Bug ID: 63014
           Summary: Tomcat 9 throws exception when sending unencoded
                    charecters in QueryString
           Product: Tomcat 9
           Version: 9.0.13
          Hardware: PC
                OS: Mac OS X 10.1
            Status: NEW
          Severity: major
          Priority: P2
         Component: Connectors
  Target Milestone: -----

Created attachment 36333
Tomcat 9.0.13

I switched from tomcat 8.5.35 to 9.0.13. In 8.5 when I send an unencoded
character in queryString it throws 400 error in the browser itself and no
Exception is thrown or seen explicitly.

After I switched to tomcat 9, when I send an unencoded character in queryString
it throws Exception and tomcat error page is shown. I configured error-page in
both the servers. 

I know that these characters can be relaxed by adding them in relaxedquerychars
in server.xml. But still it is a 400 error and ideally it must redirect me to
the configured error page.

Also when the response.setStatus(400) is called, error page is not redirected
in both the servers.

web.xml -


Tomcat 8.5.32 - 'This page isn’t working' is shown in browser.
Tomcat 9.0.13 - java.lang.IllegalArgumentException: Invalid character found in
the request target. The valid characters are defined in RFC 7230 and RFC 3986

is thrown and tomcat error page is shown. I have attached the screenshot of the
exception thrown. Do the needful.

Melvin A

You are receiving this mail because:
You are the assignee for the bug.
To unsubscribe, e-mail:
For additional commands, e-mail:

Reply via email to