java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986

Question

java.lang.IllegalArgumentException: 
Invalid character found in the request target. 
The valid characters are defined in RFC 7230 and RFC 3986

This exception is caused by passing Chinese words in Get URLs. How can I resolve this issue in tomcat ?

We don't want to reduce the Tomcat version and ask our customer to encode the parameters.

Is there a way to fix this issue by changing configurations in tomcat ?

Answer 1

There is no way to fix this in Tomcat. The requests are not specification compliant so Tomcat will not permit them. There is a long history of security issues around different components in a system reacting differently to such URLs. Usually in the form of header and/or request injection. As a result, Tomcat's URL parsing has been tightened up and it is extremely unlikely it will be relaxed.

httpd is heading in the same direction for the same reasons.

The best long term option is to point out to the clients that the requests they are sending are not specification compliant and that they need to fix them (by using appropriate %nn encoding). On the Tomcat side, make sure Tomcat is using UTF-8. That is the default on newer versions. You might need to explicitly set it on older releases.