On 01/08/17 03:26, Bruce Huang wrote: > Hi all, > > We have placed a file named 檔名.txt into > the \apache-tomcat-8.0.43\webapps\Apps folder. And our client app can > retrieve the file by an HTTP GET request from the URL, for example, > http://192.168.1.1/Apps/檔名.txt (The 檔名 are two Chinese words) > > When it was on tomcat v8.0.23, everything works fine. However, after we > have migrated to the v8.0.43, the client app will receive response with > HTTP 400 Bad Request. The code that our client app used as below. Looks > like that it didn't encode the URL path and only translate the whitespace > to %20. > > Is there any solution that we can configure the tomcat 8.0.43 to make this > case works as usual(On tomcat v8.0.23), since there are lots of client > app deployed?
Sorry, no. This is part of the fix for CVE-2016-6816. Options have since been added to allow some illegal characters through but they will not be sufficient to allow the full range of UTF-8 bytes. The fix was added to 8.0.39 so any version up to 8.0.38 should work for you. You might be able to put a more lenient reverse proxy in front of Tomcat which will accept these characters and then pass the request (correctly encoded) to Tomcat. However that depends on finding a suitable reverse proxy. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
