Tushar,
On 8/8/24 05:20, Patil, Tushar wrote:
In older version [9.0.82]:
<Connector port="8010" protocol="org.apache.coyote.ajp.AjpNioProtocol" secure="false"
requiredSecret="388438" address="127.0.0.1"
tomcatAuthentication="false" enableLookups="false" maxPostSize="-1"
maxSavePostSize="8388608" maxParameterCount="-1"
useBodyEncodingForURI="true" URIEncoding="UTF-8" backlog="100"
packetSize="8192"
maxThreads="320" minSpareThreads="8"/>
In newer version[10.1.23]:
<Connector port="8010" protocol="org.apache.coyote.ajp.AjpNioProtocol" secure="false"
requiredSecret="904746" address="127.0.0.1"
tomcatAuthentication="false" enableLookups="false" maxPostSize="-1"
maxSavePostSize="8388608" maxParameterCount="-1"
useBodyEncodingForURI="true" URIEncoding="UTF-8" acceptCount="100"
packetSize="8192"
maxThreads="320" minSpareThreads="8" discardFacades="false"/>
IMPORTANT NOTE: You have posted your "requiredSecret" value and may want
to change that now that it is public.
I'm not sure why you would not have needed these in the past, but you
might need to add relaxedPathChars="|" in your <Connector> configuration
to allow these pipes.
If the pipes are also appearing in your query string, you may need to
set relaxedQueryChars to the same value.
Did you upgrade your reverse proxy as well, or only Tomcat?
-chris
________________________________
From: Mark Thomas <ma...@apache.org>
Sent: Thursday, August 8, 2024 2:31 PM
To: users@tomcat.apache.org <users@tomcat.apache.org>
Subject: Re: Upgraded tomcat 9.0.82 to 10.1.23 getting HTTP resonse 400 for
pipe charactets in URL
[You don't often get email from ma...@apache.org. Learn why this is important
at https://aka.ms/LearnAboutSenderIdentification ]
On 08/08/2024 08:19, Patil, Tushar wrote:
Hi Team,
After upgrading Apache Tomcat from 9.0.82 to 10.1.23, we started getting HTTP
response 400 if the URL contains a pipe(|) character.
According to the reference provided below, Apache made some related changes,
but these were implemented in versions 8.5.6 and earlier. Currently, we are not
able to figure out why we started getting this problem in 10.1.23.
Reference:
https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.redhat.com%2Fshow_bug.cgi%3Fid%3D1397484&data=05%7C02%7Ctuspatil%40ptc.com%7Cfaa92529fa2d4cb6c8c708dcb788f44b%7Cb9921086ff774d0d828acb3381f678e2%7C0%7C0%7C638587046060925564%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=X8H9WyT9rsf9dplGtgHaNIjo2NK1wUhRrX5EbOe80Yo%3D&reserved=0<https://bugzilla.redhat.com/show_bug.cgi?id=1397484>
Please help us to figure out the reason for the same.
Please provide the HTTP connector settings you used with both Tomcat
versions.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
