[ https://issues.apache.org/jira/browse/SHIRO-826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17383639#comment-17383639 ]
Brian Demers commented on SHIRO-826: ------------------------------------ Hey [~sgessner]! I just had a chance to dig into this a bit more. In Shiro 1.7 we introduced a global filtering mechanism. One of the default filters checks for non-ascii characters, specifically in your case it looks like it's failing here: [https://github.com/apache/shiro/blob/df81077726b407f905ba16a9f57ba731b7736375/web/src/main/java/org/apache/shiro/web/filter/InvalidRequestFilter.java#L62] The quick workaround is to disable the filter (to revert to the previous behavior): {code:java} @Configuration static class Config extends AbstractShiroWebFilterConfiguration { @Bean @Override public ShiroFilterFactoryBean shiroFilterFactoryBean() { ShiroFilterFactoryBean bean = super.shiroFilterFactoryBean(); InvalidRequestFilter invalidRequestFilter = new InvalidRequestFilter(); invalidRequestFilter.setBlockNonAscii(false); bean.getFilters().put("invalidRequest", invalidRequestFilter); return bean; } } {code} For anyone using a `shiro.ini` file the equivalent should be: {code} invalidRequest.invalidRequest = false {code} We need to make these types of changes more visible, both in the Shiro docs, and the release notes. (possibly with some debug/trace logging to, to help anyone in the future) > HTTP 400 with encoded umlauts in URL > ------------------------------------ > > Key: SHIRO-826 > URL: https://issues.apache.org/jira/browse/SHIRO-826 > Project: Shiro > Issue Type: Bug > Affects Versions: 1.7.1 > Reporter: Sita Geßner > Priority: Major > Attachments: debug.log, error-request-with-umlauts.png, > localhost_access_log.2021-07-19.txt, success-request-without-umlauts.png > > > I've updated shiro from version 1.4.2 to 1.7.1. > > I have an rest-endpoint with an Pathvariable: > {code:java} > @RestController > @RequestMapping(value = "/inspektor/verjaehrungs-agent") > @Slf4j > public class MyRestController > @GetMapping("/profile/{name}") > public Profile getProfile(@PathVariable final String name) { > return service.getProfile(name); > } > {code} > When requesting with the Pathvariable name "Test 123" everything works fine. > When requesting with the Pathvariable name "Test ö" I'm getting an HTTP 400. > This error occurs also, when I encode the Pathvariable to "TEST%20%C3%B6". > > Before the update, everything was fine. -- This message was sent by Atlassian Jira (v8.3.4#803005)