quurks created TAP5-2436:
----------------------------
Summary: Dont throw an IllgealArgumentException on illegal chars
in the url
Key: TAP5-2436
URL: https://issues.apache.org/jira/browse/TAP5-2436
Project: Tapestry 5
Issue Type: Improvement
Components: tapestry-core
Affects Versions: 5.4
Reporter: quurks
A few days ago some tool tried to find vulnerabilites by checking urls like
/pageid=99999' . This lead to dozens of exception reports like
Exception type: java.lang.IllegalArgumentException
Message: Input string 'pageid=99999'' is not valid; the character '=' at
position 7 is not valid.
This should either be a custom exception type, so it can be handled without
parsing the IllegalArgumentException message or it should be a 400 - Bad
request, which would also allow for a custom error page.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
