Menu
I have a request URL of below format
http://hostname:port/path¶m1={"vars":[{"a":"val1","b":"^"},{"c":"val2","d":"^"}]}¶m2=Value3|95|3%20-%206%20Months
I changed catalina.properties as per this stackoverflow question .
But as per tomcat documentation tomcat.util.http.parser.HttpParser.requestTargetAllow property is deprecated and relaxedPathChars and relaxedQueryChars attributes are to be used with Connector tag instead.
However, when i change the xml file to below
<Connector connectionTimeout="20000" port="8080" protocol="HTTP/1.1" redirectPort="8443" relaxedQueryChars="^" relaxedPathChars="^"/>
I still get a 400 bad request for the character ^
I am not sure if this is the correct configuration.
749
The HTTP Connector element represents a Connector component that supports the HTTP/1.1 protocol. It enables Catalina to function as a stand-alone web server, in addition to its ability to execute servlets and JSP pages.
minSpareThreads : the minimum number of threads that should be running at all times. This includes idle and active threads. The default value is 10. maxConnections : the total number of concurrent connections that the server will accept and process.
XML. The server. xml file is Tomcat's main configuration file, and is responsible for specifying Tomcat's initial configuration on startup as well as defining the way and order in which Tomcat boots and builds. The elements of the server.
Ideally you should always URL-encode your query parameters before sending your request to the server. Read: https://www.talisman.org/~erlkonig/misc/lunatech%5Ewhat-every-webdev-must-know-about-url-encoding/
If you want to go down the relaxedQueryChars route, note that the following chars from your query are also in the set that you ought to add to the exception:
" { } [ ] ^ |
Try this in your server.xml:
<Connector connectionTimeout="20000" port="8080" protocol="HTTP/1.1" redirectPort="8443" relaxedQueryChars='^{}[]|"' />
More insight into relaxedQueryChars/relaxedPathChars on the bug ticket 62273. The change was added to all branches of Tomat:
I don't think you need the relaxedPathChars attribute at all (this refers to characters on the URL path). However, the Tomcat team's test results seem to suggest that the following could be used for maximum backward-compatibility:
relaxedPathChars='[]|'
relaxedQueryChars='[]|{}^\`"<>' />
nb/ the first arg to your query should be demarcated by ? not &
http://hostname:port/path?param1=...¶m2=...¶m3=...
154
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
