u6b63\u6269\u5c55\u540d\u9519\u8bef<br \/>\n        if path.suffix:<br \/>\n            # \u68c0\u67e5\u662f\u5426\u6709\u5176\u4ed6\u6269\u5c55\u540d\u7684\u76f8\u540c\u6587\u4ef6<br \/>\n            stem &#061; path.stem<br \/>\n            for ext in [&#039;.jpg&#039;, &#039;.jpeg&#039;, &#039;.png&#039;, &#039;.gif&#039;, &#039;.webp&#039;]:<br \/>\n                possible_file &#061; stem &#043; ext<br \/>\n                if possible_file in self.file_index:<br \/>\n                    return possible_file<\/p>\n<p>        # 2. \u7ea0\u6b63\u5927\u5c0f\u5199\u9519\u8bef<br \/>\n        lower_path &#061; str(path).lower()<br \/>\n        if lower_path in self.file_index:<br \/>\n            return lower_path<\/p>\n<p>        # 3. \u7ea0\u6b63\u76ee\u5f55\u5206\u9694\u7b26\u9519\u8bef<br \/>\n        if &#039;\\\\\\\\&#039; in str(path):<br \/>\n            corrected &#061; str(path).replace(&#039;\\\\\\\\&#039;, &#039;\/&#039;)<br \/>\n            if corrected in self.file_index:<br \/>\n                return corrected<\/p>\n<p>        return None<\/p>\n<p>    def log_access(self, filename):<br \/>\n        &#034;&#034;&#034;\u8bb0\u5f55\u6587\u4ef6\u8bbf\u95ee&#xff0c;\u7528\u4e8e\u5206\u6790404\u6a21\u5f0f&#034;&#034;&#034;<br \/>\n        log_entry &#061; {<br \/>\n            &#034;timestamp&#034;: datetime.utcnow().isoformat(),<br \/>\n            &#034;filename&#034;: filename,<br \/>\n            &#034;referer&#034;: request.headers.get(&#034;Referer&#034;),<br \/>\n            &#034;user_agent&#034;: request.headers.get(&#034;User-Agent&#034;),<br \/>\n            &#034;status&#034;: &#034;found&#034; if filename in self.file_index else &#034;not_found&#034;<br \/>\n        }<\/p>\n<p>        self.access_log.append(log_entry)<\/p>\n<p>        # \u5b9a\u671f\u5206\u6790\u65e5\u5fd7<br \/>\n        if len(self.access_log) % 100 &#061;&#061; 0:<br \/>\n            self.analyze_404_patterns()<\/p>\n<p>    def analyze_404_patterns(self):<br \/>\n        &#034;&#034;&#034;\u5206\u6790404\u6a21\u5f0f\u4ee5\u8bc6\u522b\u5e38\u89c1\u95ee\u9898&#034;&#034;&#034;<br \/>\n        not_found_logs &#061; [log for log in self.access_log if log[&#034;status&#034;] &#061;&#061; &#034;not_found&#034;]<\/p>\n<p>        if not not_found_logs:<br \/>\n            return<\/p>\n<p>        # \u627e\u51fa\u6700\u5e38\u89c1\u7684404\u6587\u4ef6<br \/>\n        from collections import Counter<br \/>\n        file_counter &#061; Counter(log[&#034;filename&#034;] for log in not_found_logs)<br \/>\n        common_404s &#061; file_counter.most_common(10)<\/p>\n<p>        # \u627e\u51fa\u5f15\u7528\u6765\u6e90<br \/>\n        referer_counter &#061; Counter(log[&#034;referer&#034;] for log in not_found_logs if log[&#034;referer&#034;])<br \/>\n        common_referers &#061; referer_counter.most_common(5)<\/p>\n<p>        # \u751f\u6210\u62a5\u544a<br \/>\n        report &#061; {<br \/>\n            &#034;total_404s&#034;: len(not_found_logs),<br \/>\n            &#034;common_404s&#034;: common_404s,<br \/>\n            &#034;common_referers&#034;: common_referers,<br \/>\n            &#034;timestamp&#034;: datetime.utcnow().isoformat()<br \/>\n        }<\/p>\n<p>        # \u8bb0\u5f55\u5230\u65e5\u5fd7\u6587\u4ef6<br \/>\n        with open(&#034;static_404_analysis.log&#034;, &#034;a&#034;) as f:<br \/>\n            f.write(json.dumps(report) &#043; &#034;\\\\n&#034;)<\/p>\n<p>        # \u53d1\u9001\u8b66\u62a5&#xff08;\u5982\u679c404\u8fc7\u591a&#xff09;<br \/>\n        if len(not_found_logs) &gt; 1000:<br \/>\n            self.send_404_alert(report)<\/p>\n<p># Flask\u8def\u7531<br \/>\n&#064;app.route(&#039;\/static\/&lt;path:filename&gt;&#039;)<br \/>\ndef serve_static(filename):<br \/>\n    static_server &#061; current_app.config[&#039;STATIC_SERVER&#039;]<br \/>\n    return static_server.serve_file(filename)<\/p>\n<h3>19.4 \u5ba2\u6237\u7aef\u5904\u7406\u7b56\u7565<\/h3>\n<h4>19.4.1 \u667a\u80fd\u91cd\u8bd5\u4e0e\u964d\u7ea7<\/h4>\n<p>javascript<\/p>\n<p>\/\/ \u5ba2\u6237\u7aef404\u5904\u7406\u7b56\u7565<br \/>\nclass NotFoundHandler {<br \/>\n  constructor(options &#061; {}) {<br \/>\n    this.options &#061; {<br \/>\n      maxRetries: 2,<br \/>\n      retryDelay: 1000,<br \/>\n      enableFallback: true,<br \/>\n      &#8230;options<br \/>\n    };<\/p>\n<p>    this.failedUrls &#061; new Map();<br \/>\n    this.resourceCache &#061; new Map();<br \/>\n    this.alternativeEndpoints &#061; new Map();<br \/>\n  }<\/p>\n<p>  async fetchWithFallback(url, options &#061; {}) {<br \/>\n    let lastError;<\/p>\n<p>    for (let attempt &#061; 0; attempt &lt;&#061; this.options.maxRetries; attempt&#043;&#043;) {<br \/>\n      try {<br \/>\n        \/\/ \u68c0\u67e5\u7f13\u5b58<br \/>\n        const cached &#061; this.checkCache(url);<br \/>\n        if (cached) {<br \/>\n          return cached;<br \/>\n        }<\/p>\n<p>        const response &#061; await fetch(url, options);<\/p>\n<p>        if (response.ok) {<br \/>\n          \/\/ \u7f13\u5b58\u6210\u529f\u54cd\u5e94<br \/>\n          const data &#061; await response.json();<br \/>\n          this.cacheResource(url, data);<br \/>\n          return data;<br \/>\n        }<\/p>\n<p>        \/\/ \u5904\u7406404<br \/>\n        if (response.status &#061;&#061;&#061; 404) {<br \/>\n          const errorData &#061; await response.json().catch(() &#061;&gt; ({}));<\/p>\n<p>          \/\/ \u8bb0\u5f55\u5931\u8d25\u7684URL<br \/>\n          this.recordFailedUrl(url, errorData);<\/p>\n<p>          \/\/ \u68c0\u67e5\u662f\u5426\u6709\u66ff\u4ee3\u7aef\u70b9<br \/>\n          const alternative &#061; this.findAlternative(url, errorData);<br \/>\n          if (alternative &amp;&amp; this.options.enableFallback) {<br \/>\n            console.log(&#096;\u5c1d\u8bd5\u66ff\u4ee3\u7aef\u70b9: ${alternative}&#096;);<br \/>\n            return await this.fetchWithFallback(alternative, options);<br \/>\n          }<\/p>\n<p>          \/\/ \u4f7f\u7528\u964d\u7ea7\u5185\u5bb9<br \/>\n          const fallback &#061; this.getFallback(url);<br \/>\n          if (fallback) {<br \/>\n            console.log(&#096;\u4f7f\u7528\u964d\u7ea7\u5185\u5bb9&#096;);<br \/>\n            return fallback;<br \/>\n          }<\/p>\n<p>          throw new NotFoundError(url, errorData);<br \/>\n        }<\/p>\n<p>        \/\/ \u5176\u4ed6\u9519\u8bef<br \/>\n        throw new Error(&#096;HTTP ${response.status}&#096;);<\/p>\n<p>      } catch (error) {<br \/>\n        lastError &#061; error;<\/p>\n<p>        if (attempt &lt; this.options.maxRetries) {<br \/>\n          \/\/ \u6307\u6570\u9000\u907f<br \/>\n          const delay &#061; this.options.retryDelay * Math.pow(2, attempt);<br \/>\n          await this.delay(delay);<br \/>\n        }<br \/>\n      }<br \/>\n    }<\/p>\n<p>    throw lastError;<br \/>\n  }<\/p>\n<p>  checkCache(url) {<br \/>\n    const entry &#061; this.resourceCache.get(url);<br \/>\n    if (entry &amp;&amp; entry.expiry &gt; Date.now()) {<br \/>\n      return entry.data;<br \/>\n    }<br \/>\n    return null;<br \/>\n  }<\/p>\n<p>  cacheResource(url, data) {<br \/>\n    this.resourceCache.set(url, {<br \/>\n      data,<br \/>\n      expiry: Date.now() &#043; (5 * 60 * 1000) \/\/ 5\u5206\u949f\u7f13\u5b58<br \/>\n    });<br \/>\n  }<\/p>\n<p>  recordFailedUrl(url, errorData) {<br \/>\n    const failures &#061; this.failedUrls.get(url) || [];<br \/>\n    failures.push({<br \/>\n      timestamp: Date.now(),<br \/>\n      error: errorData<br \/>\n    });<\/p>\n<p>    this.failedUrls.set(url, failures.slice(-10)); \/\/ \u4fdd\u7559\u6700\u8fd110\u6b21<\/p>\n<p>    \/\/ \u5982\u679c\u9891\u7e41404&#xff0c;\u53ef\u80fd\u7aef\u70b9\u5df2\u53d8\u66f4<br \/>\n    if (failures.length &gt; 5) {<br \/>\n      this.analyzePattern(url, failures);<br \/>\n    }<br \/>\n  }<\/p>\n<p>  findAlternative(url, errorData) {<br \/>\n    \/\/ 1. \u68c0\u67e5\u9519\u8bef\u54cd\u5e94\u4e2d\u7684\u5efa\u8bae<br \/>\n    if (errorData.error?.suggestions?.similar_endpoint) {<br \/>\n      return errorData.error.suggestions.similar_endpoint;<br \/>\n    }<\/p>\n<p>    \/\/ 2. \u68c0\u67e5\u9884\u914d\u7f6e\u7684\u66ff\u4ee3\u7aef\u70b9<br \/>\n    for (const [pattern, replacement] of this.alternativeEndpoints) {<br \/>\n      if (url.match(pattern)) {<br \/>\n        return url.replace(pattern, replacement);<br \/>\n      }<br \/>\n    }<\/p>\n<p>    \/\/ 3. \u667a\u80fd\u66ff\u4ee3<br \/>\n    return this.generateAlternative(url);<br \/>\n  }<\/p>\n<p>  generateAlternative(url) {<br \/>\n    const urlObj &#061; new URL(url, window.location.origin);<br \/>\n    const path &#061; urlObj.pathname;<\/p>\n<p>    \/\/ \u5e38\u89c1\u7684\u7aef\u70b9\u53d8\u66f4\u6a21\u5f0f<br \/>\n    const patterns &#061; [<br \/>\n      \/\/ API\u7248\u672c\u5347\u7ea7<br \/>\n      { pattern: \/\\\\\/v1\\\\\/\/, replacement: &#039;\/v2\/&#039; },<br \/>\n      { pattern: \/\\\\\/api\\\\\/old\\\\\/\/, replacement: &#039;\/api\/new\/&#039; },<\/p>\n<p>      \/\/ \u590d\u6570\/\u5355\u6570\u4fee\u6b63<br \/>\n      { pattern: \/\\\\\/user\\\\\/\/, replacement: &#039;\/users\/&#039; },<br \/>\n      { pattern: \/\\\\\/users\\\\\/(\\\\d&#043;)\\\\\/detail\/, replacement: &#039;\/users\/$1&#039; },<\/p>\n<p>      \/\/ \u53c2\u6570\u683c\u5f0f\u4fee\u6b63<br \/>\n      { pattern: \/\\\\\/products\\\\\/([^\\\\\/]&#043;)$\/, replacement: &#039;\/products?slug&#061;$1&#039; }<br \/>\n    ];<\/p>\n<p>    for (const { pattern, replacement } of patterns) {<br \/>\n      if (pattern.test(path)) {<br \/>\n        const newPath &#061; path.replace(pattern, replacement);<br \/>\n        urlObj.pathname &#061; newPath;<br \/>\n        return urlObj.toString();<br \/>\n      }<br \/>\n    }<\/p>\n<p>    return null;<br \/>\n  }<\/p>\n<p>  getFallback(url) {<br \/>\n    \/\/ \u8fd4\u56de\u964d\u7ea7\u5185\u5bb9<br \/>\n    const fallbacks &#061; {<br \/>\n      &#039;\/api\/user\/profile&#039;: {<br \/>\n        username: &#039;guest&#039;,<br \/>\n        avatar: &#039;\/default-avatar.png&#039;,<br \/>\n        isFallback: true<br \/>\n      },<br \/>\n      &#039;\/api\/products\/featured&#039;: {<br \/>\n        products: [],<br \/>\n        message: &#039;\u65e0\u6cd5\u52a0\u8f7d\u63a8\u8350\u4ea7\u54c1&#039;,<br \/>\n        isFallback: true<br \/>\n      }<br \/>\n    };<\/p>\n<p>    const urlObj &#061; new URL(url, window.location.origin);<br \/>\n    return fallbacks[urlObj.pathname] || null;<br \/>\n  }<\/p>\n<p>  analyzePattern(url, failures) {<br \/>\n    \/\/ \u5206\u6790404\u6a21\u5f0f&#xff0c;\u53d1\u73b0\u53ef\u80fd\u7684\u7aef\u70b9\u53d8\u66f4<br \/>\n    const recentFailures &#061; failures.slice(-5);<br \/>\n    const similarFailures &#061; this.findSimilarFailures(url);<\/p>\n<p>    if (similarFailures.length &gt; 3) {<br \/>\n      console.warn(&#096;\u68c0\u6d4b\u5230\u53ef\u80fd\u5df2\u53d8\u66f4\u7684\u7aef\u70b9: ${url}&#096;);<br \/>\n      console.warn(&#096;\u7c7b\u4f3c\u5931\u8d25: ${similarFailures.join(&#039;, &#039;)}&#096;);<\/p>\n<p>      \/\/ \u53ef\u4ee5\u53d1\u9001\u5206\u6790\u62a5\u544a\u5230\u670d\u52a1\u5668<br \/>\n      this.reportEndpointIssues(url, similarFailures);<br \/>\n    }<br \/>\n  }<\/p>\n<p>  findSimilarFailures(url) {<br \/>\n    const similar &#061; [];<br \/>\n    const urlParts &#061; url.split(&#039;\/&#039;);<\/p>\n<p>    for (const [failedUrl] of this.failedUrls) {<br \/>\n      if (failedUrl &#061;&#061;&#061; url) continue;<\/p>\n<p>      const failedParts &#061; failedUrl.split(&#039;\/&#039;);<br \/>\n      const commonParts &#061; urlParts.filter(part &#061;&gt;<br \/>\n        failedParts.includes(part) &amp;&amp; part.length &gt; 2<br \/>\n      );<\/p>\n<p>      if (commonParts.length &gt;&#061; 2) {<br \/>\n        similar.push(failedUrl);<br \/>\n      }<br \/>\n    }<\/p>\n<p>    return similar;<br \/>\n  }<\/p>\n<p>  delay(ms) {<br \/>\n    return new Promise(resolve &#061;&gt; setTimeout(resolve, ms));<br \/>\n  }<br \/>\n}<\/p>\n<p>class NotFoundError extends Error {<br \/>\n  constructor(url, errorData) {<br \/>\n    super(&#096;Resource not found: ${url}&#096;);<br \/>\n    this.name &#061; &#039;NotFoundError&#039;;<br \/>\n    this.url &#061; url;<br \/>\n    this.errorData &#061; errorData;<br \/>\n  }<br \/>\n}<\/p>\n<p>\/\/ \u4f7f\u7528\u793a\u4f8b<br \/>\nconst handler &#061; new NotFoundHandler({<br \/>\n  maxRetries: 1,<br \/>\n  enableFallback: true<br \/>\n});<\/p>\n<p>\/\/ \u914d\u7f6e\u5df2\u77e5\u7684\u66ff\u4ee3\u7aef\u70b9<br \/>\nhandler.alternativeEndpoints.set(<br \/>\n  \/\\\\\/api\\\\\/legacy\\\\\/\/,<br \/>\n  &#039;\/api\/v2\/&#039;<br \/>\n);<\/p>\n<p>\/\/ \u5728\u5e94\u7528\u4e2d\u4f7f\u7528<br \/>\nasync function fetchUserProfile(userId) {<br \/>\n  try {<br \/>\n    const data &#061; await handler.fetchWithFallback(<br \/>\n      &#096;\/api\/users\/${userId}\/profile&#096;<br \/>\n    );<\/p>\n<p>    if (data.isFallback) {<br \/>\n      \/\/ \u663e\u793a\u964d\u7ea7UI<br \/>\n      displayFallbackProfile(data);<br \/>\n    } else {<br \/>\n      displayUserProfile(data);<br \/>\n    }<\/p>\n<p>  } catch (error) {<br \/>\n    if (error.name &#061;&#061;&#061; &#039;NotFoundError&#039;) {<br \/>\n      showNotFoundUI(error.url, error.errorData);<br \/>\n    } else {<br \/>\n      showErrorUI(error.message);<br \/>\n    }<br \/>\n  }<br \/>\n}<\/p>\n<h4>19.4.2 \u7528\u6237\u53cb\u597d\u7684404\u754c\u9762<\/h4>\n<p>jsx<\/p>\n<p>\/\/ React\u7ec4\u4ef6&#xff1a;\u667a\u80fd404\u9875\u9762<br \/>\nimport React, { useState, useEffect } from &#039;react&#039;;<br \/>\nimport { useLocation, useNavigate, Link } from &#039;react-router-dom&#039;;<br \/>\nimport { Search, Home, ArrowLeft, AlertTriangle, ExternalLink } from &#039;lucide-react&#039;;<\/p>\n<p>function SmartNotFoundPage() {<br \/>\n  const location &#061; useLocation();<br \/>\n  const navigate &#061; useNavigate();<br \/>\n  const [suggestions, setSuggestions] &#061; useState([]);<br \/>\n  const [searchQuery, setSearchQuery] &#061; useState(&#039;&#039;);<br \/>\n  const [isAnalyzing, setIsAnalyzing] &#061; useState(true);<\/p>\n<p>  const missingPath &#061; location.pathname;<\/p>\n<p>  useEffect(() &#061;&gt; {<br \/>\n    analyzePath(missingPath);<br \/>\n  }, [missingPath]);<\/p>\n<p>  const analyzePath &#061; async (path) &#061;&gt; {<br \/>\n    setIsAnalyzing(true);<\/p>\n<p>    try {<br \/>\n      \/\/ 1. \u5c1d\u8bd5\u4ece\u9519\u8bef\u8fb9\u754c\u83b7\u53d6\u4fe1\u606f<br \/>\n      const errorInfo &#061; sessionStorage.getItem(&#039;last_404_error&#039;);<br \/>\n      if (errorInfo) {<br \/>\n        const parsed &#061; JSON.parse(errorInfo);<br \/>\n        setSuggestions(parsed.suggestions || []);<br \/>\n        sessionStorage.removeItem(&#039;last_404_error&#039;);<br \/>\n        return;<br \/>\n      }<\/p>\n<p>      \/\/ 2. \u5411\u670d\u52a1\u5668\u8bf7\u6c42\u5efa\u8bae<br \/>\n      const response &#061; await fetch(&#096;\/api\/suggestions?path&#061;${encodeURIComponent(path)}&#096;);<br \/>\n      if (response.ok) {<br \/>\n        const data &#061; await response.json();<br \/>\n        setSuggestions(data.suggestions || []);<br \/>\n      } else {<br \/>\n        \/\/ 3. \u672c\u5730\u5206\u6790<br \/>\n        const localSuggestions &#061; generateLocalSuggestions(path);<br \/>\n        setSuggestions(localSuggestions);<br \/>\n      }<br \/>\n    } catch (error) {<br \/>\n      console.error(&#039;\u5206\u6790\u8def\u5f84\u5931\u8d25:&#039;, error);<br \/>\n      setSuggestions(generateLocalSuggestions(path));<br \/>\n    } finally {<br \/>\n      setIsAnalyzing(false);<br \/>\n    }<br \/>\n  };<\/p>\n<p>  const generateLocalSuggestions &#061; (path) &#061;&gt; {<br \/>\n    const suggestions &#061; [];<\/p>\n<p>    \/\/ \u5206\u6790\u8def\u5f84\u7ed3\u6784<br \/>\n    const pathParts &#061; path.split(&#039;\/&#039;).filter(part &#061;&gt; part.length &gt; 0);<\/p>\n<p>    \/\/ \u5e38\u89c1\u8def\u5f84\u4fee\u6b63<br \/>\n    if (pathParts.length &gt; 0) {<br \/>\n      const lastPart &#061; pathParts[pathParts.length &#8211; 1];<\/p>\n<p>      \/\/ \u68c0\u67e5\u662f\u5426\u662f\u590d\u6570\/\u5355\u6570\u95ee\u9898<br \/>\n      const singularMap &#061; {<br \/>\n        &#039;users&#039;: &#039;user&#039;,<br \/>\n        &#039;products&#039;: &#039;product&#039;,<br \/>\n        &#039;categories&#039;: &#039;category&#039;<br \/>\n      };<\/p>\n<p>      const pluralMap &#061; Object.entries(singularMap).reduce((acc, [k, v]) &#061;&gt; {<br \/>\n        acc[v] &#061; k;<br \/>\n        return acc;<br \/>\n      }, {});<\/p>\n<p>      if (singularMap[lastPart]) {<br \/>\n        suggestions.push({<br \/>\n          type: &#039;singular_plural&#039;,<br \/>\n          path: &#096;\/${pathParts.slice(0, -1).join(&#039;\/&#039;)}\/${singularMap[lastPart]}&#096;,<br \/>\n          confidence: &#039;high&#039;,<br \/>\n          description: &#096;\u5c1d\u8bd5\u4f7f\u7528\u5355\u6570\u5f62\u5f0f: ${singularMap[lastPart]}&#096;<br \/>\n        });<br \/>\n      } else if (pluralMap[lastPart]) {<br \/>\n        suggestions.push({<br \/>\n          type: &#039;singular_plural&#039;,<br \/>\n          path: &#096;\/${pathParts.slice(0, -1).join(&#039;\/&#039;)}\/${pluralMap[lastPart]}&#096;,<br \/>\n          confidence: &#039;high&#039;,<br \/>\n          description: &#096;\u5c1d\u8bd5\u4f7f\u7528\u590d\u6570\u5f62\u5f0f: ${pluralMap[lastPart]}&#096;<br \/>\n        });<br \/>\n      }<\/p>\n<p>      \/\/ \u68c0\u67e5ID\u683c\u5f0f<br \/>\n      if (\/^\\\\d&#043;$\/.test(lastPart)) {<br \/>\n        suggestions.push({<br \/>\n          type: &#039;resource_by_id&#039;,<br \/>\n          path: &#096;\/api\/${pathParts[0]}\/${lastPart}&#096;,<br \/>\n          confidence: &#039;medium&#039;,<br \/>\n          description: &#096;\u5c1d\u8bd5API\u7aef\u70b9: \/api\/${pathParts[0]}\/${lastPart}&#096;<br \/>\n        });<br \/>\n      }<br \/>\n    }<\/p>\n<p>    \/\/ \u70ed\u95e8\u9875\u9762<br \/>\n    suggestions.push({<br \/>\n      type: &#039;popular&#039;,<br \/>\n      path: &#039;\/&#039;,<br \/>\n      confidence: &#039;high&#039;,<br \/>\n      description: &#039;\u8fd4\u56de\u4e3b\u9875&#039;<br \/>\n    });<\/p>\n<p>    if (pathParts.includes(&#039;product&#039;) || pathParts.includes(&#039;shop&#039;)) {<br \/>\n      suggestions.push({<br \/>\n        type: &#039;popular&#039;,<br \/>\n        path: &#039;\/products&#039;,<br \/>\n        confidence: &#039;medium&#039;,<br \/>\n        description: &#039;\u6d4f\u89c8\u6240\u6709\u4ea7\u54c1&#039;<br \/>\n      });<br \/>\n    }<\/p>\n<p>    return suggestions.slice(0, 5); \/\/ \u9650\u5236\u6570\u91cf<br \/>\n  };<\/p>\n<p>  const handleSearch &#061; (e) &#061;&gt; {<br \/>\n    e.preventDefault();<br \/>\n    if (searchQuery.trim()) {<br \/>\n      navigate(&#096;\/search?q&#061;${encodeURIComponent(searchQuery)}&#096;);<br \/>\n    }<br \/>\n  };<\/p>\n<p>  const handleSuggestionClick &#061; (suggestion) &#061;&gt; {<br \/>\n    \/\/ \u8bb0\u5f55\u7528\u6237\u9009\u62e9&#xff0c;\u7528\u4e8e\u6539\u8fdb\u5efa\u8bae\u7b97\u6cd5<br \/>\n    fetch(&#039;\/api\/404-feedback&#039;, {<br \/>\n      method: &#039;POST&#039;,<br \/>\n      headers: { &#039;Content-Type&#039;: &#039;application\/json&#039; },<br \/>\n      body: JSON.stringify({<br \/>\n        original_path: missingPath,<br \/>\n        selected_suggestion: suggestion,<br \/>\n        timestamp: new Date().toISOString()<br \/>\n      })<br \/>\n    });<\/p>\n<p>    navigate(suggestion.path);<br \/>\n  };<\/p>\n<p>  const reportBrokenLink &#061; async () &#061;&gt; {<br \/>\n    try {<br \/>\n      await fetch(&#039;\/api\/report-broken-link&#039;, {<br \/>\n        method: &#039;POST&#039;,<br \/>\n        headers: { &#039;Content-Type&#039;: &#039;application\/json&#039; },<br \/>\n        body: JSON.stringify({<br \/>\n          url: missingPath,<br \/>\n          referrer: document.referrer,<br \/>\n          user_agent: navigator.userAgent,<br \/>\n          timestamp: new Date().toISOString()<br \/>\n        })<br \/>\n      });<\/p>\n<p>      alert(&#039;\u611f\u8c22\u60a8\u7684\u53cd\u9988&#xff01;\u6211\u4eec\u5df2\u7ecf\u8bb0\u5f55\u4e86\u8fd9\u4e2a\u95ee\u9898\u3002&#039;);<br \/>\n    } catch (error) {<br \/>\n      console.error(&#039;\u62a5\u544a\u5931\u8d25:&#039;, error);<br \/>\n      alert(&#039;\u62a5\u544a\u5931\u8d25&#xff0c;\u8bf7\u7a0d\u540e\u518d\u8bd5\u3002&#039;);<br \/>\n    }<br \/>\n  };<\/p>\n<p>  return (<br \/>\n    &lt;div className&#061;&#034;not-found-container&#034;&gt;<br \/>\n      &lt;div className&#061;&#034;not-found-header&#034;&gt;<br \/>\n        &lt;AlertTriangle size&#061;{64} className&#061;&#034;not-found-icon&#034; \/&gt;<br \/>\n        &lt;h1&gt;\u9875\u9762\u672a\u627e\u5230&lt;\/h1&gt;<br \/>\n        &lt;p className&#061;&#034;missing-path&#034;&gt;<br \/>\n          &lt;code&gt;{missingPath}&lt;\/code&gt;<br \/>\n        &lt;\/p&gt;<br \/>\n        &lt;p className&#061;&#034;error-message&#034;&gt;<br \/>\n          \u62b1\u6b49&#xff0c;\u60a8\u8bf7\u6c42\u7684\u9875\u9762\u4e0d\u5b58\u5728\u6216\u5df2\u88ab\u79fb\u52a8\u3002<br \/>\n        &lt;\/p&gt;<br \/>\n      &lt;\/div&gt;<\/p>\n<p>      &lt;div className&#061;&#034;not-found-content&#034;&gt;<br \/>\n        {\/* \u641c\u7d22\u6846 *\/}<br \/>\n        &lt;div className&#061;&#034;search-section&#034;&gt;<br \/>\n          &lt;form onSubmit&#061;{handleSearch} className&#061;&#034;search-form&#034;&gt;<br \/>\n            &lt;div className&#061;&#034;search-input-wrapper&#034;&gt;<br \/>\n              &lt;Search size&#061;{20} className&#061;&#034;search-icon&#034; \/&gt;<br \/>\n              &lt;input<br \/>\n                type&#061;&#034;text&#034;<br \/>\n                value&#061;{searchQuery}<br \/>\n                onChange&#061;{(e) &#061;&gt; setSearchQuery(e.target.value)}<br \/>\n                placeholder&#061;&#034;\u641c\u7d22\u60a8\u8981\u627e\u7684\u5185\u5bb9&#8230;&#034;<br \/>\n                className&#061;&#034;search-input&#034;<br \/>\n              \/&gt;<br \/>\n            &lt;\/div&gt;<br \/>\n            &lt;button type&#061;&#034;submit&#034; className&#061;&#034;search-button&#034;&gt;<br \/>\n              \u641c\u7d22<br \/>\n            &lt;\/button&gt;<br \/>\n          &lt;\/form&gt;<br \/>\n        &lt;\/div&gt;<\/p>\n<p>        {\/* \u5efa\u8bae\u533a\u57df *\/}<br \/>\n        &lt;div className&#061;&#034;suggestions-section&#034;&gt;<br \/>\n          &lt;h3&gt;\u60a8\u53ef\u4ee5\u5c1d\u8bd5\u4ee5\u4e0b\u64cd\u4f5c&#xff1a;&lt;\/h3&gt;<\/p>\n<p>          {isAnalyzing ? (<br \/>\n            &lt;div className&#061;&#034;loading-suggestions&#034;&gt;<br \/>\n              &lt;div className&#061;&#034;spinner&#034;&gt;&lt;\/div&gt;<br \/>\n              &lt;p&gt;\u6b63\u5728\u5bfb\u627e\u53ef\u80fd\u7684\u89e3\u51b3\u65b9\u6848&#8230;&lt;\/p&gt;<br \/>\n            &lt;\/div&gt;<br \/>\n          ) : suggestions.length &gt; 0 ? (<br \/>\n            &lt;div className&#061;&#034;suggestions-list&#034;&gt;<br \/>\n              {suggestions.map((suggestion, index) &#061;&gt; (<br \/>\n                &lt;div<br \/>\n                  key&#061;{index}<br \/>\n                  className&#061;{&#096;suggestion-item confidence-${suggestion.confidence}&#096;}<br \/>\n                  onClick&#061;{() &#061;&gt; handleSuggestionClick(suggestion)}<br \/>\n                &gt;<br \/>\n                  &lt;div className&#061;&#034;suggestion-content&#034;&gt;<br \/>\n                    &lt;span className&#061;&#034;suggestion-path&#034;&gt;<br \/>\n                      {suggestion.path}<br \/>\n                    &lt;\/span&gt;<br \/>\n                    &lt;span className&#061;&#034;suggestion-description&#034;&gt;<br \/>\n                      {suggestion.description}<br \/>\n                    &lt;\/span&gt;<br \/>\n                  &lt;\/div&gt;<br \/>\n                  &lt;ArrowLeft size&#061;{20} className&#061;&#034;suggestion-arrow&#034; \/&gt;<br \/>\n                &lt;\/div&gt;<br \/>\n              ))}<br \/>\n            &lt;\/div&gt;<br \/>\n          ) : (<br \/>\n            &lt;div className&#061;&#034;no-suggestions&#034;&gt;<br \/>\n              &lt;p&gt;\u6ca1\u6709\u627e\u5230\u76f8\u5173\u5efa\u8bae\u3002&lt;\/p&gt;<br \/>\n            &lt;\/div&gt;<br \/>\n          )}<br \/>\n        &lt;\/div&gt;<\/p>\n<p>        {\/* \u5feb\u901f\u5bfc\u822a *\/}<br \/>\n        &lt;div className&#061;&#034;quick-actions&#034;&gt;<br \/>\n          &lt;button<br \/>\n            onClick&#061;{() &#061;&gt; navigate(-1)}<br \/>\n            className&#061;&#034;action-button secondary&#034;<br \/>\n          &gt;<br \/>\n            &lt;ArrowLeft size&#061;{16} \/&gt;<br \/>\n            \u8fd4\u56de\u4e0a\u4e00\u9875<br \/>\n          &lt;\/button&gt;<\/p>\n<p>          &lt;Link to&#061;&#034;\/&#034; className&#061;&#034;action-button primary&#034;&gt;<br \/>\n            &lt;Home size&#061;{16} \/&gt;<br \/>\n            \u8fd4\u56de\u9996\u9875<br \/>\n          &lt;\/Link&gt;<\/p>\n<p>          &lt;button<br \/>\n            onClick&#061;{reportBrokenLink}<br \/>\n            className&#061;&#034;action-button tertiary&#034;<br \/>\n          &gt;<br \/>\n            &lt;ExternalLink size&#061;{16} \/&gt;<br \/>\n            \u62a5\u544a\u5931\u6548\u94fe\u63a5<br \/>\n          &lt;\/button&gt;<br \/>\n        &lt;\/div&gt;<\/p>\n<p>        {\/* \u8be6\u7ec6\u8bca\u65ad *\/}<br \/>\n        &lt;div className&#061;&#034;diagnostic-info&#034;&gt;<br \/>\n          &lt;details&gt;<br \/>\n            &lt;summary&gt;\u6280\u672f\u8be6\u60c5&lt;\/summary&gt;<br \/>\n            &lt;div className&#061;&#034;diagnostic-content&#034;&gt;<br \/>\n              &lt;h4&gt;\u8def\u5f84\u5206\u6790&lt;\/h4&gt;<br \/>\n              &lt;pre&gt;{JSON.stringify({<br \/>\n                requested_path: missingPath,<br \/>\n                path_parts: missingPath.split(&#039;\/&#039;).filter(p &#061;&gt; p),<br \/>\n                timestamp: new Date().toISOString(),<br \/>\n                referrer: document.referrer,<br \/>\n                user_agent: navigator.userAgent.substring(0, 100)<br \/>\n              }, null, 2)}&lt;\/pre&gt;<\/p>\n<p>              &lt;h4&gt;\u5e38\u89c1\u95ee\u9898\u6392\u67e5&lt;\/h4&gt;<br \/>\n              &lt;ul className&#061;&#034;troubleshooting-list&#034;&gt;<br \/>\n                &lt;li&gt;\u68c0\u67e5URL\u662f\u5426\u62fc\u5199\u6b63\u786e&lt;\/li&gt;<br \/>\n                &lt;li&gt;\u786e\u8ba4\u9875\u9762\u662f\u5426\u5df2\u88ab\u79fb\u52a8\u6216\u5220\u9664&lt;\/li&gt;<br \/>\n                &lt;li&gt;\u5c1d\u8bd5\u4f7f\u7528\u641c\u7d22\u529f\u80fd\u67e5\u627e\u76f8\u5173\u5185\u5bb9&lt;\/li&gt;<br \/>\n                &lt;li&gt;\u5982\u679c\u662f\u4ece\u5176\u4ed6\u7f51\u7ad9\u94fe\u63a5\u8fc7\u6765&#xff0c;\u8bf7\u901a\u77e5\u8be5\u7f51\u7ad9\u66f4\u65b0\u94fe\u63a5&lt;\/li&gt;<br \/>\n              &lt;\/ul&gt;<br \/>\n            &lt;\/div&gt;<br \/>\n          &lt;\/details&gt;<br \/>\n        &lt;\/div&gt;<br \/>\n      &lt;\/div&gt;<\/p>\n<p>      {\/* \u53cd\u9988\u6536\u96c6 *\/}<br \/>\n      &lt;div className&#061;&#034;feedback-section&#034;&gt;<br \/>\n        &lt;h4&gt;\u5e2e\u52a9\u6211\u4eec\u6539\u8fdb&lt;\/h4&gt;<br \/>\n        &lt;p&gt;\u8fd9\u4e2a\u9875\u9762\u662f\u5426\u5e2e\u60a8\u627e\u5230\u4e86\u9700\u8981\u7684\u5185\u5bb9&#xff1f;&lt;\/p&gt;<br \/>\n        &lt;div className&#061;&#034;feedback-buttons&#034;&gt;<br \/>\n          &lt;button<br \/>\n            onClick&#061;{() &#061;&gt; {<br \/>\n              fetch(&#039;\/api\/404-feedback?helpful&#061;true&#039;, { method: &#039;POST&#039; });<br \/>\n              alert(&#039;\u611f\u8c22\u60a8\u7684\u53cd\u9988&#xff01;&#039;);<br \/>\n            }}<br \/>\n            className&#061;&#034;feedback-button positive&#034;<br \/>\n          &gt;<br \/>\n            \u662f&#xff0c;\u6709\u5e2e\u52a9<br \/>\n          &lt;\/button&gt;<br \/>\n          &lt;button<br \/>\n            onClick&#061;{() &#061;&gt; {<br \/>\n              fetch(&#039;\/api\/404-feedback?helpful&#061;false&#039;, { method: &#039;POST&#039; });<br \/>\n              alert(&#039;\u611f\u8c22\u60a8\u7684\u53cd\u9988&#xff0c;\u6211\u4eec\u4f1a\u52aa\u529b\u6539\u8fdb&#xff01;&#039;);<br \/>\n            }}<br \/>\n            className&#061;&#034;feedback-button negative&#034;<br \/>\n          &gt;<br \/>\n            \u5426&#xff0c;\u6ca1\u6709\u5e2e\u52a9<br \/>\n          &lt;\/button&gt;<br \/>\n        &lt;\/div&gt;<br \/>\n      &lt;\/div&gt;<br \/>\n    &lt;\/div&gt;<br \/>\n  );<br \/>\n}<\/p>\n<p>\/\/ CSS\u6837\u5f0f&#xff08;\u5185\u8054\u793a\u4f8b&#xff09;<br \/>\nconst styles &#061; &#096;<br \/>\n.not-found-container {<br \/>\n  max-width: 800px;<br \/>\n  margin: 0 auto;<br \/>\n  padding: 2rem;<br \/>\n  font-family: -apple-system, BlinkMacSystemFont, &#039;Segoe UI&#039;, Roboto, sans-serif;<br \/>\n}<\/p>\n<p>.not-found-header {<br \/>\n  text-align: center;<br \/>\n  margin-bottom: 3rem;<br \/>\n}<\/p>\n<p>.not-found-icon {<br \/>\n  color: #f59e0b;<br \/>\n  margin-bottom: 1rem;<br \/>\n}<\/p>\n<p>.missing-path {<br \/>\n  background: #f3f4f6;<br \/>\n  padding: 0.5rem 1rem;<br \/>\n  border-radius: 4px;<br \/>\n  display: inline-block;<br \/>\n  margin: 1rem 0;<br \/>\n  font-family: monospace;<br \/>\n}<\/p>\n<p>.search-form {<br \/>\n  display: flex;<br \/>\n  gap: 0.5rem;<br \/>\n  margin-bottom: 2rem;<br \/>\n}<\/p>\n<p>.search-input-wrapper {<br \/>\n  flex: 1;<br \/>\n  position: relative;<br \/>\n}<\/p>\n<p>.search-icon {<br \/>\n  position: absolute;<br \/>\n  left: 1rem;<br \/>\n  top: 50%;<br \/>\n  transform: translateY(-50%);<br \/>\n  color: #9ca3af;<br \/>\n}<\/p>\n<p>.search-input {<br \/>\n  width: 100%;<br \/>\n  padding: 0.75rem 1rem 0.75rem 3rem;<br \/>\n  border: 1px solid #d1d5db;<br \/>\n  border-radius: 8px;<br \/>\n  font-size: 1rem;<br \/>\n}<\/p>\n<p>.search-button {<br \/>\n  padding: 0.75rem 1.5rem;<br \/>\n  background: #3b82f6;<br \/>\n  color: white;<br \/>\n  border: none;<br \/>\n  border-radius: 8px;<br \/>\n  cursor: pointer;<br \/>\n  font-size: 1rem;<br \/>\n}<\/p>\n<p>.suggestions-section {<br \/>\n  margin-bottom: 2rem;<br \/>\n}<\/p>\n<p>.suggestions-list {<br \/>\n  display: flex;<br \/>\n  flex-direction: column;<br \/>\n  gap: 0.5rem;<br \/>\n}<\/p>\n<p>.suggestion-item {<br \/>\n  display: flex;<br \/>\n  justify-content: space-between;<br \/>\n  align-items: center;<br \/>\n  padding: 1rem;<br \/>\n  border: 1px solid #e5e7eb;<br \/>\n  border-radius: 8px;<br \/>\n  cursor: pointer;<br \/>\n  transition: all 0.2s;<br \/>\n}<\/p>\n<p>.suggestion-item:hover {<br \/>\n  background: #f9fafb;<br \/>\n  border-color: #3b82f6;<br \/>\n}<\/p>\n<p>.suggestion-item.confidence-high {<br \/>\n  border-left: 4px solid #10b981;<br \/>\n}<\/p>\n<p>.suggestion-item.confidence-medium {<br \/>\n  border-left: 4px solid #f59e0b;<br \/>\n}<\/p>\n<p>.suggestion-item.confidence-low {<br \/>\n  border-left: 4px solid #ef4444;<br \/>\n}<\/p>\n<p>.suggestion-content {<br \/>\n  display: flex;<br \/>\n  flex-direction: column;<br \/>\n  gap: 0.25rem;<br \/>\n}<\/p>\n<p>.suggestion-path {<br \/>\n  font-weight: 500;<br \/>\n  color: #111827;<br \/>\n}<\/p>\n<p>.suggestion-description {<br \/>\n  font-size: 0.875rem;<br \/>\n  color: #6b7280;<br \/>\n}<\/p>\n<p>.quick-actions {<br \/>\n  display: flex;<br \/>\n  gap: 1rem;<br \/>\n  justify-content: center;<br \/>\n  margin-bottom: 2rem;<br \/>\n}<\/p>\n<p>.action-button {<br \/>\n  display: flex;<br \/>\n  align-items: center;<br \/>\n  gap: 0.5rem;<br \/>\n  padding: 0.75rem 1.5rem;<br \/>\n  border-radius: 8px;<br \/>\n  font-size: 0.875rem;<br \/>\n  font-weight: 500;<br \/>\n  cursor: pointer;<br \/>\n  text-decoration: none;<br \/>\n  border: none;<br \/>\n}<\/p>\n<p>.action-button.primary {<br \/>\n  background: #3b82f6;<br \/>\n  color: white;<br \/>\n}<\/p>\n<p>.action-button.secondary {<br \/>\n  background: #f3f4f6;<br \/>\n  color: #374151;<br \/>\n}<\/p>\n<p>.action-button.tertiary {<br \/>\n  background: white;<br \/>\n  color: #374151;<br \/>\n  border: 1px solid #d1d5db;<br \/>\n}<br \/>\n&#096;;<\/p>\n<p>\/\/ \u6dfb\u52a0\u5230\u6587\u6863<br \/>\nconst styleSheet &#061; document.createElement(&#039;style&#039;);<br \/>\nstyleSheet.textContent &#061; styles;<br \/>\ndocument.head.appendChild(styleSheet);<\/p>\n<h3>19.5 \u76d1\u63a7\u4e0e\u5206\u6790<\/h3>\n<h4>19.5.1 404\u76d1\u63a7\u7cfb\u7edf<\/h4>\n<p>python<\/p>\n<p># 404\u76d1\u63a7\u4e0e\u5206\u6790\u7cfb\u7edf<br \/>\nfrom datetime import datetime, timedelta<br \/>\nfrom collections import defaultdict, Counter<br \/>\nimport json<br \/>\nfrom typing import Dict, List, Any<br \/>\nfrom dataclasses import dataclass, asdict<\/p>\n<p>&#064;dataclass<br \/>\nclass NotFoundEvent:<br \/>\n    timestamp: datetime<br \/>\n    path: str<br \/>\n    method: str<br \/>\n    ip_address: str<br \/>\n    user_agent: str<br \/>\n    referer: str<br \/>\n    response_time: float<br \/>\n    matched_pattern: str &#061; None<br \/>\n    suggestions_provided: List[str] &#061; None<br \/>\n    user_id: str &#061; None<\/p>\n<p>    def to_dict(self):<br \/>\n        data &#061; asdict(self)<br \/>\n        data[&#039;timestamp&#039;] &#061; self.timestamp.isoformat()<br \/>\n        return data<\/p>\n<p>class NotFoundMonitor:<br \/>\n    def __init__(self, storage_backend&#061;&#039;file&#039;):<br \/>\n        self.events &#061; []<br \/>\n        self.patterns &#061; defaultdict(int)<br \/>\n        self.sources &#061; defaultdict(int)<br \/>\n        self.storage_backend &#061; storage_backend<br \/>\n        self.stats_window &#061; timedelta(hours&#061;24)<\/p>\n<p>    def record(self, event: NotFoundEvent):<br \/>\n        &#034;&#034;&#034;\u8bb0\u5f55404\u4e8b\u4ef6&#034;&#034;&#034;<br \/>\n        self.events.append(event)<\/p>\n<p>        # \u66f4\u65b0\u7edf\u8ba1\u6570\u636e<br \/>\n        self.patterns[event.path] &#043;&#061; 1<br \/>\n        if event.referer:<br \/>\n            self.sources[event.referer] &#043;&#061; 1<\/p>\n<p>        # \u6301\u4e45\u5316\u5b58\u50a8<br \/>\n        self.persist_event(event)<\/p>\n<p>        # \u5b9e\u65f6\u5206\u6790<br \/>\n        self.realtime_analysis(event)<\/p>\n<p>        # \u6e05\u7406\u65e7\u4e8b\u4ef6<br \/>\n        self.cleanup_old_events()<\/p>\n<p>    def persist_event(self, event: NotFoundEvent):<br \/>\n        &#034;&#034;&#034;\u6301\u4e45\u5316\u5b58\u50a8\u4e8b\u4ef6&#034;&#034;&#034;<br \/>\n        if self.storage_backend &#061;&#061; &#039;file&#039;:<br \/>\n            with open(&#039;404_events.jsonl&#039;, &#039;a&#039;) as f:<br \/>\n                f.write(json.dumps(event.to_dict()) &#043; &#039;\\\\n&#039;)<br \/>\n        elif self.storage_backend &#061;&#061; &#039;database&#039;:<br \/>\n            # \u6570\u636e\u5e93\u5b58\u50a8\u5b9e\u73b0<br \/>\n            pass<\/p>\n<p>    def realtime_analysis(self, event: NotFoundEvent):<br \/>\n        &#034;&#034;&#034;\u5b9e\u65f6\u5206\u6790404\u4e8b\u4ef6&#034;&#034;&#034;<\/p>\n<p>        # \u68c0\u67e5\u662f\u5426\u662f\u65b0\u7684404\u6a21\u5f0f<br \/>\n        if self.patterns[event.path] &#061;&#061; 1:<br \/>\n            self.alert_new_pattern(event.path)<\/p>\n<p>        # \u68c0\u67e5\u662f\u5426\u5b58\u5728\u5927\u91cf404<br \/>\n        recent_404s &#061; self.get_recent_events(minutes&#061;5)<br \/>\n        if len(recent_404s) &gt; 100:<br \/>\n            self.alert_high_volume(recent_404s)<\/p>\n<p>        # \u68c0\u67e5\u662f\u5426\u5b58\u5728\u6076\u610f\u626b\u63cf<br \/>\n        if self.is_scanning_attempt(event):<br \/>\n            self.alert_scanning_attempt(event)<\/p>\n<p>    def get_recent_events(self, minutes&#061;5):<br \/>\n        &#034;&#034;&#034;\u83b7\u53d6\u6700\u8fd1\u7684\u4e8b\u4ef6&#034;&#034;&#034;<br \/>\n        cutoff &#061; datetime.utcnow() &#8211; timedelta(minutes&#061;minutes)<br \/>\n        return [e for e in self.events if e.timestamp &gt; cutoff]<\/p>\n<p>    def is_scanning_attempt(self, event: NotFoundEvent):<br \/>\n        &#034;&#034;&#034;\u68c0\u6d4b\u662f\u5426\u662f\u6076\u610f\u626b\u63cf&#034;&#034;&#034;<br \/>\n        suspicious_patterns &#061; [<br \/>\n            &#039;\/wp-admin&#039;,<br \/>\n            &#039;\/phpmyadmin&#039;,<br \/>\n            &#039;\/.env&#039;,<br \/>\n            &#039;\/config&#039;,<br \/>\n            &#039;\/backup&#039;,<br \/>\n            &#039;\/.git&#039;,<br \/>\n            &#039;..&#039;,  # \u76ee\u5f55\u904d\u5386<br \/>\n        ]<\/p>\n<p>        return any(pattern in event.path.lower() for pattern in suspicious_patterns)<\/p>\n<p>    def generate_report(self, period&#061;&#039;daily&#039;) -&gt; Dict[str, Any]:<br \/>\n        &#034;&#034;&#034;\u751f\u6210404\u62a5\u544a&#034;&#034;&#034;<br \/>\n        if period &#061;&#061; &#039;daily&#039;:<br \/>\n            cutoff &#061; datetime.utcnow() &#8211; timedelta(days&#061;1)<br \/>\n        elif period &#061;&#061; &#039;weekly&#039;:<br \/>\n            cutoff &#061; datetime.utcnow() &#8211; timedelta(weeks&#061;1)<br \/>\n        else:<br \/>\n            cutoff &#061; datetime.utcnow() &#8211; self.stats_window<\/p>\n<p>        period_events &#061; [e for e in self.events if e.timestamp &gt; cutoff]<\/p>\n<p>        report &#061; {<br \/>\n            &#039;period&#039;: period,<br \/>\n            &#039;time_range&#039;: {<br \/>\n                &#039;start&#039;: cutoff.isoformat(),<br \/>\n                &#039;end&#039;: datetime.utcnow().isoformat()<br \/>\n            },<br \/>\n            &#039;summary&#039;: {<br \/>\n                &#039;total_404s&#039;: len(period_events),<br \/>\n                &#039;unique_paths&#039;: len(set(e.path for e in period_events)),<br \/>\n                &#039;unique_ips&#039;: len(set(e.ip_address for e in period_events))<br \/>\n            },<br \/>\n            &#039;top_paths&#039;: Counter(e.path for e in period_events).most_common(10),<br \/>\n            &#039;top_referers&#039;: Counter(e.referer for e in period_events if e.referer).most_common(10),<br \/>\n            &#039;top_user_agents&#039;: Counter(e.user_agent for e in period_events).most_common(5),<br \/>\n            &#039;hourly_distribution&#039;: self.get_hourly_distribution(period_events),<br \/>\n            &#039;response_time_stats&#039;: self.get_response_time_stats(period_events),<br \/>\n            &#039;insights&#039;: self.generate_insights(period_events)<br \/>\n        }<\/p>\n<p>        return report<\/p>\n<p>    def get_hourly_distribution(self, events: List[NotFoundEvent]):<br \/>\n        &#034;&#034;&#034;\u83b7\u53d6\u6309\u5c0f\u65f6\u5206\u5e03&#034;&#034;&#034;<br \/>\n        distribution &#061; defaultdict(int)<br \/>\n        for event in events:<br \/>\n            hour &#061; event.timestamp.hour<br \/>\n            distribution[f&#034;{hour:02d}:00&#034;] &#043;&#061; 1<br \/>\n        return dict(sorted(distribution.items()))<\/p>\n<p>    def get_response_time_stats(self, events: List[NotFoundEvent]):<br \/>\n        &#034;&#034;&#034;\u83b7\u53d6\u54cd\u5e94\u65f6\u95f4\u7edf\u8ba1&#034;&#034;&#034;<br \/>\n        if not events:<br \/>\n            return {}<\/p>\n<p>        response_times &#061; [e.response_time for e in events]<br \/>\n        return {<br \/>\n            &#039;avg&#039;: sum(response_times) \/ len(response_times),<br \/>\n            &#039;min&#039;: min(response_times),<br \/>\n            &#039;max&#039;: max(response_times),<br \/>\n            &#039;p95&#039;: sorted(response_times)[int(len(response_times) * 0.95)]<br \/>\n        }<\/p>\n<p>    def generate_insights(self, events: List[NotFoundEvent]) -&gt; List[str]:<br \/>\n        &#034;&#034;&#034;\u751f\u6210\u6d1e\u5bdf\u548c\u5efa\u8bae&#034;&#034;&#034;<br \/>\n        insights &#061; []<\/p>\n<p>        # 1. \u67e5\u627e\u5e38\u89c1\u7684URL\u9519\u8bef\u6a21\u5f0f<br \/>\n        path_counter &#061; Counter(e.path for e in events)<br \/>\n        common_paths &#061; [path for path, count in path_counter.items() if count &gt; 10]<\/p>\n<p>        for path in common_paths[:5]:<br \/>\n            # \u5206\u6790\u8def\u5f84\u6a21\u5f0f<br \/>\n            if path.endswith(&#039;\/index.html&#039;):<br \/>\n                insights.append(f&#034;\u9891\u7e41\u8bf7\u6c42 {path} &#8211; \u8003\u8651\u8bbe\u7f6e\u91cd\u5b9a\u5411\u5230\u7236\u76ee\u5f55&#034;)<br \/>\n            elif &#039;\/api\/v1\/&#039; in path:<br \/>\n                insights.append(f&#034;\u9891\u7e41\u8bf7\u6c42\u65e7API\u7248\u672c {path} &#8211; \u8003\u8651\u8bbe\u7f6e\u6c38\u4e45\u91cd\u5b9a\u5411\u5230v2&#034;)<br \/>\n            elif re.search(r&#039;\/[A-Z]&#039;, path):<br \/>\n                insights.append(f&#034;\u5927\u5c0f\u5199\u654f\u611f\u8def\u5f84 {path} &#8211; \u8003\u8651\u6dfb\u52a0\u4e0d\u533a\u5206\u5927\u5c0f\u5199\u7684\u8def\u7531&#034;)<\/p>\n<p>        # 2. \u5206\u6790\u6765\u6e90<br \/>\n        referer_counter &#061; Counter(e.referer for e in events if e.referer)<br \/>\n        for referer, count in referer_counter.most_common(3):<br \/>\n            if count &gt; 5:<br \/>\n                insights.append(f&#034;{referer} \u5f15\u7528\u4e86 {count} \u4e2a\u5931\u6548\u94fe\u63a5 &#8211; \u5efa\u8bae\u8054\u7cfb\u8be5\u7f51\u7ad9\u66f4\u65b0\u94fe\u63a5&#034;)<\/p>\n<p>        # 3. \u68c0\u6d4b\u53ef\u80fd\u7684\u6076\u610f\u6d3b\u52a8<br \/>\n        scanning_paths &#061; [e.path for e in events if self.is_scanning_attempt(e)]<br \/>\n        if scanning_paths:<br \/>\n            unique_scanning_paths &#061; set(scanning_paths)<br \/>\n            insights.append(f&#034;\u68c0\u6d4b\u5230 {len(unique_scanning_paths)} \u4e2a\u53ef\u80fd\u7684\u626b\u63cf\u5c1d\u8bd5&#034;)<\/p>\n<p>        return insights[:10]  # \u9650\u5236\u6570\u91cf<\/p>\n<p>    def alert_new_pattern(self, path: str):<br \/>\n        &#034;&#034;&#034;\u8b66\u62a5\u65b0\u7684404\u6a21\u5f0f&#034;&#034;&#034;<br \/>\n        alert &#061; {<br \/>\n            &#039;type&#039;: &#039;new_404_pattern&#039;,<br \/>\n            &#039;timestamp&#039;: datetime.utcnow().isoformat(),<br \/>\n            &#039;path&#039;: path,<br \/>\n            &#039;severity&#039;: &#039;low&#039;,<br \/>\n            &#039;message&#039;: f&#039;\u53d1\u73b0\u65b0\u7684404\u6a21\u5f0f: {path}&#039;<br \/>\n        }<\/p>\n<p>        self.send_alert(alert)<\/p>\n<p>    def alert_high_volume(self, events: List[NotFoundEvent]):<br \/>\n        &#034;&#034;&#034;\u8b66\u62a5\u9ad8\u9891\u7387404&#034;&#034;&#034;<br \/>\n        alert &#061; {<br \/>\n            &#039;type&#039;: &#039;high_404_volume&#039;,<br \/>\n            &#039;timestamp&#039;: datetime.utcnow().isoformat(),<br \/>\n            &#039;count&#039;: len(events),<br \/>\n            &#039;time_window&#039;: &#039;5\u5206\u949f&#039;,<br \/>\n            &#039;severity&#039;: &#039;medium&#039;,<br \/>\n            &#039;message&#039;: f&#039;5\u5206\u949f\u5185\u68c0\u6d4b\u5230 {len(events)} \u6b21404\u54cd\u5e94&#039;<br \/>\n        }<\/p>\n<p>        self.send_alert(alert)<\/p>\n<p>    def alert_scanning_attempt(self, event: NotFoundEvent):<br \/>\n        &#034;&#034;&#034;\u8b66\u62a5\u626b\u63cf\u5c1d\u8bd5&#034;&#034;&#034;<br \/>\n        alert &#061; {<br \/>\n            &#039;type&#039;: &#039;scanning_attempt&#039;,<br \/>\n            &#039;timestamp&#039;: datetime.utcnow().isoformat(),<br \/>\n            &#039;path&#039;: event.path,<br \/>\n            &#039;ip_address&#039;: event.ip_address,<br \/>\n            &#039;severity&#039;: &#039;high&#039;,<br \/>\n            &#039;message&#039;: f&#039;\u68c0\u6d4b\u5230\u53ef\u80fd\u7684\u6076\u610f\u626b\u63cf: {event.path} from {event.ip_address}&#039;<br \/>\n        }<\/p>\n<p>        self.send_alert(alert)<\/p>\n<p>    def send_alert(self, alert: Dict):<br \/>\n        &#034;&#034;&#034;\u53d1\u9001\u8b66\u62a5&#034;&#034;&#034;<br \/>\n        # \u53d1\u9001\u5230\u76d1\u63a7\u7cfb\u7edf\u3001Slack\u3001\u90ae\u4ef6\u7b49<br \/>\n        print(f&#034;[ALERT] {alert}&#034;)<\/p>\n<p>        # \u793a\u4f8b&#xff1a;\u8bb0\u5f55\u5230\u6587\u4ef6<br \/>\n        with open(&#039;404_alerts.jsonl&#039;, &#039;a&#039;) as f:<br \/>\n            f.write(json.dumps(alert) &#043; &#039;\\\\n&#039;)<\/p>\n<p>    def cleanup_old_events(self):<br \/>\n        &#034;&#034;&#034;\u6e05\u7406\u65e7\u4e8b\u4ef6&#034;&#034;&#034;<br \/>\n        cutoff &#061; datetime.utcnow() &#8211; self.stats_window<br \/>\n        self.events &#061; [e for e in self.events if e.timestamp &gt; cutoff]<\/p>\n<h4>19.5.2 404\u5206\u6790\u4eea\u8868\u677f<\/h4>\n<p>python<\/p>\n<p># Flask API: 404\u5206\u6790\u4eea\u8868\u677f<br \/>\nfrom flask import Blueprint, jsonify, request<br \/>\nfrom datetime import datetime, timedelta<br \/>\nimport pandas as pd<br \/>\nfrom io import StringIO<\/p>\n<p>not_found_bp &#061; Blueprint(&#039;not_found&#039;, __name__)<br \/>\nmonitor &#061; NotFoundMonitor()<\/p>\n<p>&#064;not_found_bp.route(&#039;\/api\/404\/record&#039;, methods&#061;[&#039;POST&#039;])<br \/>\ndef record_404():<br \/>\n    &#034;&#034;&#034;\u8bb0\u5f55404\u4e8b\u4ef6&#034;&#034;&#034;<br \/>\n    data &#061; request.json<\/p>\n<p>    event &#061; NotFoundEvent(<br \/>\n        timestamp&#061;datetime.fromisoformat(data[&#039;timestamp&#039;]),<br \/>\n        path&#061;data[&#039;path&#039;],<br \/>\n        method&#061;data.get(&#039;method&#039;, &#039;GET&#039;),<br \/>\n        ip_address&#061;data.get(&#039;ip_address&#039;, &#039;&#039;),<br \/>\n        user_agent&#061;data.get(&#039;user_agent&#039;, &#039;&#039;),<br \/>\n        referer&#061;data.get(&#039;referer&#039;, &#039;&#039;),<br \/>\n        response_time&#061;data.get(&#039;response_time&#039;, 0),<br \/>\n        matched_pattern&#061;data.get(&#039;matched_pattern&#039;),<br \/>\n        suggestions_provided&#061;data.get(&#039;suggestions&#039;, []),<br \/>\n        user_id&#061;data.get(&#039;user_id&#039;)<br \/>\n    )<\/p>\n<p>    monitor.record(event)<\/p>\n<p>    return jsonify({&#039;status&#039;: &#039;recorded&#039;})<\/p>\n<p>&#064;not_found_bp.route(&#039;\/api\/404\/stats&#039;)<br \/>\ndef get_404_stats():<br \/>\n    &#034;&#034;&#034;\u83b7\u53d6404\u7edf\u8ba1&#034;&#034;&#034;<br \/>\n    period &#061; request.args.get(&#039;period&#039;, &#039;24h&#039;)<\/p>\n<p>    if period &#061;&#061; &#039;24h&#039;:<br \/>\n        cutoff &#061; datetime.utcnow() &#8211; timedelta(hours&#061;24)<br \/>\n    elif period &#061;&#061; &#039;7d&#039;:<br \/>\n        cutoff &#061; datetime.utcnow() &#8211; timedelta(days&#061;7)<br \/>\n    elif period &#061;&#061; &#039;30d&#039;:<br \/>\n        cutoff &#061; datetime.utcnow() &#8211; timedelta(days&#061;30)<br \/>\n    else:<br \/>\n        cutoff &#061; datetime.utcnow() &#8211; timedelta(hours&#061;24)<\/p>\n<p>    period_events &#061; [e for e in monitor.events if e.timestamp &gt; cutoff]<\/p>\n<p>    # \u4f7f\u7528pandas\u8fdb\u884c\u6570\u636e\u5206\u6790<br \/>\n    if period_events:<br \/>\n        df &#061; pd.DataFrame([e.to_dict() for e in period_events])<\/p>\n<p>        stats &#061; {<br \/>\n            &#039;total&#039;: len(df),<br \/>\n            &#039;by_hour&#039;: df.groupby(df[&#039;timestamp&#039;].str[11:13]).size().to_dict(),<br \/>\n            &#039;by_path&#039;: df[&#039;path&#039;].value_counts().head(20).to_dict(),<br \/>\n            &#039;by_referer&#039;: df[&#039;referer&#039;].value_counts().head(10).to_dict(),<br \/>\n            &#039;by_user_agent&#039;: df[&#039;user_agent&#039;].value_counts().head(5).to_dict(),<br \/>\n            &#039;response_time&#039;: {<br \/>\n                &#039;mean&#039;: df[&#039;response_time&#039;].mean(),<br \/>\n                &#039;median&#039;: df[&#039;response_time&#039;].median(),<br \/>\n                &#039;p95&#039;: df[&#039;response_time&#039;].quantile(0.95)<br \/>\n            }<br \/>\n        }<br \/>\n    else:<br \/>\n        stats &#061; {<br \/>\n            &#039;total&#039;: 0,<br \/>\n            &#039;by_hour&#039;: {},<br \/>\n            &#039;by_path&#039;: {},<br \/>\n            &#039;by_referer&#039;: {},<br \/>\n            &#039;by_user_agent&#039;: {},<br \/>\n            &#039;response_time&#039;: {}<br \/>\n        }<\/p>\n<p>    return jsonify(stats)<\/p>\n<p>&#064;not_found_bp.route(&#039;\/api\/404\/patterns&#039;)<br \/>\ndef analyze_patterns():<br \/>\n    &#034;&#034;&#034;\u5206\u6790404\u6a21\u5f0f&#034;&#034;&#034;<br \/>\n    period &#061; request.args.get(&#039;period&#039;, &#039;7d&#039;)<br \/>\n    cutoff &#061; datetime.utcnow() &#8211; timedelta(days&#061;7)<\/p>\n<p>    period_events &#061; [e for e in monitor.events if e.timestamp &gt; cutoff]<\/p>\n<p>    patterns &#061; {}<\/p>\n<p>    for event in period_events:<br \/>\n        path &#061; event.path<\/p>\n<p>        # \u63d0\u53d6\u6a21\u5f0f<br \/>\n        # 1. \u66ff\u6362\u6570\u5b57ID\u4e3a {id}<br \/>\n        pattern &#061; re.sub(r&#039;\/\\\\d&#043;&#039;, &#039;\/{id}&#039;, path)<br \/>\n        # 2. \u66ff\u6362UUID\u4e3a {uuid}<br \/>\n        pattern &#061; re.sub(r&#039;\/[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}&#039;, &#039;\/{uuid}&#039;, pattern, flags&#061;re.I)<br \/>\n        # 3. \u66ff\u6362\u5176\u4ed6\u5e38\u89c1\u6a21\u5f0f<br \/>\n        pattern &#061; re.sub(r&#039;\/[a-f0-9]{32}&#039;, &#039;\/{hash}&#039;, pattern)<br \/>\n        pattern &#061; re.sub(r&#039;\/[a-f0-9]{40}&#039;, &#039;\/{sha1}&#039;, pattern)<\/p>\n<p>        if pattern not in patterns:<br \/>\n            patterns[pattern] &#061; {<br \/>\n                &#039;pattern&#039;: pattern,<br \/>\n                &#039;count&#039;: 0,<br \/>\n                &#039;examples&#039;: [],<br \/>\n                &#039;suggestions&#039;: set()<br \/>\n            }<\/p>\n<p>        patterns[pattern][&#039;count&#039;] &#043;&#061; 1<\/p>\n<p>        if len(patterns[pattern][&#039;examples&#039;]) &lt; 5:<br \/>\n            patterns[pattern][&#039;examples&#039;].append(path)<\/p>\n<p>    # \u6392\u5e8f\u5e76\u6dfb\u52a0\u5efa\u8bae<br \/>\n    sorted_patterns &#061; sorted(<br \/>\n        patterns.values(),<br \/>\n        key&#061;lambda x: x[&#039;count&#039;],<br \/>\n        reverse&#061;True<br \/>\n    )[:20]  # \u524d20\u4e2a\u6a21\u5f0f<\/p>\n<p>    # \u4e3a\u6bcf\u4e2a\u6a21\u5f0f\u751f\u6210\u5efa\u8bae<br \/>\n    for pattern in sorted_patterns:<br \/>\n        pattern[&#039;suggestions&#039;] &#061; list(generate_suggestions_for_pattern(pattern))<\/p>\n<p>    return jsonify({<br \/>\n        &#039;patterns&#039;: sorted_patterns,<br \/>\n        &#039;total_unique_patterns&#039;: len(patterns)<br \/>\n    })<\/p>\n<p>def generate_suggestions_for_pattern(pattern):<br \/>\n    &#034;&#034;&#034;\u4e3a\u6a21\u5f0f\u751f\u6210\u5efa\u8bae&#034;&#034;&#034;<br \/>\n    suggestions &#061; set()<\/p>\n<p>    # \u5206\u6790\u6a21\u5f0f<br \/>\n    if &#039;{id}&#039; in pattern[&#039;pattern&#039;]:<br \/>\n        suggestions.add(&#034;\u8be5\u6a21\u5f0f\u5305\u542b\u6570\u5b57ID&#xff0c;\u53ef\u80fd\u662fAPI\u7aef\u70b9&#034;)<\/p>\n<p>        # \u68c0\u67e5\u662f\u5426\u662fRESTful\u7aef\u70b9<br \/>\n        if any(segment in pattern[&#039;pattern&#039;] for segment in [&#039;\/users\/&#039;, &#039;\/products\/&#039;, &#039;\/orders\/&#039;]):<br \/>\n            suggestions.add(&#034;\u8003\u8651\u9a8c\u8bc1ID\u662f\u5426\u5b58\u5728\u6570\u636e\u5e93\u4e2d&#034;)<br \/>\n            suggestions.add(&#034;\u68c0\u67e5API\u6587\u6863\u662f\u5426\u5df2\u66f4\u65b0&#034;)<\/p>\n<p>    if pattern[&#039;count&#039;] &gt; 10:<br \/>\n        suggestions.add(f&#034;\u9891\u7e41\u51fa\u73b0&#xff08;{pattern[&#039;count&#039;]}\u6b21&#xff09;&#xff0c;\u5efa\u8bae\u4f18\u5148\u5904\u7406&#034;)<\/p>\n<p>    # \u68c0\u67e5\u662f\u5426\u662f\u65e7API\u7248\u672c<br \/>\n    if &#039;\/v1\/&#039; in pattern[&#039;pattern&#039;] or &#039;\/api\/v1\/&#039; in pattern[&#039;pattern&#039;]:<br \/>\n        suggestions.add(&#034;\u68c0\u6d4b\u5230\u65e7API\u7248\u672c\u8bf7\u6c42&#xff0c;\u8003\u8651\u8bbe\u7f6e\u91cd\u5b9a\u5411\u5230\u6700\u65b0\u7248\u672c&#034;)<\/p>\n<p>    # \u68c0\u67e5\u662f\u5426\u6709\u62fc\u5199\u9519\u8bef\u6a21\u5f0f<br \/>\n    examples &#061; pattern[&#039;examples&#039;]<br \/>\n    if len(examples) &gt; 1:<br \/>\n        # \u67e5\u627e\u5171\u540c\u7684\u9519\u8bef\u6a21\u5f0f<br \/>\n        for i in range(len(examples[0])):<br \/>\n            chars &#061; [ex[i] for ex in examples if i &lt; len(ex)]<br \/>\n            if len(set(chars)) &gt; 1:<br \/>\n                # \u53ef\u80fd\u6709\u62fc\u5199\u53d8\u5316<br \/>\n                suggestions.add(&#034;\u68c0\u6d4b\u5230\u53ef\u80fd\u7684\u62fc\u5199\u9519\u8bef\u6a21\u5f0f&#034;)<br \/>\n                break<\/p>\n<p>    return suggestions<\/p>\n<p>&#064;not_found_bp.route(&#039;\/api\/404\/export&#039;)<br \/>\ndef export_404_data():<br \/>\n    &#034;&#034;&#034;\u5bfc\u51fa404\u6570\u636e&#034;&#034;&#034;<br \/>\n    format_type &#061; request.args.get(&#039;format&#039;, &#039;json&#039;)<\/p>\n<p>    if format_type &#061;&#061; &#039;csv&#039;:<br \/>\n        # \u8f6c\u6362\u4e3aCSV<br \/>\n        df &#061; pd.DataFrame([e.to_dict() for e in monitor.events])<br \/>\n        csv_data &#061; df.to_csv(index&#061;False)<\/p>\n<p>        return csv_data, 200, {<br \/>\n            &#039;Content-Type&#039;: &#039;text\/csv&#039;,<br \/>\n            &#039;Content-Disposition&#039;: &#039;attachment; filename&#061;404_events.csv&#039;<br \/>\n        }<\/p>\n<p>    elif format_type &#061;&#061; &#039;json&#039;:<br \/>\n        # JSON\u683c\u5f0f<br \/>\n        events_data &#061; [e.to_dict() for e in monitor.events]<\/p>\n<p>        return jsonify({<br \/>\n            &#039;events&#039;: events_data,<br \/>\n            &#039;count&#039;: len(events_data),<br \/>\n            &#039;exported_at&#039;: datetime.utcnow().isoformat()<br \/>\n        })<\/p>\n<p>    return jsonify({&#039;error&#039;: &#039;Unsupported format&#039;}), 400<\/p>\n<p># \u6ce8\u518c\u5230Flask\u5e94\u7528<br \/>\napp.register_blueprint(not_found_bp)<\/p>\n<h3>19.6 \u5b89\u5168\u8003\u8651<\/h3>\n<h4>19.6.1 \u9632\u6b62\u4fe1\u606f\u6cc4\u9732<\/h4>\n<p>python<\/p>\n<p># \u5b89\u5168\u7684404\u54cd\u5e94\u5904\u7406<br \/>\nclass SecureNotFoundHandler:<br \/>\n    def __init__(self, config):<br \/>\n        self.config &#061; config<br \/>\n        self.sensitive_paths &#061; [<br \/>\n            &#039;\/admin&#039;,<br \/>\n            &#039;\/config&#039;,<br \/>\n            &#039;\/.env&#039;,<br \/>\n            &#039;\/database&#039;,<br \/>\n            &#039;\/backup&#039;,<br \/>\n            # \u6dfb\u52a0\u5176\u4ed6\u654f\u611f\u8def\u5f84<br \/>\n        ]<\/p>\n<p>        self.honeypot_paths &#061; [<br \/>\n            &#039;\/wp-admin&#039;,  # WordPress\u7ba1\u7406&#xff08;\u5982\u679c\u4e0d\u7528&#xff09;<br \/>\n            &#039;\/phpmyadmin&#039;,<br \/>\n            &#039;\/server-status&#039;,<br \/>\n            &#039;\/.git&#039;,<br \/>\n            # \u8bf1\u9975\u8def\u5f84<br \/>\n        ]<\/p>\n<p>    def handle_not_found(self, request_path, request):<br \/>\n        &#034;&#034;&#034;\u5b89\u5168\u5904\u7406404\u54cd\u5e94&#034;&#034;&#034;<\/p>\n<p>        # 1. \u68c0\u67e5\u662f\u5426\u662f\u654f\u611f\u8def\u5f84<br \/>\n        if self.is_sensitive_path(request_path):<br \/>\n            return self.handle_sensitive_path(request_path, request)<\/p>\n<p>        # 2. \u68c0\u67e5\u662f\u5426\u662f\u871c\u7f50\u8def\u5f84<br \/>\n        if self.is_honeypot_path(request_path):<br \/>\n            return self.handle_honeypot_path(request_path, request)<\/p>\n<p>        # 3. \u68c0\u67e5\u662f\u5426\u662f\u626b\u63cf\u5c1d\u8bd5<br \/>\n        if self.is_scanning_attempt(request_path, request):<br \/>\n            return self.handle_scanning_attempt(request_path, request)<\/p>\n<p>        # 4. \u666e\u901a404\u5904\u7406<br \/>\n        return self.handle_normal_not_found(request_path, request)<\/p>\n<p>    def is_sensitive_path(self, path):<br \/>\n        &#034;&#034;&#034;\u68c0\u67e5\u662f\u5426\u662f\u654f\u611f\u8def\u5f84&#034;&#034;&#034;<br \/>\n        path_lower &#061; path.lower()<\/p>\n<p>        for sensitive in self.sensitive_paths:<br \/>\n            if sensitive in path_lower:<br \/>\n                return True<\/p>\n<p>        # \u68c0\u67e5\u8def\u5f84\u904d\u5386<br \/>\n        if &#039;..&#039; in path or &#039;%2e%2e&#039; in path.lower():<br \/>\n            return True<\/p>\n<p>        return False<\/p>\n<p>    def is_honeypot_path(self, path):<br \/>\n        &#034;&#034;&#034;\u68c0\u67e5\u662f\u5426\u662f\u871c\u7f50\u8def\u5f84&#034;&#034;&#034;<br \/>\n        path_lower &#061; path.lower()<br \/>\n        return any(honeypot in path_lower for honeypot in self.honeypot_paths)<\/p>\n<p>    def is_scanning_attempt(self, path, request):<br \/>\n        &#034;&#034;&#034;\u68c0\u67e5\u662f\u5426\u662f\u626b\u63cf\u5c1d\u8bd5&#034;&#034;&#034;<\/p>\n<p>        # \u57fa\u4e8e\u8bf7\u6c42\u9891\u7387<br \/>\n        ip &#061; request.remote_addr<br \/>\n        recent_requests &#061; self.get_recent_requests(ip, minutes&#061;1)<\/p>\n<p>        if len(recent_requests) &gt; 50:  # 1\u5206\u949f\u5185\u8d85\u8fc750\u4e2a\u8bf7\u6c42<br \/>\n            return True<\/p>\n<p>        # \u57fa\u4e8e\u8def\u5f84\u6a21\u5f0f<br \/>\n        suspicious_patterns &#061; [<br \/>\n            r&#039;\\\\.(php|asp|jsp|py|sh)$&#039;,  # \u811a\u672c\u6587\u4ef6<br \/>\n            r&#039;\/(bin|etc|var|usr|opt)\/&#039;,  # \u7cfb\u7edf\u76ee\u5f55<br \/>\n            r&#039;\\\\.(bak|old|backup)$&#039;,  # \u5907\u4efd\u6587\u4ef6<br \/>\n        ]<\/p>\n<p>        for pattern in suspicious_patterns:<br \/>\n            if re.search(pattern, path, re.I):<br \/>\n                return True<\/p>\n<p>        return False<\/p>\n<p>    def handle_sensitive_path(self, path, request):<br \/>\n        &#034;&#034;&#034;\u5904\u7406\u654f\u611f\u8def\u5f84\u8bf7\u6c42&#034;&#034;&#034;<br \/>\n        # \u8bb0\u5f55\u5b89\u5168\u4e8b\u4ef6<br \/>\n        self.log_security_event(&#039;sensitive_path_accessed&#039;, {<br \/>\n            &#039;path&#039;: path,<br \/>\n            &#039;ip&#039;: request.remote_addr,<br \/>\n            &#039;user_agent&#039;: request.headers.get(&#039;User-Agent&#039;),<br \/>\n            &#039;timestamp&#039;: datetime.utcnow().isoformat()<br \/>\n        })<\/p>\n<p>        # \u8fd4\u56de\u4e0e\u666e\u901a404\u76f8\u540c\u7684\u54cd\u5e94&#xff0c;\u4e0d\u6cc4\u9732\u4fe1\u606f<br \/>\n        return self.create_generic_not_found_response()<\/p>\n<p>    def handle_honeypot_path(self, path, request):<br \/>\n        &#034;&#034;&#034;\u5904\u7406\u871c\u7f50\u8def\u5f84\u8bf7\u6c42&#034;&#034;&#034;<br \/>\n        # \u8be6\u7ec6\u8bb0\u5f55\u871c\u7f50\u8bbf\u95ee<br \/>\n        self.log_security_event(&#039;honeypot_triggered&#039;, {<br \/>\n            &#039;path&#039;: path,<br \/>\n            &#039;ip&#039;: request.remote_addr,<br \/>\n            &#039;user_agent&#039;: request.headers.get(&#039;User-Agent&#039;),<br \/>\n            &#039;headers&#039;: dict(request.headers),<br \/>\n            &#039;timestamp&#039;: datetime.utcnow().isoformat()<br \/>\n        })<\/p>\n<p>        # \u8fd4\u56de\u865a\u5047\u7684\u6210\u529f\u54cd\u5e94&#xff08;\u5ef6\u8fdf\u54cd\u5e94&#xff09;<br \/>\n        time.sleep(5)  # \u5ef6\u8fdf\u54cd\u5e94&#xff0c;\u6d88\u8017\u653b\u51fb\u8005\u65f6\u95f4<\/p>\n<p>        return jsonify({<br \/>\n            &#039;status&#039;: &#039;success&#039;,<br \/>\n            &#039;message&#039;: &#039;Access granted&#039;<br \/>\n        }), 200  # \u6545\u610f\u8fd4\u56de200&#xff0c;\u8ff7\u60d1\u653b\u51fb\u8005<\/p>\n<p>    def handle_scanning_attempt(self, path, request):<br \/>\n        &#034;&#034;&#034;\u5904\u7406\u626b\u63cf\u5c1d\u8bd5&#034;&#034;&#034;<br \/>\n        ip &#061; request.remote_addr<\/p>\n<p>        # \u6dfb\u52a0\u5230\u4e34\u65f6\u9ed1\u540d\u5355<br \/>\n        self.add_to_temp_blacklist(ip)<\/p>\n<p>        # \u8bb0\u5f55\u4e8b\u4ef6<br \/>\n        self.log_security_event(&#039;scanning_attempt&#039;, {<br \/>\n            &#039;path&#039;: path,<br \/>\n            &#039;ip&#039;: ip,<br \/>\n            &#039;user_agent&#039;: request.headers.get(&#039;User-Agent&#039;),<br \/>\n            &#039;timestamp&#039;: datetime.utcnow().isoformat()<br \/>\n        })<\/p>\n<p>        # \u8fd4\u56de429 Too Many Requests<br \/>\n        return jsonify({<br \/>\n            &#039;error&#039;: {<br \/>\n                &#039;code&#039;: &#039;RATE_LIMITED&#039;,<br \/>\n                &#039;message&#039;: &#039;Too many requests&#039;<br \/>\n            }<br \/>\n        }), 429<\/p>\n<p>    def handle_normal_not_found(self, path, request):<br \/>\n        &#034;&#034;&#034;\u5904\u7406\u666e\u901a404&#034;&#034;&#034;<br \/>\n        response_data &#061; {<br \/>\n            &#039;error&#039;: {<br \/>\n                &#039;code&#039;: &#039;NOT_FOUND&#039;,<br \/>\n                &#039;message&#039;: &#039;Resource not found&#039;<br \/>\n            }<br \/>\n        }<\/p>\n<p>        # \u6dfb\u52a0\u5b89\u5168\u5934\u90e8<br \/>\n        headers &#061; {<br \/>\n            &#039;X-Content-Type-Options&#039;: &#039;nosniff&#039;,<br \/>\n            &#039;X-Frame-Options&#039;: &#039;DENY&#039;,<br \/>\n            &#039;Content-Security-Policy&#039;: &#034;default-src &#039;self&#039;&#034;,<br \/>\n        }<\/p>\n<p>        # \u5982\u679c\u662fAPI\u8bf7\u6c42&#xff0c;\u8fd4\u56deJSON<br \/>\n        if request.headers.get(&#039;Accept&#039;, &#039;&#039;).startswith(&#039;application\/json&#039;):<br \/>\n            return jsonify(response_data), 404, headers<\/p>\n<p>        # \u5426\u5219\u8fd4\u56deHTML\u9875\u9762<br \/>\n        return self.render_not_found_template(), 404, headers<\/p>\n<p>    def create_generic_not_found_response(self):<br \/>\n        &#034;&#034;&#034;\u521b\u5efa\u901a\u7528\u7684404\u54cd\u5e94&#xff08;\u4e0d\u6cc4\u9732\u4efb\u4f55\u4fe1\u606f&#xff09;&#034;&#034;&#034;<br \/>\n        return jsonify({<br \/>\n            &#039;error&#039;: {<br \/>\n                &#039;code&#039;: &#039;NOT_FOUND&#039;,<br \/>\n                &#039;message&#039;: &#039;Resource not found&#039;<br \/>\n            }<br \/>\n        }), 404<\/p>\n<p>    def get_recent_requests(self, ip, minutes):<br \/>\n        &#034;&#034;&#034;\u83b7\u53d6\u6700\u8fd1\u7684\u8bf7\u6c42&#034;&#034;&#034;<br \/>\n        # \u5b9e\u73b0\u57fa\u4e8eRedis\u6216\u5185\u5b58\u7684\u8bf7\u6c42\u8ba1\u6570<br \/>\n        key &#061; f&#034;requests:{ip}&#034;<br \/>\n        # &#8230; \u5b9e\u9645\u5b9e\u73b0\u4f1a\u68c0\u67e5\u8ba1\u6570<br \/>\n        return []<\/p>\n<p>    def add_to_temp_blacklist(self, ip):<br \/>\n        &#034;&#034;&#034;\u6dfb\u52a0\u5230\u4e34\u65f6\u9ed1\u540d\u5355&#034;&#034;&#034;<br \/>\n        # \u5b9e\u73b0\u57fa\u4e8eRedis\u7684\u9ed1\u540d\u5355<br \/>\n        key &#061; f&#034;blacklist:{ip}&#034;<br \/>\n        # &#8230; \u5b9e\u9645\u5b9e\u73b0\u4f1a\u8bbe\u7f6e\u8fc7\u671f\u65f6\u95f4<br \/>\n        pass<\/p>\n<p>    def log_security_event(self, event_type, data):<br \/>\n        &#034;&#034;&#034;\u8bb0\u5f55\u5b89\u5168\u4e8b\u4ef6&#034;&#034;&#034;<br \/>\n        log_entry &#061; {<br \/>\n            &#039;type&#039;: event_type,<br \/>\n            &#039;data&#039;: data,<br \/>\n            &#039;timestamp&#039;: datetime.utcnow().isoformat()<br \/>\n        }<\/p>\n<p>        # \u8bb0\u5f55\u5230\u5b89\u5168\u65e5\u5fd7<br \/>\n        with open(&#039;security_events.log&#039;, &#039;a&#039;) as f:<br \/>\n            f.write(json.dumps(log_entry) &#043; &#039;\\\\n&#039;)<\/p>\n<p>        # \u53d1\u9001\u8b66\u62a5<br \/>\n        if event_type in [&#039;scanning_attempt&#039;, &#039;honeypot_triggered&#039;]:<br \/>\n            self.send_security_alert(log_entry)<\/p>\n<p># \u5728Flask\u4e2d\u4f7f\u7528<br \/>\nsecure_handler &#061; SecureNotFoundHandler(config)<\/p>\n<p>&#064;app.errorhandler(404)<br \/>\ndef handle_all_404(e):<br \/>\n    return secure_handler.handle_not_found(request.path, request)<\/p>\n<h3>19.7 \u6027\u80fd\u4f18\u5316<\/h3>\n<h4>19.7.1 \u9ad8\u6548\u7684404\u54cd\u5e94\u7f13\u5b58<\/h4>\n<p>python<\/p>\n<p># 404\u54cd\u5e94\u7f13\u5b58\u7cfb\u7edf<br \/>\nfrom functools import lru_cache<br \/>\nfrom datetime import datetime, timedelta<br \/>\nimport hashlib<br \/>\nimport json<\/p>\n<p>class NotFoundResponseCache:<br \/>\n    def __init__(self, max_size&#061;1000, ttl&#061;300):<br \/>\n        self.max_size &#061; max_size<br \/>\n        self.ttl &#061; ttl  # 5\u5206\u949f\u9ed8\u8ba4<br \/>\n        self.cache &#061; {}<br \/>\n        self.access_times &#061; {}<\/p>\n<p>    def get_cache_key(self, path, accept_header):<br \/>\n        &#034;&#034;&#034;\u751f\u6210\u7f13\u5b58\u952e&#034;&#034;&#034;<br \/>\n        key_data &#061; f&#034;{path}:{accept_header}&#034;<br \/>\n        return hashlib.md5(key_data.encode()).hexdigest()<\/p>\n<p>    def get(self, path, accept_header):<br \/>\n        &#034;&#034;&#034;\u83b7\u53d6\u7f13\u5b58\u7684404\u54cd\u5e94&#034;&#034;&#034;<br \/>\n        cache_key &#061; self.get_cache_key(path, accept_header)<\/p>\n<p>        if cache_key in self.cache:<br \/>\n            entry &#061; self.cache[cache_key]<\/p>\n<p>            # \u68c0\u67e5\u662f\u5426\u8fc7\u671f<br \/>\n            if datetime.utcnow() &#8211; entry[&#039;timestamp&#039;] &lt; timedelta(seconds&#061;self.ttl):<br \/>\n                # \u66f4\u65b0\u8bbf\u95ee\u65f6\u95f4<br \/>\n                self.access_times[cache_key] &#061; datetime.utcnow()<br \/>\n                return entry[&#039;response&#039;]<br \/>\n            else:<br \/>\n                # \u5df2\u8fc7\u671f&#xff0c;\u5220\u9664<br \/>\n                del self.cache[cache_key]<br \/>\n                del self.access_times[cache_key]<\/p>\n<p>        return None<\/p>\n<p>    def set(self, path, accept_header, response):<br \/>\n        &#034;&#034;&#034;\u7f13\u5b58404\u54cd\u5e94&#034;&#034;&#034;<br \/>\n        cache_key &#061; self.get_cache_key(path, accept_header)<\/p>\n<p>        # \u68c0\u67e5\u7f13\u5b58\u5927\u5c0f<br \/>\n        if len(self.cache) &gt;&#061; self.max_size:<br \/>\n            self.evict_oldest()<\/p>\n<p>        # \u5b58\u50a8\u54cd\u5e94<br \/>\n        self.cache[cache_key] &#061; {<br \/>\n            &#039;path&#039;: path,<br \/>\n            &#039;accept_header&#039;: accept_header,<br \/>\n            &#039;response&#039;: response,<br \/>\n            &#039;timestamp&#039;: datetime.utcnow()<br \/>\n        }<\/p>\n<p>        self.access_times[cache_key] &#061; datetime.utcnow()<\/p>\n<p>    def evict_oldest(self):<br \/>\n        &#034;&#034;&#034;\u9a71\u9010\u6700\u65e7\u7684\u7f13\u5b58\u9879&#034;&#034;&#034;<br \/>\n        if not self.access_times:<br \/>\n            return<\/p>\n<p>        # \u627e\u5230\u6700\u4e45\u672a\u8bbf\u95ee\u7684\u952e<br \/>\n        oldest_key &#061; min(self.access_times.items(), key&#061;lambda x: x[1])[0]<\/p>\n<p>        # \u4ece\u4e24\u4e2a\u5b57\u5178\u4e2d\u5220\u9664<br \/>\n        del self.cache[oldest_key]<br \/>\n        del self.access_times[oldest_key]<\/p>\n<p>    def should_cache(self, path, request):<br \/>\n        &#034;&#034;&#034;\u5224\u65ad\u662f\u5426\u5e94\u8be5\u7f13\u5b58\u6b64404\u54cd\u5e94&#034;&#034;&#034;<\/p>\n<p>        # \u4e0d\u7f13\u5b58\u7684\u60c5\u51b5<br \/>\n        no_cache_conditions &#061; [<br \/>\n            # 1. \u8def\u5f84\u5305\u542b\u53ef\u53d8\u90e8\u5206<br \/>\n            re.search(r&#039;\/\\\\d&#043;&#039;, path),  # \u5305\u542b\u6570\u5b57ID<br \/>\n            re.search(r&#039;\/[a-f0-9]{32}&#039;, path, re.I),  # \u5305\u542b\u54c8\u5e0c<\/p>\n<p>            # 2. \u8bf7\u6c42\u65b9\u6cd5\u4e0d\u662fGET<br \/>\n            request.method !&#061; &#039;GET&#039;,<\/p>\n<p>            # 3. \u6709\u67e5\u8be2\u53c2\u6570<br \/>\n            request.query_string,<\/p>\n<p>            # 4. \u8bf7\u6c42\u5934\u6307\u5b9a\u4e0d\u7f13\u5b58<br \/>\n            &#039;no-cache&#039; in request.headers.get(&#039;Cache-Control&#039;, &#039;&#039;),<br \/>\n            &#039;no-store&#039; in request.headers.get(&#039;Cache-Control&#039;, &#039;&#039;),<\/p>\n<p>            # 5. \u53ef\u80fd\u662f\u626b\u63cf\u5c1d\u8bd5<br \/>\n            self.is_suspicious_path(path),<br \/>\n        ]<\/p>\n<p>        return not any(no_cache_conditions)<\/p>\n<p>    def is_suspicious_path(self, path):<br \/>\n        &#034;&#034;&#034;\u68c0\u67e5\u662f\u5426\u662f\u53ef\u7591\u8def\u5f84&#xff08;\u4e0d\u7f13\u5b58&#xff09;&#034;&#034;&#034;<br \/>\n        suspicious_patterns &#061; [<br \/>\n            &#039;\/admin&#039;,<br \/>\n            &#039;\/config&#039;,<br \/>\n            &#039;\/.env&#039;,<br \/>\n            &#039;..&#039;,  # \u76ee\u5f55\u904d\u5386<br \/>\n            &#039;.php&#039;,<br \/>\n            &#039;.asp&#039;,<br \/>\n            &#039;.jsp&#039;,<br \/>\n        ]<\/p>\n<p>        path_lower &#061; path.lower()<br \/>\n        return any(pattern in path_lower for pattern in suspicious_patterns)<\/p>\n<p># \u96c6\u6210\u5230Flask\u5e94\u7528<br \/>\nresponse_cache &#061; NotFoundResponseCache(max_size&#061;500, ttl&#061;300)<\/p>\n<p>&#064;app.before_request<br \/>\ndef check_cache():<br \/>\n    &#034;&#034;&#034;\u68c0\u67e5\u7f13\u5b58&#034;&#034;&#034;<br \/>\n    if request.method &#061;&#061; &#039;GET&#039;:<br \/>\n        cached_response &#061; response_cache.get(<br \/>\n            request.path,<br \/>\n            request.headers.get(&#039;Accept&#039;, &#039;&#039;)<br \/>\n        )<\/p>\n<p>        if cached_response:<br \/>\n            return cached_response<\/p>\n<p>&#064;app.errorhandler(404)<br \/>\ndef handle_404_with_cache(e):<br \/>\n    &#034;&#034;&#034;\u5e26\u7f13\u5b58\u7684404\u5904\u7406&#034;&#034;&#034;<br \/>\n    path &#061; request.path<br \/>\n    accept_header &#061; request.headers.get(&#039;Accept&#039;, &#039;&#039;)<\/p>\n<p>    # \u68c0\u67e5\u662f\u5426\u5e94\u8be5\u7f13\u5b58<br \/>\n    if response_cache.should_cache(path, request):<br \/>\n        # \u751f\u6210\u54cd\u5e94<br \/>\n        response &#061; make_not_found_response(path)<\/p>\n<p>        # \u7f13\u5b58\u54cd\u5e94<br \/>\n        response_cache.set(path, accept_header, response)<\/p>\n<p>        return response<\/p>\n<p>    # \u4e0d\u7f13\u5b58\u7684\u60c5\u51b5<br \/>\n    return make_not_found_response(path)<\/p>\n<p>def make_not_found_response(path):<br \/>\n    &#034;&#034;&#034;\u751f\u6210404\u54cd\u5e94&#034;&#034;&#034;<br \/>\n    if request.headers.get(&#039;Accept&#039;, &#039;&#039;).startswith(&#039;application\/json&#039;):<br \/>\n        return jsonify({<br \/>\n            &#039;error&#039;: {<br \/>\n                &#039;code&#039;: &#039;NOT_FOUND&#039;,<br \/>\n                &#039;message&#039;: f&#039;Resource not found: {path}&#039;<br \/>\n            }<br \/>\n        }), 404<br \/>\n    else:<br \/>\n        return render_template(&#039;404.html&#039;, path&#061;path), 404<\/p>\n<h4>19.7.2 \u5f02\u6b65404\u5904\u7406<\/h4>\n<p>python<\/p>\n<p># \u5f02\u6b65404\u5904\u7406\u4e0e\u65e5\u5fd7\u8bb0\u5f55<br \/>\nimport asyncio<br \/>\nfrom concurrent.futures import ThreadPoolExecutor<br \/>\nimport aiofiles<br \/>\nfrom datetime import datetime<\/p>\n<p>class AsyncNotFoundHandler:<br \/>\n    def __init__(self, max_workers&#061;4):<br \/>\n        self.executor &#061; ThreadPoolExecutor(max_workers&#061;max_workers)<br \/>\n        self.log_queue &#061; asyncio.Queue(maxsize&#061;1000)<br \/>\n        self.processing &#061; False<\/p>\n<p>    async def handle_404_async(self, path, request_info):<br \/>\n        &#034;&#034;&#034;\u5f02\u6b65\u5904\u7406404&#034;&#034;&#034;<\/p>\n<p>        # 1. \u7acb\u5373\u8fd4\u56de\u54cd\u5e94&#xff08;\u4e0d\u963b\u585e&#xff09;<br \/>\n        response &#061; self.create_immediate_response(path)<\/p>\n<p>        # 2. \u5f02\u6b65\u8bb0\u5f55\u548c\u5206\u6790<br \/>\n        asyncio.create_task(self.log_and_analyze_async(path, request_info))<\/p>\n<p>        # 3. \u5f02\u6b65\u68c0\u67e5\u66ff\u4ee3\u8def\u5f84<br \/>\n        asyncio.create_task(self.check_alternatives_async(path))<\/p>\n<p>        return response<\/p>\n<p>    def create_immediate_response(self, path):<br \/>\n        &#034;&#034;&#034;\u521b\u5efa\u5373\u65f6\u54cd\u5e94&#034;&#034;&#034;<br \/>\n        return jsonify({<br \/>\n            &#039;error&#039;: {<br \/>\n                &#039;code&#039;: &#039;NOT_FOUND&#039;,<br \/>\n                &#039;message&#039;: &#039;Resource not found&#039;<br \/>\n            }<br \/>\n        }), 404<\/p>\n<p>    async def log_and_analyze_async(self, path, request_info):<br \/>\n        &#034;&#034;&#034;\u5f02\u6b65\u8bb0\u5f55\u548c\u5206\u6790404&#034;&#034;&#034;<br \/>\n        try:<br \/>\n            # \u5728\u540e\u53f0\u7ebf\u7a0b\u4e2d\u6267\u884cIO\u5bc6\u96c6\u578b\u64cd\u4f5c<br \/>\n            await asyncio.get_event_loop().run_in_executor(<br \/>\n                self.executor,<br \/>\n                self._log_and_analyze_sync,<br \/>\n                path,<br \/>\n                request_info<br \/>\n            )<br \/>\n        except Exception as e:<br \/>\n            print(f&#034;\u5f02\u6b65\u5904\u7406\u5931\u8d25: {e}&#034;)<\/p>\n<p>    def _log_and_analyze_sync(self, path, request_info):<br \/>\n        &#034;&#034;&#034;\u540c\u6b65\u7684\u65e5\u5fd7\u8bb0\u5f55\u548c\u5206\u6790&#034;&#034;&#034;<br \/>\n        # 1. \u8bb0\u5f55\u5230\u6587\u4ef6<br \/>\n        log_entry &#061; {<br \/>\n            &#039;timestamp&#039;: datetime.utcnow().isoformat(),<br \/>\n            &#039;path&#039;: path,<br \/>\n            &#039;ip&#039;: request_info.get(&#039;ip&#039;),<br \/>\n            &#039;user_agent&#039;: request_info.get(&#039;user_agent&#039;),<br \/>\n            &#039;referer&#039;: request_info.get(&#039;referer&#039;)<br \/>\n        }<\/p>\n<p>        # \u5f02\u6b65\u5199\u5165\u6587\u4ef6<br \/>\n        asyncio.create_task(self.write_log_async(log_entry))<\/p>\n<p>        # 2. \u5206\u6790\u6a21\u5f0f<br \/>\n        self.analyze_pattern(path)<\/p>\n<p>        # 3. \u68c0\u67e5\u662f\u5426\u9700\u8981\u8b66\u62a5<br \/>\n        self.check_for_alerts(path, request_info)<\/p>\n<p>    async def write_log_async(self, log_entry):<br \/>\n        &#034;&#034;&#034;\u5f02\u6b65\u5199\u5165\u65e5\u5fd7\u6587\u4ef6&#034;&#034;&#034;<br \/>\n        async with aiofiles.open(&#039;404_logs.jsonl&#039;, &#039;a&#039;) as f:<br \/>\n            await f.write(json.dumps(log_entry) &#043; &#039;\\\\n&#039;)<\/p>\n<p>    def analyze_pattern(self, path):<br \/>\n        &#034;&#034;&#034;\u5206\u6790404\u6a21\u5f0f&#034;&#034;&#034;<br \/>\n        # \u5c06\u8def\u5f84\u6dfb\u52a0\u5230\u5206\u6790\u961f\u5217<br \/>\n        self.log_queue.put_nowait((&#039;analyze&#039;, path))<\/p>\n<p>        # \u542f\u52a8\u540e\u53f0\u5904\u7406\u4efb\u52a1&#xff08;\u5982\u679c\u672a\u8fd0\u884c&#xff09;<br \/>\n        if not self.processing:<br \/>\n            asyncio.create_task(self.process_log_queue())<\/p>\n<p>    async def process_log_queue(self):<br \/>\n        &#034;&#034;&#034;\u5904\u7406\u65e5\u5fd7\u961f\u5217&#034;&#034;&#034;<br \/>\n        self.processing &#061; True<\/p>\n<p>        batch &#061; []<br \/>\n        batch_size &#061; 100<br \/>\n        batch_timeout &#061; 5  # \u79d2<\/p>\n<p>        try:<br \/>\n            while True:<br \/>\n                try:<br \/>\n                    # \u7b49\u5f85\u9879\u76ee&#xff0c;\u6709\u8d85\u65f6<br \/>\n                    item &#061; await asyncio.wait_for(<br \/>\n                        self.log_queue.get(),<br \/>\n                        timeout&#061;batch_timeout<br \/>\n                    )<br \/>\n                    batch.append(item)<\/p>\n<p>                    # \u8fbe\u5230\u6279\u91cf\u5927\u5c0f\u6216\u8d85\u65f6\u540e\u5904\u7406<br \/>\n                    if len(batch) &gt;&#061; batch_size:<br \/>\n                        await self.process_batch(batch)<br \/>\n                        batch &#061; []<\/p>\n<p>                except asyncio.TimeoutError:<br \/>\n                    # \u8d85\u65f6&#xff0c;\u5904\u7406\u5f53\u524d\u6279\u6b21<br \/>\n                    if batch:<br \/>\n                        await self.process_batch(batch)<br \/>\n                        batch &#061; []<\/p>\n<p>                    # \u68c0\u67e5\u662f\u5426\u5e94\u8be5\u7ee7\u7eed<br \/>\n                    if self.log_queue.empty():<br \/>\n                        break<\/p>\n<p>        finally:<br \/>\n            self.processing &#061; False<\/p>\n<p>    async def process_batch(self, batch):<br \/>\n        &#034;&#034;&#034;\u5904\u7406\u6279\u91cf\u6570\u636e&#034;&#034;&#034;<br \/>\n        # \u8fd9\u91cc\u53ef\u4ee5\u8fdb\u884c\u6279\u91cf\u5206\u6790&#xff0c;\u5982&#xff1a;<br \/>\n        # &#8211; \u805a\u5408\u7edf\u8ba1<br \/>\n        # &#8211; \u6a21\u5f0f\u8bc6\u522b<br \/>\n        # &#8211; \u53d1\u9001\u6279\u91cf\u8b66\u62a5<\/p>\n<p>        # \u793a\u4f8b&#xff1a;\u7b80\u5355\u7684\u9891\u7387\u5206\u6790<br \/>\n        path_counter &#061; {}<br \/>\n        for action, path in batch:<br \/>\n            if action &#061;&#061; &#039;analyze&#039;:<br \/>\n                path_counter[path] &#061; path_counter.get(path, 0) &#043; 1<\/p>\n<p>        # \u627e\u51fa\u9891\u7e41\u51fa\u73b0\u7684\u8def\u5f84<br \/>\n        frequent_paths &#061; {<br \/>\n            path: count<br \/>\n            for path, count in path_counter.items()<br \/>\n            if count &gt; 10<br \/>\n        }<\/p>\n<p>        if frequent_paths:<br \/>\n            # \u53d1\u9001\u6279\u91cf\u8b66\u62a5<br \/>\n            await self.send_batch_alert(frequent_paths)<\/p>\n<p>    async def check_alternatives_async(self, path):<br \/>\n        &#034;&#034;&#034;\u5f02\u6b65\u68c0\u67e5\u66ff\u4ee3\u8def\u5f84&#034;&#034;&#034;<br \/>\n        alternatives &#061; await self.find_alternatives(path)<\/p>\n<p>        if alternatives:<br \/>\n            # \u53ef\u4ee5\u5728\u8fd9\u91cc\u505a\u4e9b\u4ec0\u4e48&#xff0c;\u6bd4\u5982&#xff1a;<br \/>\n            # &#8211; \u66f4\u65b0\u8def\u7531\u5efa\u8bae<br \/>\n            # &#8211; \u53d1\u9001\u62a5\u544a<br \/>\n            # &#8211; \u9884\u70ed\u7f13\u5b58<br \/>\n            pass<\/p>\n<p>    async def find_alternatives(self, path):<br \/>\n        &#034;&#034;&#034;\u67e5\u627e\u66ff\u4ee3\u8def\u5f84&#034;&#034;&#034;<br \/>\n        # \u5728\u540e\u53f0\u7ebf\u7a0b\u4e2d\u6267\u884c<br \/>\n        return await asyncio.get_event_loop().run_in_executor(<br \/>\n            self.executor,<br \/>\n            self._find_alternatives_sync,<br \/>\n            path<br \/>\n        )<\/p>\n<p>    def _find_alternatives_sync(self, path):<br \/>\n        &#034;&#034;&#034;\u540c\u6b65\u67e5\u627e\u66ff\u4ee3\u8def\u5f84&#034;&#034;&#034;<br \/>\n        alternatives &#061; []<\/p>\n<p>        # 1. \u68c0\u67e5\u76f8\u4f3c\u7684\u8def\u7531<br \/>\n        from difflib import get_close_matches<\/p>\n<p>        # \u5047\u8bbe\u6709\u6ce8\u518c\u7684\u8def\u7531\u5217\u8868<br \/>\n        registered_routes &#061; [&#039;\/api\/users&#039;, &#039;\/api\/products&#039;, &#8230;]<br \/>\n        similar &#061; get_close_matches(path, registered_routes, n&#061;3, cutoff&#061;0.6)<br \/>\n        alternatives.extend(similar)<\/p>\n<p>        # 2. \u68c0\u67e5\u5e38\u89c1\u7684\u62fc\u5199\u9519\u8bef<br \/>\n        common_errors &#061; self.get_common_errors(path)<br \/>\n        alternatives.extend(common_errors)<\/p>\n<p>        return alternatives<\/p>\n<p># \u5f02\u6b65Flask\u8def\u7531\u5904\u7406&#xff08;\u4f7f\u7528Quart\u793a\u4f8b&#xff09;<br \/>\nfrom quart import Quart, jsonify, request<\/p>\n<p>app &#061; Quart(__name__)<br \/>\nhandler &#061; AsyncNotFoundHandler()<\/p>\n<p>&#064;app.errorhandler(404)<br \/>\nasync def handle_404(e):<br \/>\n    path &#061; request.path<br \/>\n    request_info &#061; {<br \/>\n        &#039;ip&#039;: request.remote_addr,<br \/>\n        &#039;user_agent&#039;: request.headers.get(&#039;User-Agent&#039;),<br \/>\n        &#039;referer&#039;: request.headers.get(&#039;Referer&#039;)<br \/>\n    }<\/p>\n<p>    return await handler.handle_404_async(path, request_info)<\/p>\n<h3>19.8 \u7279\u6b8a\u573a\u666f\u5904\u7406<\/h3>\n<h4>19.8.1 \u8f6f\u5220\u9664\u8d44\u6e90\u7684404\u5904\u7406<\/h4>\n<p>python<\/p>\n<p># \u8f6f\u5220\u9664\u8d44\u6e90\u7684\u5904\u7406<br \/>\nclass SoftDeleteHandler:<br \/>\n    def __init__(self, db_session):<br \/>\n        self.db &#061; db_session<\/p>\n<p>    async def get_resource(self, resource_type, resource_id, user&#061;None):<br \/>\n        &#034;&#034;&#034;\u83b7\u53d6\u8d44\u6e90&#xff0c;\u5904\u7406\u8f6f\u5220\u9664\u60c5\u51b5&#034;&#034;&#034;<\/p>\n<p>        # 1. \u67e5\u627e\u8d44\u6e90&#xff08;\u5305\u62ec\u8f6f\u5220\u9664\u7684&#xff09;<br \/>\n        resource &#061; await self.find_resource_with_deleted(resource_type, resource_id)<\/p>\n<p>        if not resource:<br \/>\n            # \u8d44\u6e90\u4ece\u672a\u5b58\u5728<br \/>\n            raise ResourceNotFound(resource_type, resource_id)<\/p>\n<p>        # 2. \u68c0\u67e5\u662f\u5426\u8f6f\u5220\u9664<br \/>\n        if hasattr(resource, &#039;deleted_at&#039;) and resource.deleted_at:<br \/>\n            # \u5904\u7406\u5df2\u5220\u9664\u7684\u8d44\u6e90<\/p>\n<p>            # \u68c0\u67e5\u7528\u6237\u6743\u9650<br \/>\n            if user and self.can_see_deleted(user, resource):<br \/>\n                # \u6709\u6743\u9650\u67e5\u770b\u5df2\u5220\u9664\u7684\u8d44\u6e90<br \/>\n                return {<br \/>\n                    &#039;resource&#039;: resource,<br \/>\n                    &#039;status&#039;: &#039;deleted&#039;,<br \/>\n                    &#039;warning&#039;: &#039;This resource has been deleted&#039;,<br \/>\n                    &#039;deleted_at&#039;: resource.deleted_at,<br \/>\n                    &#039;deleted_by&#039;: resource.deleted_by<br \/>\n                }<br \/>\n            else:<br \/>\n                # \u65e0\u6743\u9650&#xff0c;\u8fd4\u56de404&#xff08;\u4e0d\u900f\u9732\u5220\u9664\u4fe1\u606f&#xff09;<br \/>\n                raise ResourceNotFound(resource_type, resource_id)<\/p>\n<p>        # 3. \u6b63\u5e38\u8d44\u6e90<br \/>\n        return {<br \/>\n            &#039;resource&#039;: resource,<br \/>\n            &#039;status&#039;: &#039;active&#039;<br \/>\n        }<\/p>\n<p>    async def find_resource_with_deleted(self, resource_type, resource_id):<br \/>\n        &#034;&#034;&#034;\u67e5\u627e\u8d44\u6e90&#xff08;\u5305\u62ec\u8f6f\u5220\u9664\u7684&#xff09;&#034;&#034;&#034;<br \/>\n        model &#061; self.get_model(resource_type)<\/p>\n<p>        # \u4f7f\u7528\u6570\u636e\u5e93\u7684WITH(NOLOCK)\u6216\u7c7b\u4f3c\u9009\u9879<br \/>\n        # \u907f\u514d\u5728\u67e5\u627e\u65f6\u8df3\u8fc7\u8f6f\u5220\u9664\u8bb0\u5f55<br \/>\n        query &#061; f&#034;&#034;&#034;<br \/>\n        SELECT * FROM {model.__tablename__}<br \/>\n        WHERE id &#061; :id<br \/>\n        &#034;&#034;&#034;<\/p>\n<p>        result &#061; await self.db.execute(query, {&#039;id&#039;: resource_id})<br \/>\n        row &#061; result.fetchone()<\/p>\n<p>        if row:<br \/>\n            return model(**dict(row))<\/p>\n<p>        return None<\/p>\n<p>    def can_see_deleted(self, user, resource):<br \/>\n        &#034;&#034;&#034;\u68c0\u67e5\u7528\u6237\u662f\u5426\u53ef\u4ee5\u67e5\u770b\u5df2\u5220\u9664\u7684\u8d44\u6e90&#034;&#034;&#034;<\/p>\n<p>        # 1. \u7ba1\u7406\u5458\u53ef\u4ee5\u67e5\u770b<br \/>\n        if user.role &#061;&#061; &#039;admin&#039;:<br \/>\n            return True<\/p>\n<p>        # 2. \u8d44\u6e90\u6240\u6709\u8005\u53ef\u4ee5\u67e5\u770b<br \/>\n        if hasattr(resource, &#039;owner_id&#039;) and resource.owner_id &#061;&#061; user.id:<br \/>\n            return True<\/p>\n<p>        # 3. \u6709\u7279\u6b8a\u6743\u9650\u7684\u7528\u6237<br \/>\n        if &#039;view_deleted&#039; in user.permissions:<br \/>\n            return True<\/p>\n<p>        return False<\/p>\n<p>    def handle_api_response(self, resource_data):<br \/>\n        &#034;&#034;&#034;\u5904\u7406API\u54cd\u5e94&#034;&#034;&#034;<br \/>\n        status &#061; resource_data[&#039;status&#039;]<\/p>\n<p>        if status &#061;&#061; &#039;active&#039;:<br \/>\n            # \u6b63\u5e38\u8d44\u6e90&#xff0c;\u8fd4\u56de200<br \/>\n            resource &#061; resource_data[&#039;resource&#039;]<br \/>\n            return jsonify(resource.to_dict()), 200<\/p>\n<p>        elif status &#061;&#061; &#039;deleted&#039;:<br \/>\n            # \u5df2\u5220\u9664\u8d44\u6e90&#xff0c;\u6839\u636e\u60c5\u51b5\u8fd4\u56de<br \/>\n            if self.should_reveal_deletion(resource_data):<br \/>\n                # \u8fd4\u56de410 Gone&#xff0c;\u660e\u786e\u8868\u793a\u5df2\u5220\u9664<br \/>\n                return jsonify({<br \/>\n                    &#039;error&#039;: {<br \/>\n                        &#039;code&#039;: &#039;RESOURCE_DELETED&#039;,<br \/>\n                        &#039;message&#039;: &#039;This resource has been deleted&#039;,<br \/>\n                        &#039;deleted_at&#039;: resource_data[&#039;deleted_at&#039;],<br \/>\n                        &#039;deleted_by&#039;: resource_data[&#039;deleted_by&#039;],<br \/>\n                        &#039;can_restore&#039;: resource_data.get(&#039;can_restore&#039;, False)<br \/>\n                    }<br \/>\n                }), 410<br \/>\n            else:<br \/>\n                # \u8fd4\u56de404&#xff0c;\u9690\u85cf\u5220\u9664\u4e8b\u5b9e<br \/>\n                return jsonify({<br \/>\n                    &#039;error&#039;: {<br \/>\n                        &#039;code&#039;: &#039;RESOURCE_NOT_FOUND&#039;,<br \/>\n                        &#039;message&#039;: &#039;Resource not found&#039;<br \/>\n                    }<br \/>\n                }), 404<\/p>\n<p>    def should_reveal_deletion(self, resource_data):<br \/>\n        &#034;&#034;&#034;\u5224\u65ad\u662f\u5426\u5e94\u8be5\u900f\u9732\u5220\u9664\u4fe1\u606f&#034;&#034;&#034;<br \/>\n        resource &#061; resource_data[&#039;resource&#039;]<\/p>\n<p>        # \u68c0\u67e5\u8d44\u6e90\u7c7b\u578b<br \/>\n        if resource.__class__.__name__ in [&#039;User&#039;, &#039;Post&#039;, &#039;Comment&#039;]:<br \/>\n            # \u8fd9\u4e9b\u8d44\u6e90\u7c7b\u578b\u901a\u5e38\u53ef\u4ee5\u900f\u9732\u5220\u9664<br \/>\n            return True<\/p>\n<p>        # \u68c0\u67e5\u5220\u9664\u65f6\u95f4<br \/>\n        if resource.deleted_at:<br \/>\n            deleted_days &#061; (datetime.utcnow() &#8211; resource.deleted_at).days<br \/>\n            if deleted_days &lt; 30:  # 30\u5929\u5185\u5220\u9664\u7684<br \/>\n                return True<\/p>\n<p>        return False<\/p>\n<h4>19.8.2 \u56fd\u9645\u5316404\u9875\u9762<\/h4>\n<p>python<\/p>\n<p># \u56fd\u9645\u5316404\u5904\u7406<br \/>\nclass InternationalizedNotFoundHandler:<br \/>\n    def __init__(self):<br \/>\n        self.translations &#061; self.load_translations()<br \/>\n        self.region_redirects &#061; self.load_region_redirects()<\/p>\n<p>    def load_translations(self):<br \/>\n        &#034;&#034;&#034;\u52a0\u8f7d\u7ffb\u8bd1&#034;&#034;&#034;<br \/>\n        return {<br \/>\n            &#039;en&#039;: {<br \/>\n                &#039;title&#039;: &#039;Page Not Found&#039;,<br \/>\n                &#039;message&#039;: &#039;Sorry, the page you requested could not be found.&#039;,<br \/>\n                &#039;suggestions_title&#039;: &#039;You might want to:&#039;,<br \/>\n                &#039;go_home&#039;: &#039;Go to homepage&#039;,<br \/>\n                &#039;go_back&#039;: &#039;Go back&#039;,<br \/>\n                &#039;search&#039;: &#039;Search our site&#039;,<br \/>\n                &#039;contact&#039;: &#039;Contact support&#039;<br \/>\n            },<br \/>\n            &#039;zh&#039;: {<br \/>\n                &#039;title&#039;: &#039;\u9875\u9762\u672a\u627e\u5230&#039;,<br \/>\n                &#039;message&#039;: &#039;\u62b1\u6b49&#xff0c;\u60a8\u8bf7\u6c42\u7684\u9875\u9762\u65e0\u6cd5\u627e\u5230\u3002&#039;,<br \/>\n                &#039;suggestions_title&#039;: &#039;\u60a8\u53ef\u4ee5\u5c1d\u8bd5&#xff1a;&#039;,<br \/>\n                &#039;go_home&#039;: &#039;\u8fd4\u56de\u9996\u9875&#039;,<br \/>\n                &#039;go_back&#039;: &#039;\u8fd4\u56de\u4e0a\u4e00\u9875&#039;,<br \/>\n                &#039;search&#039;: &#039;\u641c\u7d22\u7f51\u7ad9&#039;,<br \/>\n                &#039;contact&#039;: &#039;\u8054\u7cfb\u652f\u6301&#039;<br \/>\n            },<br \/>\n            &#039;ja&#039;: {<br \/>\n                &#039;title&#039;: &#039;\u30da\u30fc\u30b8\u304c\u898b\u3064\u304b\u308a\u307e\u305b\u3093&#039;,<br \/>\n                &#039;message&#039;: &#039;\u7533\u3057\u8a33\u3042\u308a\u307e\u305b\u3093\u304c\u3001\u304a\u63a2\u3057\u306e\u30da\u30fc\u30b8\u304c\u898b\u3064\u304b\u308a\u307e\u305b\u3093\u3067\u3057\u305f\u3002&#039;,<br \/>\n                &#039;suggestions_title&#039;: &#039;\u6b21\u306e\u64cd\u4f5c\u3092\u304a\u8a66\u3057\u304f\u3060\u3055\u3044&#xff1a;&#039;,<br \/>\n                &#039;go_home&#039;: &#039;\u30db\u30fc\u30e0\u30da\u30fc\u30b8\u3078&#039;,<br \/>\n                &#039;go_back&#039;: &#039;\u524d\u306e\u30da\u30fc\u30b8\u3078&#039;,<br \/>\n                &#039;search&#039;: &#039;\u30b5\u30a4\u30c8\u5185\u3092\u691c\u7d22&#039;,<br \/>\n                &#039;contact&#039;: &#039;\u30b5\u30dd\u30fc\u30c8\u306b\u9023\u7d61&#039;<br \/>\n            }<br \/>\n            # \u6dfb\u52a0\u66f4\u591a\u8bed\u8a00&#8230;<br \/>\n        }<\/p>\n<p>    def load_region_redirects(self):<br \/>\n        &#034;&#034;&#034;\u52a0\u8f7d\u533a\u57df\u91cd\u5b9a\u5411\u89c4\u5219&#034;&#034;&#034;<br \/>\n        return {<br \/>\n            &#039;\/en\/products&#039;: &#039;\/products&#039;,<br \/>\n            &#039;\/de\/produkte&#039;: &#039;\/products&#039;,<br \/>\n            &#039;\/fr\/produits&#039;: &#039;\/products&#039;,<br \/>\n            # \u66f4\u591a\u91cd\u5b9a\u5411\u89c4\u5219&#8230;<br \/>\n        }<\/p>\n<p>    def detect_language(self, request):<br \/>\n        &#034;&#034;&#034;\u68c0\u6d4b\u7528\u6237\u8bed\u8a00&#034;&#034;&#034;<\/p>\n<p>        # 1. \u68c0\u67e5URL\u8def\u5f84<br \/>\n        path &#061; request.path<br \/>\n        if path.startswith(&#039;\/en\/&#039;):<br \/>\n            return &#039;en&#039;<br \/>\n        elif path.startswith(&#039;\/zh\/&#039;):<br \/>\n            return &#039;zh&#039;<br \/>\n        elif path.startswith(&#039;\/ja\/&#039;):<br \/>\n            return &#039;ja&#039;<\/p>\n<p>        # 2. \u68c0\u67e5Accept-Language\u5934<br \/>\n        accept_language &#061; request.headers.get(&#039;Accept-Language&#039;, &#039;&#039;)<br \/>\n        if &#039;zh&#039; in accept_language:<br \/>\n            return &#039;zh&#039;<br \/>\n        elif &#039;ja&#039; in accept_language:<br \/>\n            return &#039;ja&#039;<br \/>\n        elif &#039;en&#039; in accept_language:<br \/>\n            return &#039;en&#039;<\/p>\n<p>        # 3. \u68c0\u67e5\u533a\u57df\u8bbe\u7f6e&#xff08;\u57fa\u4e8eIP&#xff09;<br \/>\n        region &#061; self.detect_region(request)<br \/>\n        if region &#061;&#061; &#039;CN&#039;:<br \/>\n            return &#039;zh&#039;<br \/>\n        elif region &#061;&#061; &#039;JP&#039;:<br \/>\n            return &#039;ja&#039;<\/p>\n<p>        # 4. \u9ed8\u8ba4\u8bed\u8a00<br \/>\n        return &#039;en&#039;<\/p>\n<p>    def detect_region(self, request):<br \/>\n        &#034;&#034;&#034;\u68c0\u6d4b\u7528\u6237\u533a\u57df&#034;&#034;&#034;<br \/>\n        # \u57fa\u4e8eIP\u5730\u5740\u68c0\u6d4b\u533a\u57df<br \/>\n        ip &#061; request.remote_addr<\/p>\n<p>        # \u8fd9\u91cc\u53ef\u4ee5\u96c6\u6210GeoIP\u670d\u52a1<br \/>\n        # \u7b80\u5316\u7248\u672c&#xff1a;\u68c0\u67e5\u5df2\u77e5\u7684IP\u8303\u56f4<\/p>\n<p>        return &#039;US&#039;  # \u9ed8\u8ba4<\/p>\n<p>    def handle(self, request):<br \/>\n        &#034;&#034;&#034;\u5904\u7406404\u8bf7\u6c42&#034;&#034;&#034;<br \/>\n        path &#061; request.path<br \/>\n        language &#061; self.detect_language(request)<\/p>\n<p>        # 1. \u68c0\u67e5\u533a\u57df\u91cd\u5b9a\u5411<br \/>\n        redirected_path &#061; self.region_redirects.get(path)<br \/>\n        if redirected_path:<br \/>\n            # \u8fd4\u56de301\u91cd\u5b9a\u5411<br \/>\n            return self.create_redirect_response(redirected_path)<\/p>\n<p>        # 2. \u68c0\u67e5\u8bed\u8a00\u524d\u7f00<br \/>\n        if path.startswith((&#039;\/en\/&#039;, &#039;\/zh\/&#039;, &#039;\/ja\/&#039;)):<br \/>\n            # \u79fb\u9664\u8bed\u8a00\u524d\u7f00&#xff0c;\u68c0\u67e5\u662f\u5426\u5b58\u5728<br \/>\n            base_path &#061; &#039;\/&#039; &#043; &#039;\/&#039;.join(path.split(&#039;\/&#039;)[2:]) or &#039;\/&#039;<\/p>\n<p>            if self.resource_exists(base_path):<br \/>\n                # \u8d44\u6e90\u5b58\u5728\u4f46\u8bed\u8a00\u7248\u672c\u4e0d\u5b58\u5728<br \/>\n                return self.create_language_fallback_response(base_path, language)<\/p>\n<p>        # 3. \u521b\u5efa\u672c\u5730\u5316\u7684404\u54cd\u5e94<br \/>\n        return self.create_localized_404_response(path, language, request)<\/p>\n<p>    def create_localized_404_response(self, path, language, request):<br \/>\n        &#034;&#034;&#034;\u521b\u5efa\u672c\u5730\u5316\u7684404\u54cd\u5e94&#034;&#034;&#034;<br \/>\n        translation &#061; self.translations.get(language, self.translations[&#039;en&#039;])<\/p>\n<p>        # \u667a\u80fd\u5efa\u8bae&#xff08;\u57fa\u4e8e\u8bed\u8a00&#xff09;<br \/>\n        suggestions &#061; self.generate_suggestions(path, language)<\/p>\n<p>        response_data &#061; {<br \/>\n            &#039;error&#039;: {<br \/>\n                &#039;code&#039;: &#039;NOT_FOUND&#039;,<br \/>\n                &#039;message&#039;: translation[&#039;message&#039;],<br \/>\n                &#039;localized&#039;: True,<br \/>\n                &#039;language&#039;: language,<br \/>\n                &#039;path&#039;: path<br \/>\n            },<br \/>\n            &#039;ui&#039;: {<br \/>\n                &#039;title&#039;: translation[&#039;title&#039;],<br \/>\n                &#039;suggestions_title&#039;: translation[&#039;suggestions_title&#039;],<br \/>\n                &#039;suggestions&#039;: suggestions,<br \/>\n                &#039;actions&#039;: [<br \/>\n                    {&#039;text&#039;: translation[&#039;go_home&#039;], &#039;url&#039;: &#039;\/&#039;},<br \/>\n                    {&#039;text&#039;: translation[&#039;go_back&#039;], &#039;action&#039;: &#039;back&#039;},<br \/>\n                    {&#039;text&#039;: translation[&#039;search&#039;], &#039;action&#039;: &#039;search&#039;},<br \/>\n                    {&#039;text&#039;: translation[&#039;contact&#039;], &#039;url&#039;: &#039;\/contact&#039;}<br \/>\n                ]<br \/>\n            }<br \/>\n        }<\/p>\n<p>        # \u6dfb\u52a0\u8bed\u8a00\u5207\u6362\u9009\u9879<br \/>\n        response_data[&#039;language_options&#039;] &#061; self.get_language_options(path, language)<\/p>\n<p>        # \u786e\u5b9a\u54cd\u5e94\u683c\u5f0f<br \/>\n        accept &#061; request.headers.get(&#039;Accept&#039;, &#039;&#039;)<\/p>\n<p>        if &#039;application\/json&#039; in accept:<br \/>\n            return jsonify(response_data), 404<br \/>\n        else:<br \/>\n            # \u6e32\u67d3HTML\u6a21\u677f<br \/>\n            return self.render_template(&#039;404_international.html&#039;, **response_data), 404<\/p>\n<p>    def generate_suggestions(self, path, language):<br \/>\n        &#034;&#034;&#034;\u751f\u6210\u672c\u5730\u5316\u7684\u5efa\u8bae&#034;&#034;&#034;<br \/>\n        suggestions &#061; []<\/p>\n<p>        # \u57fa\u4e8e\u8def\u5f84\u7684\u5efa\u8bae<br \/>\n        if &#039;\/product&#039; in path or &#039;\/item&#039; in path:<br \/>\n            if language &#061;&#061; &#039;zh&#039;:<br \/>\n                suggestions.append(&#039;\u6d4f\u89c8\u6240\u6709\u4ea7\u54c1&#039;)<br \/>\n            elif language &#061;&#061; &#039;ja&#039;:<br \/>\n                suggestions.append(&#039;\u3059\u3079\u3066\u306e\u88fd\u54c1\u3092\u95b2\u89a7\u3059\u308b&#039;)<br \/>\n            else:<br \/>\n                suggestions.append(&#039;Browse all products&#039;)<\/p>\n<p>        if &#039;\/blog&#039; in path or &#039;\/article&#039; in path:<br \/>\n            if language &#061;&#061; &#039;zh&#039;:<br \/>\n                suggestions.append(&#039;\u67e5\u770b\u6700\u65b0\u6587\u7ae0&#039;)<br \/>\n            elif language &#061;&#061; &#039;ja&#039;:<br \/>\n                suggestions.append(&#039;\u6700\u65b0\u306e\u8a18\u4e8b\u3092\u898b\u308b&#039;)<br \/>\n            else:<br \/>\n                suggestions.append(&#039;Read latest articles&#039;)<\/p>\n<p>        # \u70ed\u95e8\u9875\u9762\u7684\u5efa\u8bae<br \/>\n        popular_pages &#061; self.get_popular_pages(language)<br \/>\n        suggestions.extend(popular_pages[:3])<\/p>\n<p>        return suggestions<\/p>\n<p>    def get_popular_pages(self, language):<br \/>\n        &#034;&#034;&#034;\u83b7\u53d6\u70ed\u95e8\u9875\u9762&#xff08;\u57fa\u4e8e\u8bed\u8a00&#xff09;&#034;&#034;&#034;<br \/>\n        # \u8fd9\u91cc\u53ef\u4ee5\u4ece\u5206\u6790\u6570\u636e\u4e2d\u83b7\u53d6<br \/>\n        popular &#061; {<br \/>\n            &#039;en&#039;: [&#039;\/products&#039;, &#039;\/blog&#039;, &#039;\/about&#039;, &#039;\/contact&#039;],<br \/>\n            &#039;zh&#039;: [&#039;\/products&#039;, &#039;\/blog&#039;, &#039;\/about&#039;, &#039;\/contact&#039;],<br \/>\n            &#039;ja&#039;: [&#039;\/products&#039;, &#039;\/blog&#039;, &#039;\/about&#039;, &#039;\/contact&#039;]<br \/>\n        }<\/p>\n<p>        return popular.get(language, popular[&#039;en&#039;])<\/p>\n<p>    def get_language_options(self, path, current_lang):<br \/>\n        &#034;&#034;&#034;\u83b7\u53d6\u8bed\u8a00\u5207\u6362\u9009\u9879&#034;&#034;&#034;<br \/>\n        options &#061; []<\/p>\n<p>        for lang_code, lang_name in [(&#039;en&#039;, &#039;English&#039;), (&#039;zh&#039;, &#039;\u4e2d\u6587&#039;), (&#039;ja&#039;, &#039;\u65e5\u672c\u8a9e&#039;)]:<br \/>\n            if lang_code &#061;&#061; current_lang:<br \/>\n                continue<\/p>\n<p>            # \u6784\u5efa\u5bf9\u5e94\u8bed\u8a00\u7684URL<br \/>\n            if path.startswith(f&#039;\/{current_lang}\/&#039;):<br \/>\n                lang_path &#061; path.replace(f&#039;\/{current_lang}\/&#039;, f&#039;\/{lang_code}\/&#039;, 1)<br \/>\n            else:<br \/>\n                lang_path &#061; f&#039;\/{lang_code}{path}&#039;<\/p>\n<p>            options.append({<br \/>\n                &#039;code&#039;: lang_code,<br \/>\n                &#039;name&#039;: lang_name,<br \/>\n                &#039;url&#039;: lang_path<br \/>\n            })<\/p>\n<p>        return options<\/p>\n<p>    def create_language_fallback_response(self, base_path, language):<br \/>\n        &#034;&#034;&#034;\u521b\u5efa\u8bed\u8a00\u56de\u9000\u54cd\u5e94&#034;&#034;&#034;<br \/>\n        return jsonify({<br \/>\n            &#039;error&#039;: {<br \/>\n                &#039;code&#039;: &#039;LANGUAGE_VERSION_NOT_FOUND&#039;,<br \/>\n                &#039;message&#039;: f&#039;Language version not found, showing default language&#039;,<br \/>\n                &#039;default_language&#039;: &#039;en&#039;,<br \/>\n                &#039;suggested_path&#039;: base_path<br \/>\n            }<br \/>\n        }), 404<\/p>\n<p>    def create_redirect_response(self, new_path):<br \/>\n        &#034;&#034;&#034;\u521b\u5efa\u91cd\u5b9a\u5411\u54cd\u5e94&#034;&#034;&#034;<br \/>\n        response &#061; jsonify({<br \/>\n            &#039;error&#039;: {<br \/>\n                &#039;code&#039;: &#039;REDIRECT_REQUIRED&#039;,<br \/>\n                &#039;message&#039;: &#039;Resource has moved&#039;,<br \/>\n                &#039;new_location&#039;: new_path<br \/>\n            }<br \/>\n        })<\/p>\n<p>        response.status_code &#061; 301<br \/>\n        response.headers[&#039;Location&#039;] &#061; new_path<\/p>\n<p>        return response<\/p>\n<p>    def resource_exists(self, path):<br \/>\n        &#034;&#034;&#034;\u68c0\u67e5\u8d44\u6e90\u662f\u5426\u5b58\u5728&#034;&#034;&#034;<br \/>\n        # \u8fd9\u91cc\u53ef\u4ee5\u68c0\u67e5\u6570\u636e\u5e93\u6216\u6587\u4ef6\u7cfb\u7edf<br \/>\n        # \u7b80\u5316\u7248\u672c<br \/>\n        known_paths &#061; [&#039;\/products&#039;, &#039;\/blog&#039;, &#039;\/about&#039;, &#039;\/contact&#039;]<br \/>\n        return path in known_paths<\/p>\n<h2 style=\"background-color:transparent\"><\/h2>\n<h2><\/h2><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u6587\u7ae0\u6d4f\u89c8\u9605\u8bfb911\u6b21\uff0c\u70b9\u8d5e20\u6b21\uff0c\u6536\u85cf13\u6b21\u3002\u672c\u6587\u6458\u8981\u6df1\u5165\u5206\u6790\u4e86HTTP\u72b6\u6001\u7801400\u3001401\u3001403\u3001404\u548c405\u7684\u5904\u7406\u7b56\u7565\u3002400\u72b6\u6001\u7801\u8868\u793a\u5ba2\u6237\u7aef\u8bf7\u6c42\u9519\u8bef\uff0c\u9700\u9a8c\u8bc1\u8bf7\u6c42\u8bed\u6cd5\u548c\u6570\u636e\uff1b401\u72b6\u6001\u7801\u6d89\u53ca\u8ba4\u8bc1\u5931\u8d25\uff0c\u9700\u63d0\u4f9b\u6709\u6548\u7684\u8eab\u4efd\u51ed\u8bc1\uff1b403\u72b6\u6001\u7801\u8868\u793a\u6743\u9650\u4e0d\u8db3\uff0c\u9700\u5b9e\u65bd\u8bbf\u95ee\u63a7\u5236\uff1b404\u72b6\u6001\u7801\u8868\u793a\u8d44\u6e90\u672a\u627e\u5230\uff0c\u9700\u4f18\u5316\u8def\u7531\u5339\u914d\uff1b405\u72b6\u6001\u7801\u8868\u793a\u65b9\u6cd5\u4e0d\u5141\u8bb8\uff0c\u9700\u6b63\u786e\u5b9e\u73b0Allow\u5934\u90e8\u3002\u6587\u7ae0\u63d0\u4f9b\u4e86\u8be6\u7ec6\u7684\u4ee3\u7801\u793a\u4f8b\u548c\u6700\u4f73\u5b9e\u8df5\uff0c\u6db5\u76d6\u9519\u8bef\u54cd\u5e94\u8bbe\u8ba1\u3001\u5ba2\u6237\u7aef\u5904\u7406\u3001\u5b89\u5168\u9632\u62a4\u548c\u6027\u80fd\u4f18\u5316\u7b49\u65b9\u9762\uff0c\u4e3a\u6784\u5efa\u5065\u58ee\u7684Web\u670d\u52a1\u63d0\u4f9b\u4e86\u5168\u9762\u6307\u5bfc\u3002<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"topic":[],"class_list":["post-59146","post","type-post","status-publish","format-standard","hentry","category-server"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>HTTP \u72b6\u6001\u7801\uff1a\u5ba2\u6237\u7aef\u4e0e\u670d\u52a1\u5668\u7684\u901a\u4fe1\u8bed\u8a00\u2014\u2014\u7b2c\u56db\u90e8\u5206\uff1a\u5ba2\u6237\u7aef\u9519\u8bef\u72b6\u6001\u7801\uff084xx\uff09\u6df1\u5ea6\u89e3\u8bfb\uff08\u4e00\uff09 - \u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.wsisp.com\/helps\/59146.html\" \/>\n<meta property=\"og:locale\" content=\"zh_CN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"HTTP \u72b6\u6001\u7801\uff1a\u5ba2\u6237\u7aef\u4e0e\u670d\u52a1\u5668\u7684\u901a\u4fe1\u8bed\u8a00\u2014\u2014\u7b2c\u56db\u90e8\u5206\uff1a\u5ba2\u6237\u7aef\u9519\u8bef\u72b6\u6001\u7801\uff084xx\uff09\u6df1\u5ea6\u89e3\u8bfb\uff08\u4e00\uff09 - \u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3\" \/>\n<meta property=\"og:description\" content=\"\u6587\u7ae0\u6d4f\u89c8\u9605\u8bfb911\u6b21\uff0c\u70b9\u8d5e20\u6b21\uff0c\u6536\u85cf13\u6b21\u3002\u672c\u6587\u6458\u8981\u6df1\u5165\u5206\u6790\u4e86HTTP\u72b6\u6001\u7801400\u3001401\u3001403\u3001404\u548c405\u7684\u5904\u7406\u7b56\u7565\u3002400\u72b6\u6001\u7801\u8868\u793a\u5ba2\u6237\u7aef\u8bf7\u6c42\u9519\u8bef\uff0c\u9700\u9a8c\u8bc1\u8bf7\u6c42\u8bed\u6cd5\u548c\u6570\u636e\uff1b401\u72b6\u6001\u7801\u6d89\u53ca\u8ba4\u8bc1\u5931\u8d25\uff0c\u9700\u63d0\u4f9b\u6709\u6548\u7684\u8eab\u4efd\u51ed\u8bc1\uff1b403\u72b6\u6001\u7801\u8868\u793a\u6743\u9650\u4e0d\u8db3\uff0c\u9700\u5b9e\u65bd\u8bbf\u95ee\u63a7\u5236\uff1b404\u72b6\u6001\u7801\u8868\u793a\u8d44\u6e90\u672a\u627e\u5230\uff0c\u9700\u4f18\u5316\u8def\u7531\u5339\u914d\uff1b405\u72b6\u6001\u7801\u8868\u793a\u65b9\u6cd5\u4e0d\u5141\u8bb8\uff0c\u9700\u6b63\u786e\u5b9e\u73b0Allow\u5934\u90e8\u3002\u6587\u7ae0\u63d0\u4f9b\u4e86\u8be6\u7ec6\u7684\u4ee3\u7801\u793a\u4f8b\u548c\u6700\u4f73\u5b9e\u8df5\uff0c\u6db5\u76d6\u9519\u8bef\u54cd\u5e94\u8bbe\u8ba1\u3001\u5ba2\u6237\u7aef\u5904\u7406\u3001\u5b89\u5168\u9632\u62a4\u548c\u6027\u80fd\u4f18\u5316\u7b49\u65b9\u9762\uff0c\u4e3a\u6784\u5efa\u5065\u58ee\u7684Web\u670d\u52a1\u63d0\u4f9b\u4e86\u5168\u9762\u6307\u5bfc\u3002\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.wsisp.com\/helps\/59146.html\" \/>\n<meta property=\"og:site_name\" content=\"\u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3\" \/>\n<meta property=\"article:published_time\" content=\"2026-01-13T04:40:54+00:00\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\" \/>\n\t<meta name=\"twitter:data2\" content=\"67 \u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.wsisp.com\/helps\/59146.html\",\"url\":\"https:\/\/www.wsisp.com\/helps\/59146.html\",\"name\":\"HTTP \u72b6\u6001\u7801\uff1a\u5ba2\u6237\u7aef\u4e0e\u670d\u52a1\u5668\u7684\u901a\u4fe1\u8bed\u8a00\u2014\u2014\u7b2c\u56db\u90e8\u5206\uff1a\u5ba2\u6237\u7aef\u9519\u8bef\u72b6\u6001\u7801\uff084xx\uff09\u6df1\u5ea6\u89e3\u8bfb\uff08\u4e00\uff09 - \u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3\",\"isPartOf\":{\"@id\":\"https:\/\/www.wsisp.com\/helps\/#website\"},\"datePublished\":\"2026-01-13T04:40:54+00:00\",\"dateModified\":\"2026-01-13T04:40:54+00:00\",\"author\":{\"@id\":\"https:\/\/www.wsisp.com\/helps\/#\/schema\/person\/358e386c577a3ab51c4493330a20ad41\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.wsisp.com\/helps\/59146.html#breadcrumb\"},\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.wsisp.com\/helps\/59146.html\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.wsisp.com\/helps\/59146.html#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9875\",\"item\":\"https:\/\/www.wsisp.com\/helps\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"HTTP \u72b6\u6001\u7801\uff1a\u5ba2\u6237\u7aef\u4e0e\u670d\u52a1\u5668\u7684\u901a\u4fe1\u8bed\u8a00\u2014\u2014\u7b2c\u56db\u90e8\u5206\uff1a\u5ba2\u6237\u7aef\u9519\u8bef\u72b6\u6001\u7801\uff084xx\uff09\u6df1\u5ea6\u89e3\u8bfb\uff08\u4e00\uff09\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.wsisp.com\/helps\/#website\",\"url\":\"https:\/\/www.wsisp.com\/helps\/\",\"name\":\"\u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3\",\"description\":\"\u9999\u6e2f\u670d\u52a1\u5668_\u9999\u6e2f\u4e91\u670d\u52a1\u5668\u8d44\u8baf_\u670d\u52a1\u5668\u5e2e\u52a9\u6587\u6863_\u670d\u52a1\u5668\u6559\u7a0b\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.wsisp.com\/helps\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"zh-Hans\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.wsisp.com\/helps\/#\/schema\/person\/358e386c577a3ab51c4493330a20ad41\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.wsisp.com\/helps\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/gravatar.wp-china-yes.net\/avatar\/?s=96&d=mystery\",\"contentUrl\":\"https:\/\/gravatar.wp-china-yes.net\/avatar\/?s=96&d=mystery\",\"caption\":\"admin\"},\"sameAs\":[\"http:\/\/wp.wsisp.com\"],\"url\":\"https:\/\/www.wsisp.com\/helps\/author\/admin\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"HTTP \u72b6\u6001\u7801\uff1a\u5ba2\u6237\u7aef\u4e0e\u670d\u52a1\u5668\u7684\u901a\u4fe1\u8bed\u8a00\u2014\u2014\u7b2c\u56db\u90e8\u5206\uff1a\u5ba2\u6237\u7aef\u9519\u8bef\u72b6\u6001\u7801\uff084xx\uff09\u6df1\u5ea6\u89e3\u8bfb\uff08\u4e00\uff09 - \u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.wsisp.com\/helps\/59146.html","og_locale":"zh_CN","og_type":"article","og_title":"HTTP \u72b6\u6001\u7801\uff1a\u5ba2\u6237\u7aef\u4e0e\u670d\u52a1\u5668\u7684\u901a\u4fe1\u8bed\u8a00\u2014\u2014\u7b2c\u56db\u90e8\u5206\uff1a\u5ba2\u6237\u7aef\u9519\u8bef\u72b6\u6001\u7801\uff084xx\uff09\u6df1\u5ea6\u89e3\u8bfb\uff08\u4e00\uff09 - \u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3","og_description":"\u6587\u7ae0\u6d4f\u89c8\u9605\u8bfb911\u6b21\uff0c\u70b9\u8d5e20\u6b21\uff0c\u6536\u85cf13\u6b21\u3002\u672c\u6587\u6458\u8981\u6df1\u5165\u5206\u6790\u4e86HTTP\u72b6\u6001\u7801400\u3001401\u3001403\u3001404\u548c405\u7684\u5904\u7406\u7b56\u7565\u3002400\u72b6\u6001\u7801\u8868\u793a\u5ba2\u6237\u7aef\u8bf7\u6c42\u9519\u8bef\uff0c\u9700\u9a8c\u8bc1\u8bf7\u6c42\u8bed\u6cd5\u548c\u6570\u636e\uff1b401\u72b6\u6001\u7801\u6d89\u53ca\u8ba4\u8bc1\u5931\u8d25\uff0c\u9700\u63d0\u4f9b\u6709\u6548\u7684\u8eab\u4efd\u51ed\u8bc1\uff1b403\u72b6\u6001\u7801\u8868\u793a\u6743\u9650\u4e0d\u8db3\uff0c\u9700\u5b9e\u65bd\u8bbf\u95ee\u63a7\u5236\uff1b404\u72b6\u6001\u7801\u8868\u793a\u8d44\u6e90\u672a\u627e\u5230\uff0c\u9700\u4f18\u5316\u8def\u7531\u5339\u914d\uff1b405\u72b6\u6001\u7801\u8868\u793a\u65b9\u6cd5\u4e0d\u5141\u8bb8\uff0c\u9700\u6b63\u786e\u5b9e\u73b0Allow\u5934\u90e8\u3002\u6587\u7ae0\u63d0\u4f9b\u4e86\u8be6\u7ec6\u7684\u4ee3\u7801\u793a\u4f8b\u548c\u6700\u4f73\u5b9e\u8df5\uff0c\u6db5\u76d6\u9519\u8bef\u54cd\u5e94\u8bbe\u8ba1\u3001\u5ba2\u6237\u7aef\u5904\u7406\u3001\u5b89\u5168\u9632\u62a4\u548c\u6027\u80fd\u4f18\u5316\u7b49\u65b9\u9762\uff0c\u4e3a\u6784\u5efa\u5065\u58ee\u7684Web\u670d\u52a1\u63d0\u4f9b\u4e86\u5168\u9762\u6307\u5bfc\u3002","og_url":"https:\/\/www.wsisp.com\/helps\/59146.html","og_site_name":"\u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3","article_published_time":"2026-01-13T04:40:54+00:00","author":"admin","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"admin","\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4":"67 \u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.wsisp.com\/helps\/59146.html","url":"https:\/\/www.wsisp.com\/helps\/59146.html","name":"HTTP \u72b6\u6001\u7801\uff1a\u5ba2\u6237\u7aef\u4e0e\u670d\u52a1\u5668\u7684\u901a\u4fe1\u8bed\u8a00\u2014\u2014\u7b2c\u56db\u90e8\u5206\uff1a\u5ba2\u6237\u7aef\u9519\u8bef\u72b6\u6001\u7801\uff084xx\uff09\u6df1\u5ea6\u89e3\u8bfb\uff08\u4e00\uff09 - \u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3","isPartOf":{"@id":"https:\/\/www.wsisp.com\/helps\/#website"},"datePublished":"2026-01-13T04:40:54+00:00","dateModified":"2026-01-13T04:40:54+00:00","author":{"@id":"https:\/\/www.wsisp.com\/helps\/#\/schema\/person\/358e386c577a3ab51c4493330a20ad41"},"breadcrumb":{"@id":"https:\/\/www.wsisp.com\/helps\/59146.html#breadcrumb"},"inLanguage":"zh-Hans","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.wsisp.com\/helps\/59146.html"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.wsisp.com\/helps\/59146.html#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9875","item":"https:\/\/www.wsisp.com\/helps"},{"@type":"ListItem","position":2,"name":"HTTP \u72b6\u6001\u7801\uff1a\u5ba2\u6237\u7aef\u4e0e\u670d\u52a1\u5668\u7684\u901a\u4fe1\u8bed\u8a00\u2014\u2014\u7b2c\u56db\u90e8\u5206\uff1a\u5ba2\u6237\u7aef\u9519\u8bef\u72b6\u6001\u7801\uff084xx\uff09\u6df1\u5ea6\u89e3\u8bfb\uff08\u4e00\uff09"}]},{"@type":"WebSite","@id":"https:\/\/www.wsisp.com\/helps\/#website","url":"https:\/\/www.wsisp.com\/helps\/","name":"\u7f51\u7855\u4e92\u8054\u5e2e\u52a9\u4e2d\u5fc3","description":"\u9999\u6e2f\u670d\u52a1\u5668_\u9999\u6e2f\u4e91\u670d\u52a1\u5668\u8d44\u8baf_\u670d\u52a1\u5668\u5e2e\u52a9\u6587\u6863_\u670d\u52a1\u5668\u6559\u7a0b","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.wsisp.com\/helps\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"zh-Hans"},{"@type":"Person","@id":"https:\/\/www.wsisp.com\/helps\/#\/schema\/person\/358e386c577a3ab51c4493330a20ad41","name":"admin","image":{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.wsisp.com\/helps\/#\/schema\/person\/image\/","url":"https:\/\/gravatar.wp-china-yes.net\/avatar\/?s=96&d=mystery","contentUrl":"https:\/\/gravatar.wp-china-yes.net\/avatar\/?s=96&d=mystery","caption":"admin"},"sameAs":["http:\/\/wp.wsisp.com"],"url":"https:\/\/www.wsisp.com\/helps\/author\/admin"}]}},"_links":{"self":[{"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/posts\/59146","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/comments?post=59146"}],"version-history":[{"count":0,"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/posts\/59146\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/media?parent=59146"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/categories?post=59146"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/tags?post=59146"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.wsisp.com\/helps\/wp-json\/wp\/v2\/topic?post=59146"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}