On 13/04/2020 17:25, Manuel Dominguez Sarmiento wrote: > Hi, we're reviewing our logs, are we are ocasionally getting the > following stack traces: > > 09-Apr-2020 11:29:19.489 INFO [tomcat-http-81] > org.apache.coyote.http11.Http11Processor.service Error parsing HTTP > request header > Note: further occurrences of HTTP request parsing errors will be logged > at DEBUG level. > java.lang.IllegalArgumentException: Invalid character found in > the request target. The valid characters are defined in RFC 7230 and RFC > 3986 > at > org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:488)
<snip/> > We understand this is a consequence of malformed requests, but we cannot > seem to pinpoint the cause. It seems these are clients outside of our > control (our servers are public-facing). The AccessLogValve does not log > these requests, so we cannot figure out what the request line is. Is > there any way logging could be improved in order to find out what is > causing this? The stack trace indicates the problem is in the query string if that helps. Yes, I think we should be able to do something here. The tricky part is that as soon as an invalid character is detected we have to be a lot more careful as the payload could be malicious. I'm not sure if we'll be able to get anything into the access log but it should be possible to improve the error message and include the problematic request line in some form. You probably won't see the exact request line as we'll need to encoded things like control characters etc. I'll look at this for the May round of releases. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
