Dear Mark, Thanks for your reply,
I have tried to address the issue of invalid characters by adding relaxedQueryChars parameter in the connector placed in server.xml , but still I am getting this exception!! relaxedQueryChars="[]|{}^\`"<>" Please note that we didn't face this issue with tomcat 7.x, and we start facing the issue with tomcat 8.x. Is this issue is addressed by current releases of Tomcat? -----Original Message----- From: Mark Thomas <ma...@apache.org> Sent: Wednesday, May 26, 2021 11:10 AM To: users@tomcat.apache.org Subject: [ALERT: Non-QU Sender] Re: Tomcat8.5.53: HTTP requests parsing error On 26/05/2021 09:02, Nada Mahmoud Ahmed Aboueata wrote: > Dear all, > > We are using Tomcat 8.5.53, and I have been noticing the attached > below exceptions in my logs. After looking deeply what kind of > requests that caused these exception, I noticed that some request > include Null http protocol and some special characters that cannot be handled > by Tomcat. > Also, we have noticed that these kind of requests might crash the web > server from time-time and caused OutOfMemoryError. That is highly unlikely. When an invalid request is received, Tomcat responds with a 400 response and closes the connection. The opportunity for an OOME is slim to nonexistant. > I am not sure if this issue is a bug in Tomcat 8.x that it cannot > handle these requests, so could you please advise what’s recommended > to avoid these exceptions? There error message is clear: "Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986." The client is sending an invaild HTTP request and Tomcat is, correctly, rejecting it. The recommended way to address isses such as this is to fix the broken clients that are sending invalid HTTP requests. Mark > > 02-Mar-2021 01:33:04.846 INFO > [https-jsse-nio-185.37.108.150-8443-exec-31] > org.apache.coyote.http11.Http11Processor.service Error parsing HTTP > request header > > Note: further occurrences of HTTP request parsing errors will be > logged at DEBUG level. > > java.lang.IllegalArgumentException: Invalid character found > in the HTTP protocol > > at > org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11Inpu > tBuffer.java:567) > > at > org.apache.coyote.http11.Http11Processor.service(Http11Processor.java: > 502) > > at > org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLigh > t.java:65) > > at > org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractP > rotocol.java:818) > > at > org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoi > nt.java:1623) > > at > org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase > .java:49) > > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.j > ava:1149) > > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor. > java:624) > > at > org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThr > ead.java:61) > > at java.lang.Thread.run(Thread.java:748) > > 24-May-2021 23:04:00.693 INFO > [https-jsse-nio-185.37.108.150-8443-exec-309] > org.apache.coyote.http11.Http11Processor.service Error parsing HTTP > request header > > Note: further occurrences of HTTP request parsing errors will be > logged at DEBUG level. > > java.lang.IllegalArgumentException: Invalid character > found in the request target. The valid characters are defined in RFC > 7230 and RFC 3986 > > at > org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11Inpu > tBuffer.java:502) > > at > org.apache.coyote.http11.Http11Processor.service(Http11Processor.java: > 502) > > at > org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLigh > t.java:65) > > at > org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractP > rotocol.java:818) > > at > org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoi > nt.java:1623) > > at > org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase > .java:49) > > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.j > ava:1149) > > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor. > java:624) > > at > org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThr > ead.java:61) > > at java.lang.Thread.run(Thread.java:748) > > Thanks! > > Nada Aboueata > > > > Nada Mahmoud Ahmed Aboueata > Application Developer > Information Technology Services Department > Tel.: +974 4403 6369 > Fax: +974 4403 3401 > Qatar University <http://www.qu.edu.qa>QU on Facebook > <https://www.facebook.com/qataruniversity> QU on Twitter > <https://twitter.com/qataruniversity> QU on YouTube > <http://www.youtube.com/qataruniversity> QU on LinkedIn > <http://www.linkedin.com/company/43068> QU on Instagram > <http://instagram.com/qataruniversity> QU on Google+ > <https://plus.google.com/+qataruniversity/posts> > > *Our Vision:* To be regionally recognized for distinctive excellence > in education and research, an institution of choice for students and > scholars and a catalyst for the sustainable socio-economic development > of Qatar. > > *رؤيتنا*: أن تعرف جامعة قطر إقليمياً بتميزها النوعي في التعليم والبحث > وبكونها الخيار المفضل لطلبة العلم والباحثين ومحفزاً للتنمية الاقتصادية > والاجتماعية المستدامة لدولة قطر. > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org