I am using Tomcat 8. In one case I need to handle external request coming from external source where the request has a parameters where it is separated by |
.
Request is looks like this:
http://localhost:8080/app/handleResponse?msg=name|id|
In this case I am getting following error.
java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986 at org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:467) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:667) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:789) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1455) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:745)
EDIT 1
It works with Apache Tomcat 8.0.30 but not with Tomcat 8.5
The Apache Tomcat team announces that support for Apache Tomcat 8.0. x will end on 30 June 2018. This means that after 30 June 2018: releases from the 8.0.
Most common issue with Tomcat note starting is that Java is not configured properly, user trying to start Tomcat does not have permissions to do so, or another program is using port 8080 on that server.
Download Java Development Kit (JDK) versions 6 and 7 Building Apache Tomcat requires a Java 6 JDK to be installed and optionally a Java 7 JDK installed in parallel with Java 6 one. The Java 7 JDK is only required if you wish to build Tomcat with JSR-356 (Java WebSocket 1.1) support.
To allow illegal or invalid chars in a request in Spring Boot, we need to set the “relaxedQueryChars” config. We can do that in two ways: Defining the ConfigurableServletWebServerFactory bean in the configuration. Adding the environment variable to the property file.
This behavior is introduced in all major Tomcat releases:
To fix, do one of the following:
relaxedQueryChars
to allow this character (recommended, see Lincoln's answer)requestTargetAllow
option (deprecated in Tomcat 8.5) (see Jérémie's answer).Based on changelog, those changes could affect this behavior:
Tomcat 8.5.3:
Ensure that requests with HTTP method names that are not tokens (as required by RFC 7231) are rejected with a 400 response
Tomcat 8.5.7:
Add additional checks for valid characters to the HTTP request line parsing so invalid request lines are rejected sooner.
The best option (following the standard) - you want to encode your URL on client:
encodeURI("http://localhost:8080/app/handleResponse?msg=name|id|") > http://localhost:8080/app/handleResponse?msg=name%7Cid%7C
or just query string:
encodeURIComponent("msg=name|id|") > msg%3Dname%7Cid%7C
It will secure you from other problematic characters (list of invalid URI characters).
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With