Hi Bartek, We had the same issue and it seems that it was caused by jsessionid that it was appended in the URL... Adding in web.xml (in <session-config>),<tracking-mode>COOKIE</tracking-mode>, solved the problem for us.
Best Regards, Pavlos On Thu, Apr 1, 2021 at 12:32 PM Bartosz Nitkiewicz <[email protected]> wrote: > Hi, > We have a problem with proper loading CAS style during first use by a new > user. > There is an error log: > 2021-04-01 11:24:51,539 ERROR > [org.springframework.boot.web.servlet.support.ErrorPageFilter] - > org.springframework.security.web.firewall.RequestRejectedException: The > request was rejected because the URL contained a potentially malicious > String ";" > > 2021-04-01 11:24:51,540 ERROR > [org.springframework.boot.web.servlet.support.ErrorPageFilter] - > <Forwarding to error page from request > [/webjars/bootstrap/4.5.3/css/bootstrap-grid.min.css] due to exception [The > request was rejected because the URL contained a potentially malicious > String ";"]> > org.springframework.security.web.firewall.RequestRejectedException: The > request was rejected because the URL contained a potentially malicious > String ";" > > 2021-04-01 11:24:51,541 ERROR > [org.springframework.boot.web.servlet.support.ErrorPageFilter] - > <Forwarding to error page from request > [/webjars/material-components-web/8.0.0/dist/material-components-web.css] > due to exception [The request was rejected because the URL contained a > potentially malicious String ";"]> > org.springframework.security.web.firewall.RequestRejectedException: The > request was rejected because the URL contained a potentially malicious > String ";" > > 2021-04-01 11:24:51,542 ERROR > [org.springframework.boot.web.servlet.support.ErrorPageFilter] - > <Forwarding to error page from request > [/webjars/mdi__font/5.0.45/css/materialdesignicons.css] due to exception > [The request was rejected because the URL contained a potentially malicious > String ";"]> > org.springframework.security.web.firewall.RequestRejectedException: The > request was rejected because the URL contained a potentially malicious > String ";" > > And few errors more. > > > After refresh CAS is working fine, probably browser cache style file or > something. The error does not occur during further use of the application. > Does anyone have something similar? > Regards > Bartek > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/ec1ccff8-f49d-4fdb-91a6-a59db34051c9n%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/ec1ccff8-f49d-4fdb-91a6-a59db34051c9n%40apereo.org?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAKP%3DBg3%2BuE7VqOhDbYk5UJjXnpBtAnW-YmOuH%2BteGFXXz_7s6Q%40mail.gmail.com.
