Tomcat is an HTTP sever, and if your client is sending invalid HTTP requests, Tomcat is right to respond with 400. The solution is to fix the client.
On Sat, Sep 9, 2017 at 12:09 PM, Yuval Schwartz <yuval.schwa...@gmail.com> wrote: > Hello Martynas, thanks. > > I'm not sure 404 is better than 400. > > Wouldn't it be preferable to validate the url before it has a chance to > throw the exception? > I guess my only reason for preferring this is because I don't want it > crowding up my logs. > I figure if I can filter it out beforehand then it's not really an > exception? But I would be happy to hear thoughts on this as I'm still > fairly new to programming. I'm not sure what is considered best practice > here. > > Thanks. > > On Sat, Sep 9, 2017 at 12:24 PM, Martynas Jusevičius < > marty...@atomgraph.com > > wrote: > > > How is 404 beter than 400? > > > > On Sat, Sep 9, 2017 at 9:46 AM, Yuval Schwartz <yuval.schwa...@gmail.com > > > > wrote: > > > > > Tomcat version:8.0.43 > > > jdk1.8.0_05 > > > > > > Hello, > > > > > > I've asked a similar question in the past about illegal characters in > the > > > http request header (May 15, 2017). > > > > > > Certain users are able to send http requests to my server that contain > > the > > > space character. > > > This character is obviously not allowed. Tomcat recognizes it and > throws > > an > > > IllegalArgumentException and a http response code 400 is returned to > the > > > client. > > > From my logs: > > > > > > > > > > > > *Error parsing HTTP request header...* > > > *java.lang.IllegalArgumentException: Invalid character found in the > > > request > > > target. The valid characters are defined in RFC 7230 and RFC 3986* > > > > > > Is there any way to validate the url before it reaches tomcat so that I > > can > > > return a 404 if an invalid character is found in the url? I would just > > like > > > to avoid exceptions being thrown where possible. > > > > > > Thank you. > > > > > >
