https://bz.apache.org/bugzilla/show_bug.cgi?id=66512
Bug ID: 66512
Summary: File downloads render as empty if access to Tomcat
based application is delegated via AJP
Product: Tomcat 9
Version: 9.0.73
Hardware: PC
Status: NEW
Severity: major
Priority: P2
Component: Util
Assignee: dev@tomcat.apache.org
Reporter: alexander.schuess...@plunet.com
Target Milestone: -----
Hi there,
I would like to place a report about an issue we are struggling with since we
installed latest security patches for Apache Tomcat and Apache HTTPD on our
hosting servers.
We - Plunet GmbH - develop a Java based application and our inbuilt file
manager is using a Java Servlet for the file exchange. Our application only
supports Java 8. There are plans to support 11 or 17 but we will need time for
this unfortunately so we can not just update Java in case this might help.
We see that since the latest updates of Tomcat users complaint that files with
Non-Unicode characters are downloaded as empty files. Such characters are for
instance greek, kyrillic or hebrew characters.
We see the following error in the stderror.log of Tomcat
01-Mar-2023 17:59:39.100 SCHWERWIEGEND [ajp-nio-127.0.0.1-9129-exec-3]
org.apache.coyote.ajp.AjpProcessor.service Error processing request
java.lang.IllegalArgumentException: Das Unicode Zeichen [Π] an Code Punkt [928]
kann nicht kodiert werden, da es außerhalb des erlaubten Bereiches von 0 bis
255 ist.
at org.apache.tomcat.util.buf.MessageBytes.toBytesSimple(MessageBytes.java:292)
We are aware that this issue happens since Tomcat 9.0.71 and also 9.0.73 did
not resolve it as we hoped to I am afraid so it is definitely related with one
of the latest changes in the MessageBytes implementation of the Tomcat Util
library as I could see them in the code history of this file.
This issue happens though ONLY if - as it is done on our SaaS servers - the
access to our application is delegated via AJP connectors. This is done because
all instances on a shared server access it via virtual hosting on ports 80 and
443.
Currently we have two possible fixing options which both work as we can
confirm:
1. We replace the tomcat-util.jar in Tomcat's lib directory with one from an
older Tomcat 9.x release. (this is not very practical though)
2. We change the delegation via mod_ajp to delegation via mod_proxy (this is
huge effort to change it for hundreds of instances)
We therefore wonder if this is considered to be a bug of maybe just a planned
change and we have to maybe change something in the config of server.xml or so.
But for me it rather feels like a bug, especially since it only happens in this
special scenario. I did some research in the web yet but I did not find anyone
who reported the same issue yet so I am putting it into this bugtracker.
Let me know in case you need more information for addressing my issue.
Thank you very much!
Cheers!
Alex
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
