Is that in my control? The url is not one that appears on my website, it's something that was manually written by some client.
On Sat, Sep 9, 2017 at 1:12 PM, Martynas Jusevičius <marty...@atomgraph.com> wrote: > Tomcat is an HTTP sever, and if your client is sending invalid HTTP > requests, Tomcat is right to respond with 400. The solution is to fix the > client. > > On Sat, Sep 9, 2017 at 12:09 PM, Yuval Schwartz <yuval.schwa...@gmail.com> > wrote: > > > Hello Martynas, thanks. > > > > I'm not sure 404 is better than 400. > > > > Wouldn't it be preferable to validate the url before it has a chance to > > throw the exception? > > I guess my only reason for preferring this is because I don't want it > > crowding up my logs. > > I figure if I can filter it out beforehand then it's not really an > > exception? But I would be happy to hear thoughts on this as I'm still > > fairly new to programming. I'm not sure what is considered best practice > > here. > > > > Thanks. > > > > On Sat, Sep 9, 2017 at 12:24 PM, Martynas Jusevičius < > > marty...@atomgraph.com > > > wrote: > > > > > How is 404 beter than 400? > > > > > > On Sat, Sep 9, 2017 at 9:46 AM, Yuval Schwartz < > yuval.schwa...@gmail.com > > > > > > wrote: > > > > > > > Tomcat version:8.0.43 > > > > jdk1.8.0_05 > > > > > > > > Hello, > > > > > > > > I've asked a similar question in the past about illegal characters in > > the > > > > http request header (May 15, 2017). > > > > > > > > Certain users are able to send http requests to my server that > contain > > > the > > > > space character. > > > > This character is obviously not allowed. Tomcat recognizes it and > > throws > > > an > > > > IllegalArgumentException and a http response code 400 is returned to > > the > > > > client. > > > > From my logs: > > > > > > > > > > > > > > > > *Error parsing HTTP request header...* > > > > *java.lang.IllegalArgumentException: Invalid character found in the > > > > request > > > > target. The valid characters are defined in RFC 7230 and RFC 3986* > > > > > > > > Is there any way to validate the url before it reaches tomcat so > that I > > > can > > > > return a 404 if an invalid character is found in the url? I would > just > > > like > > > > to avoid exceptions being thrown where possible. > > > > > > > > Thank you. > > > > > > > > > >
