Opened 5 years ago
Closed 5 years ago
#2179 closed defect (fixed)
HTTP Status 400 - Bad request when logging in
Reported by: | Nicklas Nordborg | Owned by: | everyone |
---|---|---|---|
Priority: | major | Milestone: | BASE 3.15.1 |
Component: | web | Version: | |
Keywords: | Cc: |
Description
I got the following error message one day when trying to log in:
HTTP Status 400 – Bad Request java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986 org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:467) org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:294) ...
Investigations showed that the user lacked permission to use the web client which caused BASE to generate an URL with an error message that contained the string &error=Permission+denied:+Not+allowed+to+use+Client[externalId=net.sf.basedb.clients.web]
The problems seems to be that [
and ]
must be encoded. I guess that the reason that we have not seen this before is that newer versions of Tomcat are more picky about this.
Change History (4)
comment:1 by , 5 years ago
Resolution: | → fixed |
---|---|
Status: | new → closed |
comment:3 by , 5 years ago
Resolution: | fixed |
---|---|
Status: | closed → reopened |
A side-effect of the fix is that I now get an error when trying to download a file from BASE:
HTTP Status 400 – Bad Request Type Status Report Message Invalid URI: noSlash Description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).
In 7710: