subject:"Tomcat 9 throws exception when sending unencoded charecters in QueryString"

Re: Tomcat 9 throws exception when sending unencoded charecters in QueryString

2018-12-19 Thread Mark Thomas

On 19/12/2018 04:58, Melvin wrote:
> Hi Christopher Schultz,
> *
> *
> I did not mean that the browser is throwing an error. My problem is that
> in 9.0.13 tomcat's error page is shown instead of my error page.

As Rémy has already explained:

- The URL is invalid
- Therefore, Tomcat reports an error
- Since the URL is invalid, Tomcat doesn't try mapping it to an
  application
- Therefore Tomcat doesn't use your application's error page
- Therefore you get Tomcat's standard error page via the
  ErrorReportValve

If you want to provide custom responses with the ErrorReportValve then
as of 9.0.6 onwards you can do so with static files (rather than
overriding the ErrorReportValve).

See

http://tomcat.apache.org/tomcat-9.0-doc/config/valve.html#Error_Report_Valve


and look for errorCode.nnn and exceptionType.fullyQualifiedClassName

Mark


> I have
> given error page location in web.xml. error.jsp is located in the root
> of my webapp.
> 
> I know that if I add '^' in relaxedquerychars there will be no error
> thrown by the server. I have no characters in my relaxedquerychars. In
> 8.5.35 the requested is rejected and tomcat's error page with
> exception is not shown, but it does in 9.0.13.
> 
> I will attach both the screenshots of 9.0.13 and 8.5.35. You kindly
> check and let me know. 
> 
> Regards,
> Melvin A
> 
> 
> On Tue, Dec 18, 2018 at 8:48 PM Christopher Schultz
> mailto:ch...@christopherschultz.net>> wrote:
> 
> Melvin,
> 
> On 12/18/18 04:21, Melvin wrote:
>> Tomcat 9.0.13 I switched from tomcat 8.5.35 to 9.0.13. In 8.5 when
>> I send an unencoded character in queryString it throws 400 error in
>> the browser itself and no Exception is thrown or seen explicitly.
> 
> That doesn't make any sense. Browsers don't throw HTTP errors.
> 
>> After I switched to tomcat 9, when I send an unencoded character
>> in queryString it throws Exception and tomcat error page is shown.
> As it should be.
> 
>> I configured error-page in both the servers.
> 
> How/where?
> 
>> I know that these characters can be relaxed by adding them in
>> relaxedquerychars in server.xml. But still it is a 400 error and
>> ideally it must redirect me to the configured error page.
> Are you saying that configuring relaxedquerychars does not work? If
> so, please post that configuration.
> 
>> Also when the response.setStatus(400) is called, error page is not
>> redirected in both the servers.
> 
> Where are you configuring your error page. This isn't unambiguous:
> 
>> web.xml   400
>> /error.jsp  
>> 500 /error.jsp
>>  
> 
> 
>> URL=http://localhost:9013/app1/paramTest.jsp?name=^ Tomcat 8.5.32
>> - 'This page isn’t working' is shown in browser. Tomcat 9.0.13 -
>> java.lang.IllegalArgumentException: Invalid character found in the
>> request target. The valid characters are defined in RFC 7230 and
>> RFC 3986
>> org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11Inpu
> tBuffer.java:467)
> 
> 
> org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:29
> 4)
>> org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLigh
> t.java:66)
> 
> 
> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractPro
> tocol.java:791)
>> org.apache.tomcat.util.net
> .NioEndpoint$SocketProcessor.doRun(NioEndpoi
> nt.java:1417)
> 
> 
> org.apache.tomcat.util.net
> .SocketProcessorBase.run(SocketProcessorBase.j
> ava:49)
>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.j
> ava:1149)
> 
> 
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.ja
> va:624)
>> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThr
> ead.java:61)
> 
> 
> java.lang.Thread.run(Thread.java:748) is thrown and tomcat error page is
>> shown. I have attached the screenshot of the exception thrown.
> 
> Attachments are stripped, but presumably, it's just a screenshot of
> the above.
> 
> Please explain where you have configured that error page, and show
> your relaxedquerychars setting (if you have one).
> 
> -chris
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> 
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 
> 
> 
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Tomcat 9 throws exception when sending unencoded charecters in QueryString

2018-12-18 Thread Melvin

Hi Christopher Schultz,

I did not mean that the browser is throwing an error. My problem is that in
9.0.13 tomcat's error page is shown instead of my error page. I have given
error page location in web.xml. error.jsp is located in the root of my
webapp.

I know that if I add '^' in relaxedquerychars there will be no error thrown
by the server. I have no characters in my relaxedquerychars. In 8.5.35 the
requested is rejected and tomcat's error page with exception is not shown,
but it does in 9.0.13.

I will attach both the screenshots of 9.0.13 and 8.5.35. You kindly check
and let me know.

Regards,
Melvin A


On Tue, Dec 18, 2018 at 8:48 PM Christopher Schultz <
ch...@christopherschultz.net> wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Melvin,
>
> On 12/18/18 04:21, Melvin wrote:
> > Tomcat 9.0.13 I switched from tomcat 8.5.35 to 9.0.13. In 8.5 when
> > I send an unencoded character in queryString it throws 400 error in
> > the browser itself and no Exception is thrown or seen explicitly.
>
> That doesn't make any sense. Browsers don't throw HTTP errors.
>
> > After I switched to tomcat 9, when I send an unencoded character
> > in queryString it throws Exception and tomcat error page is shown.
> As it should be.
>
> > I configured error-page in both the servers.
>
> How/where?
>
> > I know that these characters can be relaxed by adding them in
> > relaxedquerychars in server.xml. But still it is a 400 error and
> > ideally it must redirect me to the configured error page.
> Are you saying that configuring relaxedquerychars does not work? If
> so, please post that configuration.
>
> > Also when the response.setStatus(400) is called, error page is not
> > redirected in both the servers.
>
> Where are you configuring your error page. This isn't unambiguous:
>
> > web.xml   400
> > /error.jsp  
> > 500 /error.jsp
> >  
>
>
> > URL=http://localhost:9013/app1/paramTest.jsp?name=^ Tomcat 8.5.32
> > - 'This page isn’t working' is shown in browser. Tomcat 9.0.13 -
> > java.lang.IllegalArgumentException: Invalid character found in the
> > request target. The valid characters are defined in RFC 7230 and
> > RFC 3986
> > org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11Inpu
> tBuffer.java:467)
> >
> >
> org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:29
> 4)
> > org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLigh
> t.java:66)
> >
> >
> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractPro
> tocol.java:791)
> > org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoi
> nt.java:1417)
> >
> >
> org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.j
> ava:49)
> > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.j
> ava:1149)
> >
> >
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.ja
> va:624)
> > org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThr
> ead.java:61)
> >
> >
> java.lang.Thread.run(Thread.java:748) is thrown and tomcat error page is
> > shown. I have attached the screenshot of the exception thrown.
>
> Attachments are stripped, but presumably, it's just a screenshot of
> the above.
>
> Please explain where you have configured that error page, and show
> your relaxedquerychars setting (if you have one).
>
> - -chris
> -BEGIN PGP SIGNATURE-
> Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
>
> iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlwZD7oACgkQHPApP6U8
> pFg+1xAAsK6do1HFtdhQG4uNczRo/NgHOvDF0Z4yWolntEEZdDb+dzsqqtUZhRNg
> 5n3q9o3hL2bLBjy+zetuuIVBg7ZxmgcC0QnlhLW+zgOScvGRRSwFi/NOieBgEOe4
> fite15CdaSd9OSv/jVTDqkgL0LEGVnioGgzYaXlzmGWEI/6BpEbBwmLJpqofQ6ij
> EFVbDis2tPc/kwP8JPYll2ihFpPNUacEE+SB/BQyAzOXR1OzAGRYqMFZlfpwfpZ4
> cwCsTwWZeWmKX7PLQjyhE2lCT5a3tioLRAbIyw3P92WJTy4Iwn65EBnf6BcXLF0f
> zuYZYwV1VXut81g8nBcby08si2R+qFHyJ2nIQ2oJWurtf+W4FiQ6Sh4fF7pSN9aI
> FSEknFeFiAYgP/tNDCi40uRVe+HfRczMnYWScR7QmO0U5Ir6/5gM3I6hUOaOYQpl
> s1uL6Tqq7+/7HxSP5PKjxgYg6sJVk8qo7nHuUH/kvJP/gbEQtghJUhQ/xIrZq/e8
> Gg1xTmm4DGZ9xFl9RLHQQqvlbHVQuVfYYVsbfC3pHz2SSevIye+ZAg0CnyXCzFGs
> Ywgsf8VJ/yVbOp80wLd95zsbvmZ/7qK1mtx8aeeLzE8gCrOVr0yYagFsV+AiyQU7
> iGfckuRXbztZ33oJK1fY4Y+QELFuUD3ceAYTy+/L/Exw6NQg8Kc=
> =0by1
> -END PGP SIGNATURE-
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Tomcat 9 throws exception when sending unencoded charecters in QueryString

2018-12-18 Thread Christopher Schultz

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Melvin,

On 12/18/18 04:21, Melvin wrote:
> Tomcat 9.0.13 I switched from tomcat 8.5.35 to 9.0.13. In 8.5 when
> I send an unencoded character in queryString it throws 400 error in
> the browser itself and no Exception is thrown or seen explicitly.

That doesn't make any sense. Browsers don't throw HTTP errors.

> After I switched to tomcat 9, when I send an unencoded character
> in queryString it throws Exception and tomcat error page is shown.
As it should be.

> I configured error-page in both the servers.

How/where?

> I know that these characters can be relaxed by adding them in 
> relaxedquerychars in server.xml. But still it is a 400 error and 
> ideally it must redirect me to the configured error page.
Are you saying that configuring relaxedquerychars does not work? If
so, please post that configuration.

> Also when the response.setStatus(400) is called, error page is not 
> redirected in both the servers.

Where are you configuring your error page. This isn't unambiguous:

> web.xml   400
> /error.jsp  
> 500 /error.jsp
>  


> URL=http://localhost:9013/app1/paramTest.jsp?name=^ Tomcat 8.5.32
> - 'This page isn’t working' is shown in browser. Tomcat 9.0.13 - 
> java.lang.IllegalArgumentException: Invalid character found in the 
> request target. The valid characters are defined in RFC 7230 and
> RFC 3986 
> org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11Inpu
tBuffer.java:467)
>
> 
org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:29
4)
> org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLigh
t.java:66)
>
> 
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractPro
tocol.java:791)
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoi
nt.java:1417)
>
> 
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.j
ava:49)
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.j
ava:1149)
>
> 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.ja
va:624)
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThr
ead.java:61)
>
> 
java.lang.Thread.run(Thread.java:748) is thrown and tomcat error page is
> shown. I have attached the screenshot of the exception thrown.

Attachments are stripped, but presumably, it's just a screenshot of
the above.

Please explain where you have configured that error page, and show
your relaxedquerychars setting (if you have one).

- -chris
-BEGIN PGP SIGNATURE-
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/

iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlwZD7oACgkQHPApP6U8
pFg+1xAAsK6do1HFtdhQG4uNczRo/NgHOvDF0Z4yWolntEEZdDb+dzsqqtUZhRNg
5n3q9o3hL2bLBjy+zetuuIVBg7ZxmgcC0QnlhLW+zgOScvGRRSwFi/NOieBgEOe4
fite15CdaSd9OSv/jVTDqkgL0LEGVnioGgzYaXlzmGWEI/6BpEbBwmLJpqofQ6ij
EFVbDis2tPc/kwP8JPYll2ihFpPNUacEE+SB/BQyAzOXR1OzAGRYqMFZlfpwfpZ4
cwCsTwWZeWmKX7PLQjyhE2lCT5a3tioLRAbIyw3P92WJTy4Iwn65EBnf6BcXLF0f
zuYZYwV1VXut81g8nBcby08si2R+qFHyJ2nIQ2oJWurtf+W4FiQ6Sh4fF7pSN9aI
FSEknFeFiAYgP/tNDCi40uRVe+HfRczMnYWScR7QmO0U5Ir6/5gM3I6hUOaOYQpl
s1uL6Tqq7+/7HxSP5PKjxgYg6sJVk8qo7nHuUH/kvJP/gbEQtghJUhQ/xIrZq/e8
Gg1xTmm4DGZ9xFl9RLHQQqvlbHVQuVfYYVsbfC3pHz2SSevIye+ZAg0CnyXCzFGs
Ywgsf8VJ/yVbOp80wLd95zsbvmZ/7qK1mtx8aeeLzE8gCrOVr0yYagFsV+AiyQU7
iGfckuRXbztZ33oJK1fY4Y+QELFuUD3ceAYTy+/L/Exw6NQg8Kc=
=0by1
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Tomcat 9 throws exception when sending unencoded charecters in QueryString

2018-12-18 Thread Melvin

Tomcat 9.0.13

I switched from tomcat 8.5.35 to 9.0.13. In 8.5 when I send an
unencoded character in queryString it throws 400 error in the browser
itself and no Exception is thrown or seen explicitly.

After I switched to tomcat 9, when I send an unencoded character in
queryString it throws Exception and tomcat error page is shown. I
configured error-page in
both the servers.

I know that these characters can be relaxed by adding them in
relaxedquerychars in server.xml. But still it is a 400 error and
ideally it must redirect me to the configured error page.

Also when the response.setStatus(400) is called, error page is not
redirected in both the servers.

web.xml -


  
400
/error.jsp
  
  
500
/error.jsp
  



URL=http://localhost:9013/app1/paramTest.jsp?name=^
Tomcat 8.5.32 - 'This page isn’t working' is shown in browser.
Tomcat 9.0.13 - java.lang.IllegalArgumentException: Invalid character
found in the request target. The valid characters are defined in RFC
7230 and RFC 3986

org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:467)

org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:294)

org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)

org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:791)

org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1417)

org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)

java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)

java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)

org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
java.lang.Thread.run(Thread.java:748)

is thrown and tomcat error page is shown. I have attached the
screenshot of the exception thrown. Do the needful.

Regards,
Melvin A

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Tomcat 9 throws exception when sending unencoded charecters in QueryString

Re: Tomcat 9 throws exception when sending unencoded charecters in QueryString

Re: Tomcat 9 throws exception when sending unencoded charecters in QueryString

Tomcat 9 throws exception when sending unencoded charecters in QueryString

4 matches

Site Navigation

Mail list logo

Footer information