On Wed, Mar 4, 2020 at 4:46 PM Mark Thomas <ma...@apache.org> wrote:
> On 04/03/2020 20:20, Robert Hicks wrote:
> > We are getting the following over and over in our catalina.out file:
> >
> > java.lang.IllegalArgumentException: Invalid character found in the
> request
> > target. The valid characters are defined in RFC 7230 and RFC 3986
>
> Do you know what URIs are triggering those?
>
> We recently improved the HTTP header logging to report invalid
> characters in %nn form. We could add that to this exception message so
> you have some chance of figuring out what the issue is.
>
> > Our server.xml has the following copied from an online search I think:
> >
> > relaxedQueryChars="[]|{}^\`"<>"
>
> That is all of the allowed characters.
>
> It is an attribute value so you'll need to encode at least " and <. Wjat
> you have above is fine.
>
> > I found something else that said the following might also help in
> > catalina.properties:
> >
> > org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true
>
> I'd be very careful using that.
>
>
> Mark
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
Thanks Mark, we are going to figure out when we can up the logging level to
capture it and move from there.
--
Bob
