Hi Tomcat Team,
When there is invalid characters, it return error message with
stacktrace as shown below. 1) is there any way to costmize error
message ? if yes, please let me know.
2) Is there any way to spress stack-trace being shown on 400 bad request ?
3) Based on Accept header (application/json), can JSON error be
constructed instead of html since client request application/json ?
Thank you for help in advance.
Thanks,
Bhavesh
Request :
===========
GET
/API/?where=type*!*%3d1%20UNION%20SELECT%20version(),null,null,null&deep=true&offset=0&limit=10
HTTP/1.1
Host: 10.192.58.135
Connection: close*Accept: application/json*
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64)
AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122
Safari/537.36
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Response :
=============
HTTP/1.1 400
Content-Type: text/html;charset=utf-8
Content-Language: en
Content-Length: 1988
Date: Sun, 01 Mar 2020 06:09:41 GMT
Connection: close
<!doctype html><html lang="en"><head><title>HTTP Status 400 – Bad
Request</title><style type="text/css">body
{font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b
{color:white;background-color:#525D76;} h1 {font-size:22px;} h2
{font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a
{color:black;} .line
{height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP
Status 400 – Bad Request</h1><hr class="line" /><p><b>Type</b>
Exception Report</p><p><b>Message</b> Invalid character found in the
request target. The valid characters are defined in RFC 7230 and RFC
3986</p><p><b>Description</b> The server cannot or will not process
the request due to something that is perceived to be a client error
(e.g., malformed request syntax, invalid request message framing, or
deceptive request
routing).</p><p><b>Exception</b></p><pre>java.lang.IllegalArgumentException:
Invalid character found in the request target. The valid characters
are defined in RFC 7230 and RFC 3986
org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:469)
org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:260)
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1639)
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
java.base/java.lang.Thread.run(Thread.java:834)
</pre><p><b>Note</b> The full stack trace of the root cause is
available in the server logs.</p><hr class="line" /><h3>Apache Tomcat
Version X</h3></body></html>
