Hello, we're using Tomcat 8.5_35 on Linux (CentOS7) and Windows (2016
Server and above) and here and there we see this in the logs...
org.apache.coyote.http11.AbstractHttp11Processor.process Error parsing HTTP
request header
Note: further occurrences of HTTP header parsing errors will be logged at
DEBUG level.
java.lang.IllegalArgumentException: Invalid character found in method
name. HTTP method names must be tokens
at
org.apache.coyote.http11.AbstractNioInputBuffer.parseRequestLine(AbstractNioInputBuffer.java:232)
I can provide the full stack trace if needed. But we've determined it
arises due to requests like this (from the access logs)...
"-" 400 -
I don't know how that happens. Maybe hacking attempt?
If I use Google, all I can find for the exception is that someone is
attempting to use https instead of http (their server is configured for the
latter only). We're using https on our server.
It's very difficult to search for the request line above.
What is this from? Or at least, is there a way to stop the exception stack
from showing up in the logs? Thanks.
