[Bug 63014] New: Tomcat 9 throws exception when sending unencoded charecters in QueryString

Tue, 18 Dec 2018 00:48:00 -0800 

https://bz.apache.org/bugzilla/show_bug.cgi?id=63014

            Bug ID: 63014
           Summary: Tomcat 9 throws exception when sending unencoded
                    charecters in QueryString
           Product: Tomcat 9
           Version: 9.0.13
          Hardware: PC
                OS: Mac OS X 10.1
            Status: NEW
          Severity: major
          Priority: P2
         Component: Connectors
          Assignee: dev@tomcat.apache.org
          Reporter: melvind...@gmail.com
  Target Milestone: -----

Created attachment 36333
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=36333&action=edit
Tomcat 9.0.13

I switched from tomcat 8.5.35 to 9.0.13. In 8.5 when I send an unencoded
character in queryString it throws 400 error in the browser itself and no
Exception is thrown or seen explicitly.

After I switched to tomcat 9, when I send an unencoded character in queryString
it throws Exception and tomcat error page is shown. I configured error-page in
both the servers. 

I know that these characters can be relaxed by adding them in relaxedquerychars
in server.xml. But still it is a 400 error and ideally it must redirect me to
the configured error page.

Also when the response.setStatus(400) is called, error page is not redirected
in both the servers.

web.xml -

<web-app>
  <error-page>
    <error-code>400</error-code>
    <location>/error.jsp</location>
  </error-page>
  <error-page>
    <error-code>500</error-code>
    <location>/error.jsp</location>
  </error-page>
</web-app>


URL=http://localhost:9013/app1/paramTest.jsp?name=^
Tomcat 8.5.32 - 'This page isn’t working' is shown in browser.
Tomcat 9.0.13 - java.lang.IllegalArgumentException: Invalid character found in
the request target. The valid characters are defined in RFC 7230 and RFC 3986
       
org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:467)
       
org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:294)
       
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
       
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:791)
       
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1417)
       
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
       
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
       
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
       
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
        java.lang.Thread.run(Thread.java:748)

is thrown and tomcat error page is shown. I have attached the screenshot of the
exception thrown. Do the needful.

Regards,
Melvin A

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to