Mantis Bugtracker
  

Viewing Issue Simple Details Jump to Notes ] View Advanced ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0003359 [Resin] minor always 02-26-09 15:51 03-02-09 10:22
Reporter ferg View Status public  
Assigned To ferg
Priority normal Resolution fixed  
Status closed   Product Version 3.1.6
Summary 0003359: stack trace not wanted
Description (rep by Vinod Mehra)

I had an email exchange with you regarding this in the past, but I lost that email. Anyway we didn't find a solution at that time. Did you happen to file a bug for this? We would like to suppress this and give a better error page because the stack trace reveals the app server and version info. Which is a security concern.

Here are couple of urls for which it shows up:

http://developer.foo.com/....../ [^]

[show] The request contains an illegal URL.

com.caucho.server.dispatch.BadRequestException: The request contains an
illegal URL.
at com.caucho.server.dispatch.InvocationDecoder.normalizeUri(InvocationDecoder.java:385)
at com.caucho.server.dispatch.InvocationDecoder.normalizeUri(InvocationDecoder.java:328)
at com.caucho.server.dispatch.InvocationDecoder.splitQueryAndUnescape(InvocationDecoder.java:239)
at com.caucho.server.http.HttpRequest.handleRequest(HttpRequest.java:249)
at com.caucho.server.port.TcpConnection.run(TcpConnection.java:678)
at com.caucho.util.ThreadPool$Item.runTasks(ThreadPool.java:721)
at com.caucho.util.ThreadPool$Item.run(ThreadPool.java:643)
at java.lang.Thread.run(Thread.java:595)

If a URL has over 1056 characters, a resin error page is displayed.

http://developer.foo.com/aaaaaa [^] <snipped long url>
The request contains an illegal URL.

[show] The request contains an illegal URL.

com.caucho.server.dispatch.BadRequestException: The request contains an
illegal URL.
at com.caucho.server.dispatch.InvocationDecoder.normalizeUri(InvocationDecoder.java:345)
at com.caucho.server.dispatch.InvocationDecoder.normalizeUri(InvocationDecoder.java:328)
at com.caucho.server.dispatch.InvocationDecoder.splitQueryAndUnescape(InvocationDecoder.java:239)
at com.caucho.server.http.HttpRequest.handleRequest(HttpRequest.java:249)
at com.caucho.server.port.TcpConnection.run(TcpConnection.java:678)
at com.caucho.util.ThreadPool$Item.runTasks(ThreadPool.java:721)
at com.caucho.util.ThreadPool$Item.run(ThreadPool.java:643)
at java.lang.Thread.run(Thread.java:595)

Since BadRequestException is thrown outside the webapp context the error handlers in the app do not get a chance to handle it. Is it possible to invoke the error handler for the default webapp so that it gets a chance to handle it? Another option will be to have a provision for server wide error handlers.

Additional Information
Attached Files

- Relationships

There are no notes attached to this issue.

- Issue History
Date Modified Username Field Change
02-26-09 15:51 ferg New Issue
03-02-09 10:22 ferg Assigned To  => ferg
03-02-09 10:22 ferg Status new => closed
03-02-09 10:22 ferg Resolution open => fixed
03-02-09 10:22 ferg Fixed in Version  => 3.1.8


Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
26 total queries executed.
24 unique queries executed.
Powered by Mantis Bugtracker