> On Aug 8, 2024, at 08:46, Christopher Schultz <ch...@christopherschultz.net> > wrote: > > On 8/8/24 05:20, Patil, Tushar wrote: >> In older version [9.0.82]: >> <Connector port="8010" protocol="org.apache.coyote.ajp.AjpNioProtocol" >> secure="false" requiredSecret="388438" address="127.0.0.1" >> tomcatAuthentication="false" enableLookups="false" >> maxPostSize="-1" maxSavePostSize="8388608" maxParameterCount="-1" >> useBodyEncodingForURI="true" URIEncoding="UTF-8" >> backlog="100" packetSize="8192" >> maxThreads="320" minSpareThreads="8"/> >> In newer version[10.1.23]: >> <Connector port="8010" protocol="org.apache.coyote.ajp.AjpNioProtocol" >> secure="false" requiredSecret="904746" address="127.0.0.1" >> tomcatAuthentication="false" enableLookups="false" >> maxPostSize="-1" maxSavePostSize="8388608" maxParameterCount="-1" >> useBodyEncodingForURI="true" URIEncoding="UTF-8" >> acceptCount="100" packetSize="8192" >> maxThreads="320" minSpareThreads="8" discardFacades="false"/> > > IMPORTANT NOTE: You have posted your "requiredSecret" value and may want to > change that now that it is public. > > I'm not sure why you would not have needed these in the past, but you might > need to add relaxedPathChars="|" in your <Connector> configuration to allow > these pipes. > > If the pipes are also appearing in your query string, you may need to set > relaxedQueryChars to the same value.
The AJP connector documentation does not show relaxedPathChars nor relaxedQueryChars as valid configuration items - these are only in the HTTP/1.1 connector. I thought that the AJP connector expected the front end to do URL validation. - Chuck
