[ https://issues.apache.org/jira/browse/WICKET-4803?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13575858#comment-13575858 ]
Jan Riehn edited comment on WICKET-4803 at 2/11/13 4:02 PM: ------------------------------------------------------------ Hej Martin, maybe the problem is not well demonstrated. this issue can be reconstructed using the wicket 1.5.9 quickstart [http://wicket.apache.org/start/quickstart.html]. An invalid request like "http://localhost:8080/?%%%" throws the following exception: java.lang.IllegalArgumentException: URLDecoder: Illegal hex characters in escape (%) pattern - For input string: "%%" at org.apache.wicket.request.UrlDecoder.decode(UrlDecoder.java:162) at org.apache.wicket.request.UrlDecoder.decode(UrlDecoder.java:76) at org.apache.wicket.request.Url.decodeParameter(Url.java:601) at org.apache.wicket.request.Url.parseQueryParameter(Url.java:104) at org.apache.wicket.request.Url.parse(Url.java:243) at org.apache.wicket.protocol.http.servlet.ServletWebRequest.getContextRelativeUrl(ServletWebRequest.java:222) at org.apache.wicket.protocol.http.servlet.ServletWebRequest.<init>(ServletWebRequest.java:126) at org.apache.wicket.protocol.http.servlet.ServletWebRequest.<init>(ServletWebRequest.java:83) at org.apache.wicket.protocol.http.WebApplication.newWebRequest(WebApplication.java:413) at org.apache.wicket.protocol.http.WebApplication.createWebRequest(WebApplication.java:458) at org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:183) at org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:244) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1326) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:479) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:119) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:520) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:227) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:940) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:409) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:186) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:874) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110) at org.eclipse.jetty.server.Server.handle(Server.java:349) at org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:441) at org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:904) at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:565) at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:217) at org.eclipse.jetty.server.BlockingHttpConnection.handle(BlockingHttpConnection.java:50) at org.eclipse.jetty.server.bio.SocketConnector$ConnectorEndPoint.run(SocketConnector.java:245) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:598) at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:533) at java.lang.Thread.run(Unknown Source) Is there any advice on how to handle such invalid requests? was (Author: jriehn): Hej Martin, maybe the problem is not well demonstrated. this issue can be reconstructed using the wicket 1.5.9 quickstart [http://wicket.apache.org/start/quickstart.html]. An invalid request like "http://localhost:8080/?%%%" throws the following exception: java.lang.IllegalArgumentException: URLDecoder: Illegal hex characters in escape (%) pattern - For input string: "%%" at org.apache.wicket.request.UrlDecoder.decode(UrlDecoder.java:162) at org.apache.wicket.request.UrlDecoder.decode(UrlDecoder.java:76) at org.apache.wicket.request.Url.decodeParameter(Url.java:601) at org.apache.wicket.request.Url.parseQueryParameter(Url.java:104) at org.apache.wicket.request.Url.parse(Url.java:243) at org.apache.wicket.protocol.http.servlet.ServletWebRequest.getContextRelativeUrl(ServletWebRequest.java:222) at org.apache.wicket.protocol.http.servlet.ServletWebRequest.<init>(ServletWebRequest.java:126) at org.apache.wicket.protocol.http.servlet.ServletWebRequest.<init>(ServletWebRequest.java:83) at org.apache.wicket.protocol.http.WebApplication.newWebRequest(WebApplication.java:413) at org.apache.wicket.protocol.http.WebApplication.createWebRequest(WebApplication.java:458) at org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:183) at org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:244) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1326) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:479) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:119) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:520) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:227) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:940) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:409) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:186) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:874) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110) at org.eclipse.jetty.server.Server.handle(Server.java:349) at org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:441) at org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:904) at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:565) at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:217) at org.eclipse.jetty.server.BlockingHttpConnection.handle(BlockingHttpConnection.java:50) at org.eclipse.jetty.server.bio.SocketConnector$ConnectorEndPoint.run(SocketConnector.java:245) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:598) at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:533) at java.lang.Thread.run(Unknown Source) Is there any advice on how to handle such invalid request? > Unwrapped IllegalArgumentException in WicketURLDecoder > ------------------------------------------------------ > > Key: WICKET-4803 > URL: https://issues.apache.org/jira/browse/WICKET-4803 > Project: Wicket > Issue Type: Bug > Components: wicket > Affects Versions: 1.5.8 > Reporter: Johan Heylen > Priority: Minor > Attachments: WICKET-4803-quickstart-testcase-and-example.zip > > > In the class: org.apache.wicket.protocol.http.WicketURLDecoder there are two > IllegalArgumentException which should be wrapped in WicketRuntimeException, > otherwise they are caught by the exception handler form the servlet container > (jetty, tomcat, ...) which then uses their http 500 error code configuration > instead of the exception handling of wicket. > Wrapping them would be good for consistency and help manage runtime > exceptions. > These are the two exceptions: > throw new IllegalArgumentException("URLDecoder: Incomplete trailing escape > (%) pattern"); > throw new IllegalArgumentException("URLDecoder: Illegal hex characters in > escape (%) pattern - " + e.getMessage()); -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira